./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3757121888 <...> [pid 5594] close(12) = -1 EBADF (Bad file descriptor) [pid 5594] close(13) = -1 EBADF (Bad file descriptor) [pid 5594] close(14) = -1 EBADF (Bad file descriptor) [pid 5594] close(15) = -1 EBADF (Bad file descriptor) [pid 5594] close(16) = -1 EBADF (Bad file descriptor) [pid 5594] close(17) = -1 EBADF (Bad file descriptor) [pid 5594] close(18) = -1 EBADF (Bad file descriptor) [pid 5594] close(19) = -1 EBADF (Bad file descriptor) [pid 5594] close(20) = -1 EBADF (Bad file descriptor) [pid 5594] close(21) = -1 EBADF (Bad file descriptor) [pid 5594] close(22) = -1 EBADF (Bad file descriptor) [pid 5594] close(23) = -1 EBADF (Bad file descriptor) [pid 5594] close(24) = -1 EBADF (Bad file descriptor) [pid 5594] close(25) = -1 EBADF (Bad file descriptor) [pid 5594] close(26) = -1 EBADF (Bad file descriptor) [pid 5594] close(27) = -1 EBADF (Bad file descriptor) [pid 5594] close(28) = -1 EBADF (Bad file descriptor) [pid 5594] close(29) = -1 EBADF (Bad file descriptor) [pid 5594] exit_group(0) = ? [pid 5596] <... futex resumed>) = ? [pid 5595] <... futex resumed>) = ? [pid 5596] +++ exited with 0 +++ [pid 5595] +++ exited with 0 +++ [pid 5594] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=524, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5063] umount2("./174", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./174", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./174/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./174/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./174/cgroup.cpu") = 0 [pid 5063] umount2("./174/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./174/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./174/binderfs") = 0 [pid 5063] umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./174/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./174/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./174/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./174/file0") = 0 [pid 5063] umount2("./174/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./174/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./174/cgroup") = 0 [pid 5063] umount2("./174/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./174/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./174/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./174") = 0 [pid 5063] mkdir("./175", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5597 attached , child_tidptr=0x5555560b8690) = 527 [pid 5597] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5597] chdir("./175") = 0 [pid 5597] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5597] setpgid(0, 0) = 0 [pid 5597] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5597] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5597] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5597] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5597] write(3, "1000", 4) = 4 [pid 5597] close(3) = 0 [pid 5597] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5597] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5597] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5597] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5597] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5597] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5597] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5597] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5598 attached => {parent_tid=[528]}, 88) = 528 [pid 5598] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5597] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5597] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5598] <... rseq resumed>) = 0 [pid 5598] set_robust_list(0x7eff0a34a9a0, 24 [pid 5597] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5598] <... set_robust_list resumed>) = 0 [pid 5598] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5598] memfd_create("syzkaller", 0) = 3 [pid 5598] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5598] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5598] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5598] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5598] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5598] close(3) = 0 [pid 5598] mkdir("./file0", 0777) = 0 [pid 5598] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5598] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5598] chdir("./file0") = 0 [pid 5598] ioctl(4, LOOP_CLR_FD) = 0 [pid 5598] close(4) = 0 [pid 5598] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5598] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5597] <... futex resumed>) = 0 [pid 5597] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5598] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5597] <... futex resumed>) = 0 [pid 5598] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 154.606777][ T5598] loop0: detected capacity change from 0 to 4096 [ 154.628631][ T5598] ntfs: volume version 3.1. [pid 5597] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5598] <... openat resumed>) = 4 [pid 5598] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5597] <... futex resumed>) = 0 [pid 5598] <... futex resumed>) = 1 [pid 5597] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5598] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5597] <... futex resumed>) = 0 [pid 5597] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5597] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5597] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5597] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5597] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5597] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5599 attached [pid 5599] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5597] <... clone3 resumed> => {parent_tid=[529]}, 88) = 529 [pid 5599] <... rseq resumed>) = 0 [pid 5599] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5598] <... write resumed>) = 1048064 [pid 5597] rt_sigprocmask(SIG_SETMASK, [], [pid 5598] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5597] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5598] <... futex resumed>) = 0 [pid 5598] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5597] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5597] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5599] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5599] creat("./file1", 000) = 5 [pid 5599] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5597] <... futex resumed>) = 0 [pid 5599] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5597] close(3) = 0 [pid 5597] close(4) = 0 [pid 5597] close(5) = 0 [pid 5597] close(6) = -1 EBADF (Bad file descriptor) [pid 5597] close(7) = -1 EBADF (Bad file descriptor) [pid 5597] close(8) = -1 EBADF (Bad file descriptor) [pid 5597] close(9) = -1 EBADF (Bad file descriptor) [pid 5597] close(10) = -1 EBADF (Bad file descriptor) [pid 5597] close(11) = -1 EBADF (Bad file descriptor) [pid 5597] close(12) = -1 EBADF (Bad file descriptor) [pid 5597] close(13) = -1 EBADF (Bad file descriptor) [pid 5597] close(14) = -1 EBADF (Bad file descriptor) [pid 5597] close(15) = -1 EBADF (Bad file descriptor) [pid 5597] close(16) = -1 EBADF (Bad file descriptor) [pid 5597] close(17) = -1 EBADF (Bad file descriptor) [pid 5597] close(18) = -1 EBADF (Bad file descriptor) [pid 5597] close(19) = -1 EBADF (Bad file descriptor) [pid 5597] close(20) = -1 EBADF (Bad file descriptor) [pid 5597] close(21) = -1 EBADF (Bad file descriptor) [pid 5597] close(22) = -1 EBADF (Bad file descriptor) [pid 5597] close(23) = -1 EBADF (Bad file descriptor) [pid 5597] close(24) = -1 EBADF (Bad file descriptor) [pid 5597] close(25) = -1 EBADF (Bad file descriptor) [pid 5597] close(26) = -1 EBADF (Bad file descriptor) [pid 5597] close(27) = -1 EBADF (Bad file descriptor) [pid 5597] close(28) = -1 EBADF (Bad file descriptor) [pid 5597] close(29) = -1 EBADF (Bad file descriptor) [pid 5597] exit_group(0 [pid 5599] <... futex resumed>) = ? [pid 5598] <... futex resumed>) = ? [pid 5597] <... exit_group resumed>) = ? [pid 5599] +++ exited with 0 +++ [pid 5598] +++ exited with 0 +++ [pid 5597] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=527, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./175", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./175", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./175/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./175/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./175/cgroup.cpu") = 0 [pid 5063] umount2("./175/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./175/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./175/binderfs") = 0 [pid 5063] umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./175/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./175/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./175/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./175/file0") = 0 [pid 5063] umount2("./175/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./175/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./175/cgroup") = 0 [pid 5063] umount2("./175/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./175/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./175/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./175") = 0 [pid 5063] mkdir("./176", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5600 attached [pid 5600] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 530 [pid 5600] <... set_robust_list resumed>) = 0 [pid 5600] chdir("./176") = 0 [pid 5600] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5600] setpgid(0, 0) = 0 [pid 5600] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5600] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5600] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5600] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5600] write(3, "1000", 4) = 4 [pid 5600] close(3) = 0 [pid 5600] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5600] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5600] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5600] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5600] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5600] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5600] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5600] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5601 attached [pid 5601] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5600] <... clone3 resumed> => {parent_tid=[531]}, 88) = 531 [pid 5600] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5600] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5601] <... rseq resumed>) = 0 [pid 5601] set_robust_list(0x7eff0a34a9a0, 24 [pid 5600] <... futex resumed>) = 0 [pid 5601] <... set_robust_list resumed>) = 0 [pid 5600] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5601] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5601] memfd_create("syzkaller", 0) = 3 [pid 5601] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5601] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5601] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5601] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5601] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5601] close(3) = 0 [pid 5601] mkdir("./file0", 0777) = 0 [pid 5601] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5601] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5601] chdir("./file0") = 0 [pid 5601] ioctl(4, LOOP_CLR_FD) = 0 [pid 5601] close(4) = 0 [pid 5601] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5600] <... futex resumed>) = 0 [pid 5601] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5600] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5601] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5601] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5600] <... futex resumed>) = 0 [pid 5600] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5601] <... openat resumed>) = 4 [pid 5601] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5600] <... futex resumed>) = 0 [pid 5601] <... futex resumed>) = 1 [pid 5600] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5601] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5600] <... futex resumed>) = 0 [ 155.220607][ T5601] loop0: detected capacity change from 0 to 4096 [ 155.251514][ T5601] ntfs: volume version 3.1. [pid 5600] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5600] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5600] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5600] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5600] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5600] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5602 attached => {parent_tid=[532]}, 88) = 532 [pid 5602] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5600] rt_sigprocmask(SIG_SETMASK, [], [pid 5602] <... rseq resumed>) = 0 [pid 5602] set_robust_list(0x7eff0a3299a0, 24 [pid 5600] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5602] <... set_robust_list resumed>) = 0 [pid 5602] rt_sigprocmask(SIG_SETMASK, [], [pid 5600] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5602] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5602] creat("./file1", 000 [pid 5600] <... futex resumed>) = 0 [pid 5602] <... creat resumed>) = 5 [pid 5600] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5602] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5601] <... write resumed>) = 1048064 [pid 5601] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5600] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5601] <... futex resumed>) = 0 [pid 5600] close(3 [pid 5601] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5602] <... futex resumed>) = 0 [pid 5602] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5600] <... close resumed>) = 0 [pid 5600] close(4) = 0 [pid 5600] close(5) = 0 [pid 5600] close(6) = -1 EBADF (Bad file descriptor) [pid 5600] close(7) = -1 EBADF (Bad file descriptor) [pid 5600] close(8) = -1 EBADF (Bad file descriptor) [pid 5600] close(9) = -1 EBADF (Bad file descriptor) [pid 5600] close(10) = -1 EBADF (Bad file descriptor) [pid 5600] close(11) = -1 EBADF (Bad file descriptor) [pid 5600] close(12) = -1 EBADF (Bad file descriptor) [pid 5600] close(13) = -1 EBADF (Bad file descriptor) [pid 5600] close(14) = -1 EBADF (Bad file descriptor) [pid 5600] close(15) = -1 EBADF (Bad file descriptor) [pid 5600] close(16) = -1 EBADF (Bad file descriptor) [pid 5600] close(17) = -1 EBADF (Bad file descriptor) [pid 5600] close(18) = -1 EBADF (Bad file descriptor) [pid 5600] close(19) = -1 EBADF (Bad file descriptor) [pid 5600] close(20) = -1 EBADF (Bad file descriptor) [pid 5600] close(21) = -1 EBADF (Bad file descriptor) [pid 5600] close(22) = -1 EBADF (Bad file descriptor) [pid 5600] close(23) = -1 EBADF (Bad file descriptor) [pid 5600] close(24) = -1 EBADF (Bad file descriptor) [pid 5600] close(25) = -1 EBADF (Bad file descriptor) [pid 5600] close(26) = -1 EBADF (Bad file descriptor) [pid 5600] close(27) = -1 EBADF (Bad file descriptor) [pid 5600] close(28) = -1 EBADF (Bad file descriptor) [pid 5600] close(29) = -1 EBADF (Bad file descriptor) [pid 5600] exit_group(0) = ? [pid 5601] <... futex resumed>) = ? [pid 5602] <... futex resumed>) = ? [pid 5601] +++ exited with 0 +++ [pid 5602] +++ exited with 0 +++ [pid 5600] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=530, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./176", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./176", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./176/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./176/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./176/cgroup.cpu") = 0 [pid 5063] umount2("./176/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./176/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./176/binderfs") = 0 [pid 5063] umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./176/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./176/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./176/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./176/file0") = 0 [pid 5063] umount2("./176/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./176/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./176/cgroup") = 0 [pid 5063] umount2("./176/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./176/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./176/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./176") = 0 [pid 5063] mkdir("./177", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5603 attached , child_tidptr=0x5555560b8690) = 533 [pid 5603] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5603] chdir("./177") = 0 [pid 5603] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5603] setpgid(0, 0) = 0 [pid 5603] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5603] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5603] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5603] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5603] write(3, "1000", 4) = 4 [pid 5603] close(3) = 0 [pid 5603] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5603] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5603] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5603] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5603] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5603] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5603] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5603] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5604 attached => {parent_tid=[534]}, 88) = 534 [pid 5604] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5603] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5603] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5604] <... rseq resumed>) = 0 [pid 5604] set_robust_list(0x7eff0a34a9a0, 24 [pid 5603] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5604] <... set_robust_list resumed>) = 0 [pid 5604] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5604] memfd_create("syzkaller", 0) = 3 [pid 5604] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5604] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5604] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5604] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5604] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5604] close(3) = 0 [pid 5604] mkdir("./file0", 0777) = 0 [pid 5604] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5604] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5604] chdir("./file0") = 0 [pid 5604] ioctl(4, LOOP_CLR_FD) = 0 [pid 5604] close(4) = 0 [pid 5604] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5603] <... futex resumed>) = 0 [pid 5604] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5603] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 155.801965][ T5604] loop0: detected capacity change from 0 to 4096 [ 155.822702][ T5604] ntfs: volume version 3.1. [pid 5603] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5604] <... openat resumed>) = 4 [pid 5604] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5603] <... futex resumed>) = 0 [pid 5604] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5603] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5604] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5603] <... futex resumed>) = 0 [pid 5603] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5604] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5603] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5603] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5603] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5603] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5603] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5603] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5605 attached [pid 5605] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5603] <... clone3 resumed> => {parent_tid=[535]}, 88) = 535 [pid 5605] <... rseq resumed>) = 0 [pid 5605] set_robust_list(0x7eff0a3299a0, 24 [pid 5603] rt_sigprocmask(SIG_SETMASK, [], [pid 5605] <... set_robust_list resumed>) = 0 [pid 5603] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5605] rt_sigprocmask(SIG_SETMASK, [], [pid 5603] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5605] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5603] <... futex resumed>) = 0 [pid 5605] creat("./file1", 000 [pid 5603] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5605] <... creat resumed>) = 5 [pid 5604] <... write resumed>) = 1048064 [pid 5605] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5604] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5604] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5605] <... futex resumed>) = 1 [pid 5603] <... futex resumed>) = 0 [pid 5605] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5603] close(3) = 0 [pid 5603] close(4) = 0 [pid 5603] close(5) = 0 [pid 5603] close(6) = -1 EBADF (Bad file descriptor) [pid 5603] close(7) = -1 EBADF (Bad file descriptor) [pid 5603] close(8) = -1 EBADF (Bad file descriptor) [pid 5603] close(9) = -1 EBADF (Bad file descriptor) [pid 5603] close(10) = -1 EBADF (Bad file descriptor) [pid 5603] close(11) = -1 EBADF (Bad file descriptor) [pid 5603] close(12) = -1 EBADF (Bad file descriptor) [pid 5603] close(13) = -1 EBADF (Bad file descriptor) [pid 5603] close(14) = -1 EBADF (Bad file descriptor) [pid 5603] close(15) = -1 EBADF (Bad file descriptor) [pid 5603] close(16) = -1 EBADF (Bad file descriptor) [pid 5603] close(17) = -1 EBADF (Bad file descriptor) [pid 5603] close(18) = -1 EBADF (Bad file descriptor) [pid 5603] close(19) = -1 EBADF (Bad file descriptor) [pid 5603] close(20) = -1 EBADF (Bad file descriptor) [pid 5603] close(21) = -1 EBADF (Bad file descriptor) [pid 5603] close(22) = -1 EBADF (Bad file descriptor) [pid 5603] close(23) = -1 EBADF (Bad file descriptor) [pid 5603] close(24) = -1 EBADF (Bad file descriptor) [pid 5603] close(25) = -1 EBADF (Bad file descriptor) [pid 5603] close(26) = -1 EBADF (Bad file descriptor) [pid 5603] close(27) = -1 EBADF (Bad file descriptor) [pid 5603] close(28) = -1 EBADF (Bad file descriptor) [pid 5603] close(29) = -1 EBADF (Bad file descriptor) [pid 5603] exit_group(0 [pid 5605] <... futex resumed>) = ? [pid 5604] <... futex resumed>) = ? [pid 5603] <... exit_group resumed>) = ? [pid 5604] +++ exited with 0 +++ [pid 5605] +++ exited with 0 +++ [pid 5603] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=533, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./177", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./177", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./177/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./177/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./177/cgroup.cpu") = 0 [pid 5063] umount2("./177/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./177/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./177/binderfs") = 0 [pid 5063] umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./177/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./177/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./177/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./177/file0") = 0 [pid 5063] umount2("./177/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./177/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./177/cgroup") = 0 [pid 5063] umount2("./177/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./177/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./177/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./177") = 0 [pid 5063] mkdir("./178", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5606 attached , child_tidptr=0x5555560b8690) = 536 [pid 5606] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5606] chdir("./178") = 0 [pid 5606] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5606] setpgid(0, 0) = 0 [pid 5606] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5606] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5606] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5606] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5606] write(3, "1000", 4) = 4 [pid 5606] close(3) = 0 [pid 5606] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5606] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5606] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5606] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5606] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5606] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5606] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5606] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5607 attached [pid 5607] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5606] <... clone3 resumed> => {parent_tid=[537]}, 88) = 537 [pid 5607] <... rseq resumed>) = 0 [pid 5606] rt_sigprocmask(SIG_SETMASK, [], [pid 5607] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5606] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5607] rt_sigprocmask(SIG_SETMASK, [], [pid 5606] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5607] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5606] <... futex resumed>) = 0 [pid 5606] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5607] memfd_create("syzkaller", 0) = 3 [pid 5607] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5607] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5607] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5607] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5607] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5607] close(3) = 0 [pid 5607] mkdir("./file0", 0777) = 0 [pid 5607] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5607] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5607] chdir("./file0") = 0 [pid 5607] ioctl(4, LOOP_CLR_FD) = 0 [pid 5607] close(4) = 0 [ 156.201836][ T5607] loop0: detected capacity change from 0 to 4096 [ 156.232355][ T5607] ntfs: volume version 3.1. [pid 5607] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5607] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5606] <... futex resumed>) = 0 [pid 5606] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5607] <... futex resumed>) = 0 [pid 5606] <... futex resumed>) = 1 [pid 5607] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5606] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5607] <... openat resumed>) = 4 [pid 5607] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5606] <... futex resumed>) = 0 [pid 5607] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5606] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5607] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5606] <... futex resumed>) = 0 [pid 5607] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5606] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5606] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5606] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5606] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5606] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5606] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5608 attached [pid 5608] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5606] <... clone3 resumed> => {parent_tid=[538]}, 88) = 538 [pid 5608] <... rseq resumed>) = 0 [pid 5606] rt_sigprocmask(SIG_SETMASK, [], [pid 5608] set_robust_list(0x7eff0a3299a0, 24 [pid 5606] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5608] <... set_robust_list resumed>) = 0 [pid 5606] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5608] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5608] creat("./file1", 000 [pid 5606] <... futex resumed>) = 0 [pid 5606] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5608] <... creat resumed>) = 5 [pid 5607] <... write resumed>) = 1048064 [pid 5608] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5606] <... futex resumed>) = 0 [pid 5608] <... futex resumed>) = 1 [pid 5607] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5608] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5607] <... futex resumed>) = 0 [pid 5606] close(3 [pid 5607] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5606] <... close resumed>) = 0 [pid 5606] close(4) = 0 [pid 5606] close(5) = 0 [pid 5606] close(6) = -1 EBADF (Bad file descriptor) [pid 5606] close(7) = -1 EBADF (Bad file descriptor) [pid 5606] close(8) = -1 EBADF (Bad file descriptor) [pid 5606] close(9) = -1 EBADF (Bad file descriptor) [pid 5606] close(10) = -1 EBADF (Bad file descriptor) [pid 5606] close(11) = -1 EBADF (Bad file descriptor) [pid 5606] close(12) = -1 EBADF (Bad file descriptor) [pid 5606] close(13) = -1 EBADF (Bad file descriptor) [pid 5606] close(14) = -1 EBADF (Bad file descriptor) [pid 5606] close(15) = -1 EBADF (Bad file descriptor) [pid 5606] close(16) = -1 EBADF (Bad file descriptor) [pid 5606] close(17) = -1 EBADF (Bad file descriptor) [pid 5606] close(18) = -1 EBADF (Bad file descriptor) [pid 5606] close(19) = -1 EBADF (Bad file descriptor) [pid 5606] close(20) = -1 EBADF (Bad file descriptor) [pid 5606] close(21) = -1 EBADF (Bad file descriptor) [pid 5606] close(22) = -1 EBADF (Bad file descriptor) [pid 5606] close(23) = -1 EBADF (Bad file descriptor) [pid 5606] close(24) = -1 EBADF (Bad file descriptor) [pid 5606] close(25) = -1 EBADF (Bad file descriptor) [pid 5606] close(26) = -1 EBADF (Bad file descriptor) [pid 5606] close(27) = -1 EBADF (Bad file descriptor) [pid 5606] close(28) = -1 EBADF (Bad file descriptor) [pid 5606] close(29) = -1 EBADF (Bad file descriptor) [pid 5606] exit_group(0) = ? [pid 5608] <... futex resumed>) = ? [pid 5607] <... futex resumed>) = ? [pid 5608] +++ exited with 0 +++ [pid 5607] +++ exited with 0 +++ [pid 5606] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=536, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./178", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./178", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./178/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./178/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./178/cgroup.cpu") = 0 [pid 5063] umount2("./178/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./178/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./178/binderfs") = 0 [pid 5063] umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./178/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./178/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./178/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./178/file0") = 0 [pid 5063] umount2("./178/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./178/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./178/cgroup") = 0 [pid 5063] umount2("./178/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./178/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./178/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./178") = 0 [pid 5063] mkdir("./179", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5609 attached [pid 5609] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 539 [pid 5609] <... set_robust_list resumed>) = 0 [pid 5609] chdir("./179") = 0 [pid 5609] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5609] setpgid(0, 0) = 0 [pid 5609] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5609] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5609] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5609] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5609] write(3, "1000", 4) = 4 [pid 5609] close(3) = 0 [pid 5609] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5609] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5609] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5609] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5609] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5609] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5609] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5609] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5610 attached => {parent_tid=[540]}, 88) = 540 [pid 5610] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5609] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5610] <... rseq resumed>) = 0 [pid 5609] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5610] set_robust_list(0x7eff0a34a9a0, 24 [pid 5609] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5610] <... set_robust_list resumed>) = 0 [pid 5610] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5610] memfd_create("syzkaller", 0) = 3 [pid 5610] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5610] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5610] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5610] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5610] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5610] close(3) = 0 [pid 5610] mkdir("./file0", 0777) = 0 [pid 5610] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5610] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5610] chdir("./file0") = 0 [pid 5610] ioctl(4, LOOP_CLR_FD) = 0 [pid 5610] close(4) = 0 [pid 5610] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5609] <... futex resumed>) = 0 [pid 5610] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5609] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5609] <... futex resumed>) = 0 [pid 5610] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5609] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5610] <... openat resumed>) = 4 [pid 5610] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5609] <... futex resumed>) = 0 [pid 5610] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5609] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5610] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5609] <... futex resumed>) = 0 [pid 5610] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 156.812969][ T5610] loop0: detected capacity change from 0 to 4096 [ 156.843720][ T5610] ntfs: volume version 3.1. [pid 5609] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5609] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5609] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5609] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5609] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5609] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5611 attached [pid 5611] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5609] <... clone3 resumed> => {parent_tid=[541]}, 88) = 541 [pid 5611] <... rseq resumed>) = 0 [pid 5609] rt_sigprocmask(SIG_SETMASK, [], [pid 5611] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5609] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5611] rt_sigprocmask(SIG_SETMASK, [], [pid 5609] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5611] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5609] <... futex resumed>) = 0 [pid 5611] creat("./file1", 000 [pid 5609] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5611] <... creat resumed>) = 5 [pid 5610] <... write resumed>) = 1048064 [pid 5610] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5610] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5611] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5611] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5609] <... futex resumed>) = 0 [pid 5609] close(3) = 0 [pid 5609] close(4) = 0 [pid 5609] close(5) = 0 [pid 5609] close(6) = -1 EBADF (Bad file descriptor) [pid 5609] close(7) = -1 EBADF (Bad file descriptor) [pid 5609] close(8) = -1 EBADF (Bad file descriptor) [pid 5609] close(9) = -1 EBADF (Bad file descriptor) [pid 5609] close(10) = -1 EBADF (Bad file descriptor) [pid 5609] close(11) = -1 EBADF (Bad file descriptor) [pid 5609] close(12) = -1 EBADF (Bad file descriptor) [pid 5609] close(13) = -1 EBADF (Bad file descriptor) [pid 5609] close(14) = -1 EBADF (Bad file descriptor) [pid 5609] close(15) = -1 EBADF (Bad file descriptor) [pid 5609] close(16) = -1 EBADF (Bad file descriptor) [pid 5609] close(17) = -1 EBADF (Bad file descriptor) [pid 5609] close(18) = -1 EBADF (Bad file descriptor) [pid 5609] close(19) = -1 EBADF (Bad file descriptor) [pid 5609] close(20) = -1 EBADF (Bad file descriptor) [pid 5609] close(21) = -1 EBADF (Bad file descriptor) [pid 5609] close(22) = -1 EBADF (Bad file descriptor) [pid 5609] close(23) = -1 EBADF (Bad file descriptor) [pid 5609] close(24) = -1 EBADF (Bad file descriptor) [pid 5609] close(25) = -1 EBADF (Bad file descriptor) [pid 5609] close(26) = -1 EBADF (Bad file descriptor) [pid 5609] close(27) = -1 EBADF (Bad file descriptor) [pid 5609] close(28) = -1 EBADF (Bad file descriptor) [pid 5609] close(29) = -1 EBADF (Bad file descriptor) [pid 5609] exit_group(0 [pid 5611] <... futex resumed>) = ? [pid 5610] <... futex resumed>) = ? [pid 5609] <... exit_group resumed>) = ? [pid 5611] +++ exited with 0 +++ [pid 5610] +++ exited with 0 +++ [pid 5609] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=539, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./179", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./179", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./179/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./179/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./179/cgroup.cpu") = 0 [pid 5063] umount2("./179/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./179/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./179/binderfs") = 0 [pid 5063] umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./179/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./179/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./179/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./179/file0") = 0 [pid 5063] umount2("./179/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./179/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./179/cgroup") = 0 [pid 5063] umount2("./179/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./179/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./179/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./179") = 0 [pid 5063] mkdir("./180", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 542 ./strace-static-x86_64: Process 5612 attached [pid 5612] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5612] chdir("./180") = 0 [pid 5612] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5612] setpgid(0, 0) = 0 [pid 5612] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5612] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5612] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5612] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5612] write(3, "1000", 4) = 4 [pid 5612] close(3) = 0 [pid 5612] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5612] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5612] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5612] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5612] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5612] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5612] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5612] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5613 attached => {parent_tid=[543]}, 88) = 543 [pid 5613] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5612] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5612] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5613] <... rseq resumed>) = 0 [pid 5613] set_robust_list(0x7eff0a34a9a0, 24 [pid 5612] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5613] <... set_robust_list resumed>) = 0 [pid 5613] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5613] memfd_create("syzkaller", 0) = 3 [pid 5613] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5613] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5613] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5613] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5613] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5613] close(3) = 0 [pid 5613] mkdir("./file0", 0777) = 0 [pid 5613] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5613] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5613] chdir("./file0") = 0 [pid 5613] ioctl(4, LOOP_CLR_FD) = 0 [pid 5613] close(4) = 0 [pid 5613] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5613] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5612] <... futex resumed>) = 0 [pid 5612] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5613] <... futex resumed>) = 0 [pid 5612] <... futex resumed>) = 1 [pid 5613] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5612] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5613] <... openat resumed>) = 4 [pid 5613] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5612] <... futex resumed>) = 0 [pid 5613] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5612] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5613] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5612] <... futex resumed>) = 0 [pid 5613] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 157.331804][ T5613] loop0: detected capacity change from 0 to 4096 [ 157.356569][ T5613] ntfs: volume version 3.1. [pid 5612] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5612] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5612] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5612] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5612] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5612] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5614 attached => {parent_tid=[544]}, 88) = 544 [pid 5614] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5612] rt_sigprocmask(SIG_SETMASK, [], [pid 5614] set_robust_list(0x7eff0a3299a0, 24 [pid 5612] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5614] <... set_robust_list resumed>) = 0 [pid 5612] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5614] rt_sigprocmask(SIG_SETMASK, [], [pid 5612] <... futex resumed>) = 0 [pid 5614] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5612] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5614] creat("./file1", 000) = 5 [pid 5614] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5613] <... write resumed>) = 1048064 [pid 5614] <... futex resumed>) = 1 [pid 5613] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5612] <... futex resumed>) = 0 [pid 5614] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5613] <... futex resumed>) = 0 [pid 5612] close(3 [pid 5613] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5612] <... close resumed>) = 0 [pid 5612] close(4) = 0 [pid 5612] close(5) = 0 [pid 5612] close(6) = -1 EBADF (Bad file descriptor) [pid 5612] close(7) = -1 EBADF (Bad file descriptor) [pid 5612] close(8) = -1 EBADF (Bad file descriptor) [pid 5612] close(9) = -1 EBADF (Bad file descriptor) [pid 5612] close(10) = -1 EBADF (Bad file descriptor) [pid 5612] close(11) = -1 EBADF (Bad file descriptor) [pid 5612] close(12) = -1 EBADF (Bad file descriptor) [pid 5612] close(13) = -1 EBADF (Bad file descriptor) [pid 5612] close(14) = -1 EBADF (Bad file descriptor) [pid 5612] close(15) = -1 EBADF (Bad file descriptor) [pid 5612] close(16) = -1 EBADF (Bad file descriptor) [pid 5612] close(17) = -1 EBADF (Bad file descriptor) [pid 5612] close(18) = -1 EBADF (Bad file descriptor) [pid 5612] close(19) = -1 EBADF (Bad file descriptor) [pid 5612] close(20) = -1 EBADF (Bad file descriptor) [pid 5612] close(21) = -1 EBADF (Bad file descriptor) [pid 5612] close(22) = -1 EBADF (Bad file descriptor) [pid 5612] close(23) = -1 EBADF (Bad file descriptor) [pid 5612] close(24) = -1 EBADF (Bad file descriptor) [pid 5612] close(25) = -1 EBADF (Bad file descriptor) [pid 5612] close(26) = -1 EBADF (Bad file descriptor) [pid 5612] close(27) = -1 EBADF (Bad file descriptor) [pid 5612] close(28) = -1 EBADF (Bad file descriptor) [pid 5612] close(29) = -1 EBADF (Bad file descriptor) [pid 5612] exit_group(0) = ? [pid 5614] <... futex resumed>) = ? [pid 5613] <... futex resumed>) = ? [pid 5614] +++ exited with 0 +++ [pid 5613] +++ exited with 0 +++ [pid 5612] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=542, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./180", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./180", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./180/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./180/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./180/cgroup.cpu") = 0 [pid 5063] umount2("./180/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./180/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./180/binderfs") = 0 [pid 5063] umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./180/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./180/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./180/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./180/file0") = 0 [pid 5063] umount2("./180/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./180/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./180/cgroup") = 0 [pid 5063] umount2("./180/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./180/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./180/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./180") = 0 [pid 5063] mkdir("./181", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5615 attached , child_tidptr=0x5555560b8690) = 545 [pid 5615] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5615] chdir("./181") = 0 [pid 5615] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5615] setpgid(0, 0) = 0 [pid 5615] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5615] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5615] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5615] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5615] write(3, "1000", 4) = 4 [pid 5615] close(3) = 0 [pid 5615] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5615] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5615] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5615] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5615] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5615] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5615] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5615] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5616 attached => {parent_tid=[546]}, 88) = 546 [pid 5616] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5615] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5615] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5615] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5616] <... rseq resumed>) = 0 [pid 5616] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5616] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5616] memfd_create("syzkaller", 0) = 3 [pid 5616] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5616] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5616] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5616] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5616] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5616] close(3) = 0 [pid 5616] mkdir("./file0", 0777) = 0 [pid 5616] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5616] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5616] chdir("./file0") = 0 [pid 5616] ioctl(4, LOOP_CLR_FD) = 0 [pid 5616] close(4) = 0 [pid 5616] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5615] <... futex resumed>) = 0 [pid 5616] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5615] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5616] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5615] <... futex resumed>) = 0 [pid 5616] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5615] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5616] <... openat resumed>) = 4 [pid 5616] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5615] <... futex resumed>) = 0 [pid 5616] <... futex resumed>) = 1 [pid 5615] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5616] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5615] <... futex resumed>) = 0 [ 157.891201][ T5616] loop0: detected capacity change from 0 to 4096 [ 157.916614][ T5616] ntfs: volume version 3.1. [pid 5615] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5615] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5615] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5615] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5615] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5615] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5617 attached => {parent_tid=[547]}, 88) = 547 [pid 5617] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5615] rt_sigprocmask(SIG_SETMASK, [], [pid 5617] <... rseq resumed>) = 0 [pid 5615] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5617] set_robust_list(0x7eff0a3299a0, 24 [pid 5615] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5617] <... set_robust_list resumed>) = 0 [pid 5615] <... futex resumed>) = 0 [pid 5615] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5617] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5617] creat("./file1", 000) = 5 [pid 5617] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5616] <... write resumed>) = 1048064 [pid 5617] <... futex resumed>) = 1 [pid 5615] <... futex resumed>) = 0 [pid 5617] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5616] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5616] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5615] close(3) = 0 [pid 5615] close(4) = 0 [pid 5615] close(5) = 0 [pid 5615] close(6) = -1 EBADF (Bad file descriptor) [pid 5615] close(7) = -1 EBADF (Bad file descriptor) [pid 5615] close(8) = -1 EBADF (Bad file descriptor) [pid 5615] close(9) = -1 EBADF (Bad file descriptor) [pid 5615] close(10) = -1 EBADF (Bad file descriptor) [pid 5615] close(11) = -1 EBADF (Bad file descriptor) [pid 5615] close(12) = -1 EBADF (Bad file descriptor) [pid 5615] close(13) = -1 EBADF (Bad file descriptor) [pid 5615] close(14) = -1 EBADF (Bad file descriptor) [pid 5615] close(15) = -1 EBADF (Bad file descriptor) [pid 5615] close(16) = -1 EBADF (Bad file descriptor) [pid 5615] close(17) = -1 EBADF (Bad file descriptor) [pid 5615] close(18) = -1 EBADF (Bad file descriptor) [pid 5615] close(19) = -1 EBADF (Bad file descriptor) [pid 5615] close(20) = -1 EBADF (Bad file descriptor) [pid 5615] close(21) = -1 EBADF (Bad file descriptor) [pid 5615] close(22) = -1 EBADF (Bad file descriptor) [pid 5615] close(23) = -1 EBADF (Bad file descriptor) [pid 5615] close(24) = -1 EBADF (Bad file descriptor) [pid 5615] close(25) = -1 EBADF (Bad file descriptor) [pid 5615] close(26) = -1 EBADF (Bad file descriptor) [pid 5615] close(27) = -1 EBADF (Bad file descriptor) [pid 5615] close(28) = -1 EBADF (Bad file descriptor) [pid 5615] close(29) = -1 EBADF (Bad file descriptor) [pid 5615] exit_group(0) = ? [pid 5617] <... futex resumed>) = ? [pid 5616] <... futex resumed>) = ? [pid 5616] +++ exited with 0 +++ [pid 5617] +++ exited with 0 +++ [pid 5615] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=545, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./181", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./181", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./181/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./181/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./181/cgroup.cpu") = 0 [pid 5063] umount2("./181/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./181/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./181/binderfs") = 0 [pid 5063] umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./181/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./181/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./181/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./181/file0") = 0 [pid 5063] umount2("./181/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./181/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./181/cgroup") = 0 [pid 5063] umount2("./181/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./181/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./181/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./181") = 0 [pid 5063] mkdir("./182", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5618 attached , child_tidptr=0x5555560b8690) = 548 [pid 5618] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5618] chdir("./182") = 0 [pid 5618] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5618] setpgid(0, 0) = 0 [pid 5618] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5618] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5618] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5618] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5618] write(3, "1000", 4) = 4 [pid 5618] close(3) = 0 [pid 5618] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5618] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5618] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5618] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5618] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5618] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5618] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5618] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5619 attached [pid 5619] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5618] <... clone3 resumed> => {parent_tid=[549]}, 88) = 549 [pid 5618] rt_sigprocmask(SIG_SETMASK, [], [pid 5619] <... rseq resumed>) = 0 [pid 5618] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5618] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5618] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5619] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5619] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5619] memfd_create("syzkaller", 0) = 3 [pid 5619] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5619] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5619] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5619] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5619] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5619] close(3) = 0 [pid 5619] mkdir("./file0", 0777) = 0 [pid 5619] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5619] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5619] chdir("./file0") = 0 [pid 5619] ioctl(4, LOOP_CLR_FD) = 0 [pid 5619] close(4) = 0 [pid 5619] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5618] <... futex resumed>) = 0 [pid 5619] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5618] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5619] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5619] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5618] <... futex resumed>) = 0 [ 158.538130][ T5619] loop0: detected capacity change from 0 to 4096 [ 158.570039][ T5619] ntfs: volume version 3.1. [pid 5619] <... openat resumed>) = 4 [pid 5618] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5619] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5618] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5619] <... futex resumed>) = 0 [pid 5619] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5618] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5618] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5618] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5618] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5618] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5618] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5618] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5620 attached [pid 5620] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5618] <... clone3 resumed> => {parent_tid=[550]}, 88) = 550 [pid 5620] <... rseq resumed>) = 0 [pid 5618] rt_sigprocmask(SIG_SETMASK, [], [pid 5620] set_robust_list(0x7eff0a3299a0, 24 [pid 5618] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5620] <... set_robust_list resumed>) = 0 [pid 5618] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5620] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5618] <... futex resumed>) = 0 [pid 5620] creat("./file1", 000 [pid 5618] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5620] <... creat resumed>) = 5 [pid 5619] <... write resumed>) = 1048064 [pid 5620] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5619] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5620] <... futex resumed>) = 1 [pid 5618] <... futex resumed>) = 0 [pid 5620] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5619] <... futex resumed>) = 0 [pid 5619] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5618] close(3) = 0 [pid 5618] close(4) = 0 [pid 5618] close(5) = 0 [pid 5618] close(6) = -1 EBADF (Bad file descriptor) [pid 5618] close(7) = -1 EBADF (Bad file descriptor) [pid 5618] close(8) = -1 EBADF (Bad file descriptor) [pid 5618] close(9) = -1 EBADF (Bad file descriptor) [pid 5618] close(10) = -1 EBADF (Bad file descriptor) [pid 5618] close(11) = -1 EBADF (Bad file descriptor) [pid 5618] close(12) = -1 EBADF (Bad file descriptor) [pid 5618] close(13) = -1 EBADF (Bad file descriptor) [pid 5618] close(14) = -1 EBADF (Bad file descriptor) [pid 5618] close(15) = -1 EBADF (Bad file descriptor) [pid 5618] close(16) = -1 EBADF (Bad file descriptor) [pid 5618] close(17) = -1 EBADF (Bad file descriptor) [pid 5618] close(18) = -1 EBADF (Bad file descriptor) [pid 5618] close(19) = -1 EBADF (Bad file descriptor) [pid 5618] close(20) = -1 EBADF (Bad file descriptor) [pid 5618] close(21) = -1 EBADF (Bad file descriptor) [pid 5618] close(22) = -1 EBADF (Bad file descriptor) [pid 5618] close(23) = -1 EBADF (Bad file descriptor) [pid 5618] close(24) = -1 EBADF (Bad file descriptor) [pid 5618] close(25) = -1 EBADF (Bad file descriptor) [pid 5618] close(26) = -1 EBADF (Bad file descriptor) [pid 5618] close(27) = -1 EBADF (Bad file descriptor) [pid 5618] close(28) = -1 EBADF (Bad file descriptor) [pid 5618] close(29) = -1 EBADF (Bad file descriptor) [pid 5618] exit_group(0 [pid 5620] <... futex resumed>) = ? [pid 5619] <... futex resumed>) = ? [pid 5618] <... exit_group resumed>) = ? [pid 5619] +++ exited with 0 +++ [pid 5620] +++ exited with 0 +++ [pid 5618] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=548, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./182", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./182", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./182/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./182/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./182/cgroup.cpu") = 0 [pid 5063] umount2("./182/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./182/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./182/binderfs") = 0 [pid 5063] umount2("./182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./182/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./182/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./182/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./182/file0") = 0 [pid 5063] umount2("./182/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./182/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./182/cgroup") = 0 [pid 5063] umount2("./182/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./182/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./182/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./182") = 0 [pid 5063] mkdir("./183", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5621 attached , child_tidptr=0x5555560b8690) = 551 [pid 5621] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5621] chdir("./183") = 0 [pid 5621] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5621] setpgid(0, 0) = 0 [pid 5621] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5621] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5621] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5621] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5621] write(3, "1000", 4) = 4 [pid 5621] close(3) = 0 [pid 5621] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5621] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5621] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5621] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5621] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5621] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5621] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5621] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5622 attached => {parent_tid=[552]}, 88) = 552 [pid 5622] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5621] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5621] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5621] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5622] <... rseq resumed>) = 0 [pid 5622] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5622] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5622] memfd_create("syzkaller", 0) = 3 [pid 5622] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5622] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5622] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5622] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5622] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5622] close(3) = 0 [pid 5622] mkdir("./file0", 0777) = 0 [ 159.103411][ T5622] loop0: detected capacity change from 0 to 4096 [ 159.117447][ T5622] __ntfs_warning: 170 callbacks suppressed [ 159.117454][ T5622] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 159.144052][ T5622] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 159.153885][ T5622] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 159.170060][ T5622] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 159.178850][ T5622] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 159.199097][ T5622] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 159.207938][ T5622] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 159.228477][ T5622] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5622] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5622] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5622] chdir("./file0") = 0 [pid 5622] ioctl(4, LOOP_CLR_FD) = 0 [pid 5622] close(4) = 0 [pid 5622] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5621] <... futex resumed>) = 0 [pid 5622] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5621] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5622] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5621] <... futex resumed>) = 0 [pid 5622] <... openat resumed>) = 4 [pid 5621] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 159.237207][ T5622] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 159.257777][ T5622] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 159.269531][ T5622] ntfs: volume version 3.1. [pid 5622] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5621] <... futex resumed>) = 0 [pid 5622] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5621] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5622] <... futex resumed>) = 0 [pid 5621] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5622] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5621] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5621] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5621] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5621] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5621] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5621] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5623 attached => {parent_tid=[553]}, 88) = 553 [pid 5623] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5621] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5623] <... rseq resumed>) = 0 [pid 5621] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5623] set_robust_list(0x7eff0a3299a0, 24 [pid 5621] <... futex resumed>) = 0 [pid 5621] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5623] <... set_robust_list resumed>) = 0 [pid 5623] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5623] creat("./file1", 000) = 5 [pid 5622] <... write resumed>) = 1048064 [pid 5622] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5622] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5623] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5623] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5621] <... futex resumed>) = 0 [pid 5621] close(3) = 0 [pid 5621] close(4) = 0 [pid 5621] close(5) = 0 [pid 5621] close(6) = -1 EBADF (Bad file descriptor) [pid 5621] close(7) = -1 EBADF (Bad file descriptor) [pid 5621] close(8) = -1 EBADF (Bad file descriptor) [pid 5621] close(9) = -1 EBADF (Bad file descriptor) [pid 5621] close(10) = -1 EBADF (Bad file descriptor) [pid 5621] close(11) = -1 EBADF (Bad file descriptor) [pid 5621] close(12) = -1 EBADF (Bad file descriptor) [pid 5621] close(13) = -1 EBADF (Bad file descriptor) [pid 5621] close(14) = -1 EBADF (Bad file descriptor) [pid 5621] close(15) = -1 EBADF (Bad file descriptor) [pid 5621] close(16) = -1 EBADF (Bad file descriptor) [pid 5621] close(17) = -1 EBADF (Bad file descriptor) [pid 5621] close(18) = -1 EBADF (Bad file descriptor) [pid 5621] close(19) = -1 EBADF (Bad file descriptor) [pid 5621] close(20) = -1 EBADF (Bad file descriptor) [pid 5621] close(21) = -1 EBADF (Bad file descriptor) [pid 5621] close(22) = -1 EBADF (Bad file descriptor) [pid 5621] close(23) = -1 EBADF (Bad file descriptor) [pid 5621] close(24) = -1 EBADF (Bad file descriptor) [pid 5621] close(25) = -1 EBADF (Bad file descriptor) [pid 5621] close(26) = -1 EBADF (Bad file descriptor) [pid 5621] close(27) = -1 EBADF (Bad file descriptor) [pid 5621] close(28) = -1 EBADF (Bad file descriptor) [pid 5621] close(29) = -1 EBADF (Bad file descriptor) [pid 5621] exit_group(0 [pid 5622] <... futex resumed>) = ? [pid 5621] <... exit_group resumed>) = ? [pid 5623] <... futex resumed>) = ? [pid 5622] +++ exited with 0 +++ [pid 5623] +++ exited with 0 +++ [pid 5621] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=551, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./183", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./183", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./183/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./183/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./183/cgroup.cpu") = 0 [pid 5063] umount2("./183/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./183/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./183/binderfs") = 0 [pid 5063] umount2("./183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./183/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./183/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./183/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./183/file0") = 0 [pid 5063] umount2("./183/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./183/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./183/cgroup") = 0 [pid 5063] umount2("./183/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./183/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./183/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./183") = 0 [pid 5063] mkdir("./184", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5624 attached , child_tidptr=0x5555560b8690) = 554 [pid 5624] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5624] chdir("./184") = 0 [pid 5624] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5624] setpgid(0, 0) = 0 [pid 5624] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5624] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5624] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5624] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5624] write(3, "1000", 4) = 4 [pid 5624] close(3) = 0 [pid 5624] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5624] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5624] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5624] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5624] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5624] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5624] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5624] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5625 attached [pid 5625] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5624] <... clone3 resumed> => {parent_tid=[555]}, 88) = 555 [pid 5625] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5624] rt_sigprocmask(SIG_SETMASK, [], [pid 5625] rt_sigprocmask(SIG_SETMASK, [], [pid 5624] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5625] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5624] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5625] memfd_create("syzkaller", 0 [pid 5624] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5625] <... memfd_create resumed>) = 3 [pid 5625] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5625] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5625] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5625] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5625] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5625] close(3) = 0 [pid 5625] mkdir("./file0", 0777) = 0 [pid 5625] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5625] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5625] chdir("./file0") = 0 [pid 5625] ioctl(4, LOOP_CLR_FD) = 0 [pid 5625] close(4) = 0 [pid 5625] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5624] <... futex resumed>) = 0 [pid 5625] <... futex resumed>) = 1 [pid 5625] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5624] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5625] <... openat resumed>) = 4 [pid 5624] <... futex resumed>) = 0 [pid 5625] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5624] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5625] <... futex resumed>) = 0 [pid 5624] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5625] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5624] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5625] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5624] <... futex resumed>) = 0 [pid 5625] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 159.819553][ T5625] loop0: detected capacity change from 0 to 4096 [ 159.842121][ T5625] ntfs: volume version 3.1. [pid 5624] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5624] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5624] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5624] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5624] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5624] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5626 attached [pid 5626] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5626] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5626] rt_sigprocmask(SIG_SETMASK, [], [pid 5624] <... clone3 resumed> => {parent_tid=[556]}, 88) = 556 [pid 5626] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5624] rt_sigprocmask(SIG_SETMASK, [], [pid 5626] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5624] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5624] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5626] <... futex resumed>) = 0 [pid 5624] <... futex resumed>) = 1 [pid 5626] creat("./file1", 000 [pid 5624] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5626] <... creat resumed>) = 5 [pid 5625] <... write resumed>) = 1048064 [pid 5626] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5624] <... futex resumed>) = 0 [pid 5626] <... futex resumed>) = 1 [pid 5625] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5626] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5625] <... futex resumed>) = 0 [pid 5624] close(3 [pid 5625] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5624] <... close resumed>) = 0 [pid 5624] close(4) = 0 [pid 5624] close(5) = 0 [pid 5624] close(6) = -1 EBADF (Bad file descriptor) [pid 5624] close(7) = -1 EBADF (Bad file descriptor) [pid 5624] close(8) = -1 EBADF (Bad file descriptor) [pid 5624] close(9) = -1 EBADF (Bad file descriptor) [pid 5624] close(10) = -1 EBADF (Bad file descriptor) [pid 5624] close(11) = -1 EBADF (Bad file descriptor) [pid 5624] close(12) = -1 EBADF (Bad file descriptor) [pid 5624] close(13) = -1 EBADF (Bad file descriptor) [pid 5624] close(14) = -1 EBADF (Bad file descriptor) [pid 5624] close(15) = -1 EBADF (Bad file descriptor) [pid 5624] close(16) = -1 EBADF (Bad file descriptor) [pid 5624] close(17) = -1 EBADF (Bad file descriptor) [pid 5624] close(18) = -1 EBADF (Bad file descriptor) [pid 5624] close(19) = -1 EBADF (Bad file descriptor) [pid 5624] close(20) = -1 EBADF (Bad file descriptor) [pid 5624] close(21) = -1 EBADF (Bad file descriptor) [pid 5624] close(22) = -1 EBADF (Bad file descriptor) [pid 5624] close(23) = -1 EBADF (Bad file descriptor) [pid 5624] close(24) = -1 EBADF (Bad file descriptor) [pid 5624] close(25) = -1 EBADF (Bad file descriptor) [pid 5624] close(26) = -1 EBADF (Bad file descriptor) [pid 5624] close(27) = -1 EBADF (Bad file descriptor) [pid 5624] close(28) = -1 EBADF (Bad file descriptor) [pid 5624] close(29) = -1 EBADF (Bad file descriptor) [pid 5624] exit_group(0 [pid 5626] <... futex resumed>) = ? [pid 5625] <... futex resumed>) = ? [pid 5624] <... exit_group resumed>) = ? [pid 5626] +++ exited with 0 +++ [pid 5625] +++ exited with 0 +++ [pid 5624] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=554, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./184", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./184", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./184/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./184/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./184/cgroup.cpu") = 0 [pid 5063] umount2("./184/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./184/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./184/binderfs") = 0 [pid 5063] umount2("./184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./184/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./184/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./184/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./184/file0") = 0 [pid 5063] umount2("./184/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./184/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./184/cgroup") = 0 [pid 5063] umount2("./184/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./184/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./184/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./184") = 0 [pid 5063] mkdir("./185", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5627 attached [pid 5627] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 557 [pid 5627] chdir("./185") = 0 [pid 5627] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5627] setpgid(0, 0) = 0 [pid 5627] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5627] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5627] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5627] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5627] write(3, "1000", 4) = 4 [pid 5627] close(3) = 0 [pid 5627] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5627] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5627] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5627] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5627] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5627] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5627] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5627] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5628 attached => {parent_tid=[558]}, 88) = 558 [pid 5628] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5627] rt_sigprocmask(SIG_SETMASK, [], [pid 5628] <... rseq resumed>) = 0 [pid 5627] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5628] set_robust_list(0x7eff0a34a9a0, 24 [pid 5627] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5628] <... set_robust_list resumed>) = 0 [pid 5627] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5628] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5628] memfd_create("syzkaller", 0) = 3 [pid 5628] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5628] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5628] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5628] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5628] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5628] close(3) = 0 [pid 5628] mkdir("./file0", 0777) = 0 [pid 5628] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5628] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5628] chdir("./file0") = 0 [pid 5628] ioctl(4, LOOP_CLR_FD) = 0 [pid 5628] close(4) = 0 [ 160.384870][ T5628] loop0: detected capacity change from 0 to 4096 [ 160.399558][ T5628] ntfs: volume version 3.1. [pid 5628] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5627] <... futex resumed>) = 0 [pid 5628] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5627] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5627] <... futex resumed>) = 0 [pid 5628] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5627] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5628] <... openat resumed>) = 4 [pid 5628] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5627] <... futex resumed>) = 0 [pid 5628] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5627] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5628] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5627] <... futex resumed>) = 0 [pid 5628] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5627] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5627] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5627] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5627] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5627] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5627] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5629 attached => {parent_tid=[559]}, 88) = 559 [pid 5629] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5627] rt_sigprocmask(SIG_SETMASK, [], [pid 5629] <... rseq resumed>) = 0 [pid 5627] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5629] set_robust_list(0x7eff0a3299a0, 24 [pid 5627] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5629] <... set_robust_list resumed>) = 0 [pid 5629] rt_sigprocmask(SIG_SETMASK, [], [pid 5627] <... futex resumed>) = 0 [pid 5629] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5629] creat("./file1", 000 [pid 5627] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5629] <... creat resumed>) = 5 [pid 5629] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5628] <... write resumed>) = 1048064 [pid 5629] <... futex resumed>) = 1 [pid 5627] <... futex resumed>) = 0 [pid 5628] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5627] close(3 [pid 5628] <... futex resumed>) = 0 [pid 5629] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5627] <... close resumed>) = 0 [pid 5628] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5627] close(4) = 0 [pid 5627] close(5) = 0 [pid 5627] close(6) = -1 EBADF (Bad file descriptor) [pid 5627] close(7) = -1 EBADF (Bad file descriptor) [pid 5627] close(8) = -1 EBADF (Bad file descriptor) [pid 5627] close(9) = -1 EBADF (Bad file descriptor) [pid 5627] close(10) = -1 EBADF (Bad file descriptor) [pid 5627] close(11) = -1 EBADF (Bad file descriptor) [pid 5627] close(12) = -1 EBADF (Bad file descriptor) [pid 5627] close(13) = -1 EBADF (Bad file descriptor) [pid 5627] close(14) = -1 EBADF (Bad file descriptor) [pid 5627] close(15) = -1 EBADF (Bad file descriptor) [pid 5627] close(16) = -1 EBADF (Bad file descriptor) [pid 5627] close(17) = -1 EBADF (Bad file descriptor) [pid 5627] close(18) = -1 EBADF (Bad file descriptor) [pid 5627] close(19) = -1 EBADF (Bad file descriptor) [pid 5627] close(20) = -1 EBADF (Bad file descriptor) [pid 5627] close(21) = -1 EBADF (Bad file descriptor) [pid 5627] close(22) = -1 EBADF (Bad file descriptor) [pid 5627] close(23) = -1 EBADF (Bad file descriptor) [pid 5627] close(24) = -1 EBADF (Bad file descriptor) [pid 5627] close(25) = -1 EBADF (Bad file descriptor) [pid 5627] close(26) = -1 EBADF (Bad file descriptor) [pid 5627] close(27) = -1 EBADF (Bad file descriptor) [pid 5627] close(28) = -1 EBADF (Bad file descriptor) [pid 5627] close(29) = -1 EBADF (Bad file descriptor) [pid 5627] exit_group(0 [pid 5628] <... futex resumed>) = ? [pid 5627] <... exit_group resumed>) = ? [pid 5629] <... futex resumed>) = ? [pid 5628] +++ exited with 0 +++ [pid 5629] +++ exited with 0 +++ [pid 5627] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=557, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./185", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./185", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./185/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./185/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./185/cgroup.cpu") = 0 [pid 5063] umount2("./185/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./185/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./185/binderfs") = 0 [pid 5063] umount2("./185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./185/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./185/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./185/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./185/file0") = 0 [pid 5063] umount2("./185/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./185/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./185/cgroup") = 0 [pid 5063] umount2("./185/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./185/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./185/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./185") = 0 [pid 5063] mkdir("./186", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 560 ./strace-static-x86_64: Process 5630 attached [pid 5630] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5630] chdir("./186") = 0 [pid 5630] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5630] setpgid(0, 0) = 0 [pid 5630] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5630] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5630] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5630] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5630] write(3, "1000", 4) = 4 [pid 5630] close(3) = 0 [pid 5630] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5630] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5630] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5630] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5630] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5630] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5630] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5630] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5631 attached => {parent_tid=[561]}, 88) = 561 [pid 5631] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5630] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5630] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5630] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5631] <... rseq resumed>) = 0 [pid 5631] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5631] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5631] memfd_create("syzkaller", 0) = 3 [pid 5631] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5631] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5631] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5631] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5631] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5631] close(3) = 0 [pid 5631] mkdir("./file0", 0777) = 0 [pid 5631] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5631] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5631] chdir("./file0") = 0 [pid 5631] ioctl(4, LOOP_CLR_FD) = 0 [pid 5631] close(4) = 0 [ 160.923424][ T5631] loop0: detected capacity change from 0 to 4096 [ 160.938641][ T5631] ntfs: volume version 3.1. [pid 5631] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5630] <... futex resumed>) = 0 [pid 5631] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5630] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5631] <... futex resumed>) = 0 [pid 5631] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5630] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5631] <... openat resumed>) = 4 [pid 5631] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5630] <... futex resumed>) = 0 [pid 5631] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5630] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5630] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5630] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5630] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5630] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5630] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5630] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5632 attached [pid 5632] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5630] <... clone3 resumed> => {parent_tid=[562]}, 88) = 562 [pid 5632] <... rseq resumed>) = 0 [pid 5630] rt_sigprocmask(SIG_SETMASK, [], [pid 5632] set_robust_list(0x7eff0a3299a0, 24 [pid 5630] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5632] <... set_robust_list resumed>) = 0 [pid 5630] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5632] rt_sigprocmask(SIG_SETMASK, [], [pid 5630] <... futex resumed>) = 0 [pid 5632] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5630] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5632] creat("./file1", 000) = 5 [pid 5631] <... write resumed>) = 1048064 [pid 5631] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5631] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5632] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5630] <... futex resumed>) = 0 [pid 5632] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5630] close(3) = 0 [pid 5630] close(4) = 0 [pid 5630] close(5) = 0 [pid 5630] close(6) = -1 EBADF (Bad file descriptor) [pid 5630] close(7) = -1 EBADF (Bad file descriptor) [pid 5630] close(8) = -1 EBADF (Bad file descriptor) [pid 5630] close(9) = -1 EBADF (Bad file descriptor) [pid 5630] close(10) = -1 EBADF (Bad file descriptor) [pid 5630] close(11) = -1 EBADF (Bad file descriptor) [pid 5630] close(12) = -1 EBADF (Bad file descriptor) [pid 5630] close(13) = -1 EBADF (Bad file descriptor) [pid 5630] close(14) = -1 EBADF (Bad file descriptor) [pid 5630] close(15) = -1 EBADF (Bad file descriptor) [pid 5630] close(16) = -1 EBADF (Bad file descriptor) [pid 5630] close(17) = -1 EBADF (Bad file descriptor) [pid 5630] close(18) = -1 EBADF (Bad file descriptor) [pid 5630] close(19) = -1 EBADF (Bad file descriptor) [pid 5630] close(20) = -1 EBADF (Bad file descriptor) [pid 5630] close(21) = -1 EBADF (Bad file descriptor) [pid 5630] close(22) = -1 EBADF (Bad file descriptor) [pid 5630] close(23) = -1 EBADF (Bad file descriptor) [pid 5630] close(24) = -1 EBADF (Bad file descriptor) [pid 5630] close(25) = -1 EBADF (Bad file descriptor) [pid 5630] close(26) = -1 EBADF (Bad file descriptor) [pid 5630] close(27) = -1 EBADF (Bad file descriptor) [pid 5630] close(28) = -1 EBADF (Bad file descriptor) [pid 5630] close(29) = -1 EBADF (Bad file descriptor) [pid 5630] exit_group(0 [pid 5632] <... futex resumed>) = ? [pid 5631] <... futex resumed>) = ? [pid 5630] <... exit_group resumed>) = ? [pid 5631] +++ exited with 0 +++ [pid 5632] +++ exited with 0 +++ [pid 5630] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=560, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./186", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./186", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./186/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./186/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./186/cgroup.cpu") = 0 [pid 5063] umount2("./186/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./186/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./186/binderfs") = 0 [pid 5063] umount2("./186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./186/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./186/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./186/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./186/file0") = 0 [pid 5063] umount2("./186/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./186/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./186/cgroup") = 0 [pid 5063] umount2("./186/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./186/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./186/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./186") = 0 [pid 5063] mkdir("./187", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5633 attached , child_tidptr=0x5555560b8690) = 563 [pid 5633] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5633] chdir("./187") = 0 [pid 5633] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5633] setpgid(0, 0) = 0 [pid 5633] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5633] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5633] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5633] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5633] write(3, "1000", 4) = 4 [pid 5633] close(3) = 0 [pid 5633] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5633] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5633] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5633] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5633] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5633] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5633] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5633] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5634 attached [pid 5634] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5633] <... clone3 resumed> => {parent_tid=[564]}, 88) = 564 [pid 5634] <... rseq resumed>) = 0 [pid 5634] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5634] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5634] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5633] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5633] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5634] <... futex resumed>) = 0 [pid 5633] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5634] memfd_create("syzkaller", 0) = 3 [pid 5634] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5634] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5634] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5634] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5634] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5634] close(3) = 0 [pid 5634] mkdir("./file0", 0777) = 0 [pid 5634] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5634] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5634] chdir("./file0") = 0 [pid 5634] ioctl(4, LOOP_CLR_FD) = 0 [pid 5634] close(4) = 0 [pid 5634] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5634] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5633] <... futex resumed>) = 0 [pid 5633] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5634] <... futex resumed>) = 0 [pid 5633] <... futex resumed>) = 1 [pid 5634] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5633] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5634] <... openat resumed>) = 4 [pid 5634] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5634] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5633] <... futex resumed>) = 0 [pid 5633] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5633] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5634] <... futex resumed>) = 0 [ 161.496783][ T5634] loop0: detected capacity change from 0 to 4096 [ 161.521498][ T5634] ntfs: volume version 3.1. [pid 5634] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5633] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5633] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5633] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5633] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5633] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5633] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5633] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5635 attached [pid 5635] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5635] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5635] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5633] <... clone3 resumed> => {parent_tid=[565]}, 88) = 565 [pid 5635] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5633] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5633] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5635] <... futex resumed>) = 0 [pid 5634] <... write resumed>) = 1048064 [pid 5633] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5635] creat("./file1", 000 [pid 5634] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5634] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5635] <... creat resumed>) = 5 [pid 5635] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5635] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5633] <... futex resumed>) = 0 [pid 5633] close(3) = 0 [pid 5633] close(4) = 0 [pid 5633] close(5) = 0 [pid 5633] close(6) = -1 EBADF (Bad file descriptor) [pid 5633] close(7) = -1 EBADF (Bad file descriptor) [pid 5633] close(8) = -1 EBADF (Bad file descriptor) [pid 5633] close(9) = -1 EBADF (Bad file descriptor) [pid 5633] close(10) = -1 EBADF (Bad file descriptor) [pid 5633] close(11) = -1 EBADF (Bad file descriptor) [pid 5633] close(12) = -1 EBADF (Bad file descriptor) [pid 5633] close(13) = -1 EBADF (Bad file descriptor) [pid 5633] close(14) = -1 EBADF (Bad file descriptor) [pid 5633] close(15) = -1 EBADF (Bad file descriptor) [pid 5633] close(16) = -1 EBADF (Bad file descriptor) [pid 5633] close(17) = -1 EBADF (Bad file descriptor) [pid 5633] close(18) = -1 EBADF (Bad file descriptor) [pid 5633] close(19) = -1 EBADF (Bad file descriptor) [pid 5633] close(20) = -1 EBADF (Bad file descriptor) [pid 5633] close(21) = -1 EBADF (Bad file descriptor) [pid 5633] close(22) = -1 EBADF (Bad file descriptor) [pid 5633] close(23) = -1 EBADF (Bad file descriptor) [pid 5633] close(24) = -1 EBADF (Bad file descriptor) [pid 5633] close(25) = -1 EBADF (Bad file descriptor) [pid 5633] close(26) = -1 EBADF (Bad file descriptor) [pid 5633] close(27) = -1 EBADF (Bad file descriptor) [pid 5633] close(28) = -1 EBADF (Bad file descriptor) [pid 5633] close(29) = -1 EBADF (Bad file descriptor) [pid 5633] exit_group(0) = ? [pid 5634] <... futex resumed>) = ? [pid 5635] <... futex resumed>) = ? [pid 5634] +++ exited with 0 +++ [pid 5635] +++ exited with 0 +++ [pid 5633] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=563, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5063] umount2("./187", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./187", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./187/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./187/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./187/cgroup.cpu") = 0 [pid 5063] umount2("./187/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./187/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./187/binderfs") = 0 [pid 5063] umount2("./187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./187/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./187/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./187/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./187/file0") = 0 [pid 5063] umount2("./187/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./187/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./187/cgroup") = 0 [pid 5063] umount2("./187/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./187/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./187/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./187") = 0 [pid 5063] mkdir("./188", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5636 attached , child_tidptr=0x5555560b8690) = 566 [pid 5636] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5636] chdir("./188") = 0 [pid 5636] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5636] setpgid(0, 0) = 0 [pid 5636] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5636] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5636] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5636] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5636] write(3, "1000", 4) = 4 [pid 5636] close(3) = 0 [pid 5636] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5636] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5636] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5636] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5636] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5636] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5636] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5636] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5637 attached => {parent_tid=[567]}, 88) = 567 [pid 5637] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5636] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5637] <... rseq resumed>) = 0 [pid 5636] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5637] set_robust_list(0x7eff0a34a9a0, 24 [pid 5636] <... futex resumed>) = 0 [pid 5636] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5637] <... set_robust_list resumed>) = 0 [pid 5637] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5637] memfd_create("syzkaller", 0) = 3 [pid 5637] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5637] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5637] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5637] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5637] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5637] close(3) = 0 [pid 5637] mkdir("./file0", 0777) = 0 [pid 5637] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5637] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5637] chdir("./file0") = 0 [pid 5637] ioctl(4, LOOP_CLR_FD) = 0 [pid 5637] close(4) = 0 [pid 5637] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5636] <... futex resumed>) = 0 [pid 5637] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5636] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5637] <... futex resumed>) = 0 [pid 5636] <... futex resumed>) = 1 [pid 5637] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 162.044176][ T5637] loop0: detected capacity change from 0 to 4096 [ 162.076083][ T5637] ntfs: volume version 3.1. [pid 5636] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5637] <... openat resumed>) = 4 [pid 5637] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5636] <... futex resumed>) = 0 [pid 5637] <... futex resumed>) = 1 [pid 5636] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5637] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5636] <... futex resumed>) = 0 [pid 5636] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5636] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5636] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5636] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5636] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5636] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5638 attached [pid 5637] <... write resumed>) = 1048064 [pid 5636] <... clone3 resumed> => {parent_tid=[568]}, 88) = 568 [pid 5638] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5637] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5636] rt_sigprocmask(SIG_SETMASK, [], [pid 5637] <... futex resumed>) = 0 [pid 5636] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5637] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5638] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5638] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5638] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5636] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5638] <... futex resumed>) = 0 [pid 5636] <... futex resumed>) = 1 [pid 5638] creat("./file1", 000 [pid 5636] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5638] <... creat resumed>) = 5 [pid 5638] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5636] <... futex resumed>) = 0 [pid 5636] close(3 [pid 5638] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5636] <... close resumed>) = 0 [pid 5636] close(4) = 0 [pid 5636] close(5) = 0 [pid 5636] close(6) = -1 EBADF (Bad file descriptor) [pid 5636] close(7) = -1 EBADF (Bad file descriptor) [pid 5636] close(8) = -1 EBADF (Bad file descriptor) [pid 5636] close(9) = -1 EBADF (Bad file descriptor) [pid 5636] close(10) = -1 EBADF (Bad file descriptor) [pid 5636] close(11) = -1 EBADF (Bad file descriptor) [pid 5636] close(12) = -1 EBADF (Bad file descriptor) [pid 5636] close(13) = -1 EBADF (Bad file descriptor) [pid 5636] close(14) = -1 EBADF (Bad file descriptor) [pid 5636] close(15) = -1 EBADF (Bad file descriptor) [pid 5636] close(16) = -1 EBADF (Bad file descriptor) [pid 5636] close(17) = -1 EBADF (Bad file descriptor) [pid 5636] close(18) = -1 EBADF (Bad file descriptor) [pid 5636] close(19) = -1 EBADF (Bad file descriptor) [pid 5636] close(20) = -1 EBADF (Bad file descriptor) [pid 5636] close(21) = -1 EBADF (Bad file descriptor) [pid 5636] close(22) = -1 EBADF (Bad file descriptor) [pid 5636] close(23) = -1 EBADF (Bad file descriptor) [pid 5636] close(24) = -1 EBADF (Bad file descriptor) [pid 5636] close(25) = -1 EBADF (Bad file descriptor) [pid 5636] close(26) = -1 EBADF (Bad file descriptor) [pid 5636] close(27) = -1 EBADF (Bad file descriptor) [pid 5636] close(28) = -1 EBADF (Bad file descriptor) [pid 5636] close(29) = -1 EBADF (Bad file descriptor) [pid 5636] exit_group(0 [pid 5637] <... futex resumed>) = ? [pid 5636] <... exit_group resumed>) = ? [pid 5638] <... futex resumed>) = ? [pid 5637] +++ exited with 0 +++ [pid 5638] +++ exited with 0 +++ [pid 5636] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=566, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./188", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./188", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./188/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./188/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./188/cgroup.cpu") = 0 [pid 5063] umount2("./188/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./188/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./188/binderfs") = 0 [pid 5063] umount2("./188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./188/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./188/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./188/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./188/file0") = 0 [pid 5063] umount2("./188/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./188/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./188/cgroup") = 0 [pid 5063] umount2("./188/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./188/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./188/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./188") = 0 [pid 5063] mkdir("./189", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5639 attached [pid 5639] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 569 [pid 5639] <... set_robust_list resumed>) = 0 [pid 5639] chdir("./189") = 0 [pid 5639] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5639] setpgid(0, 0) = 0 [pid 5639] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5639] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5639] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5639] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5639] write(3, "1000", 4) = 4 [pid 5639] close(3) = 0 [pid 5639] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5639] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5639] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5639] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5639] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5639] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5639] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5639] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5640 attached [pid 5640] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5639] <... clone3 resumed> => {parent_tid=[570]}, 88) = 570 [pid 5640] <... rseq resumed>) = 0 [pid 5639] rt_sigprocmask(SIG_SETMASK, [], [pid 5640] set_robust_list(0x7eff0a34a9a0, 24 [pid 5639] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5640] <... set_robust_list resumed>) = 0 [pid 5639] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5640] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5639] <... futex resumed>) = 0 [pid 5640] memfd_create("syzkaller", 0 [pid 5639] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5640] <... memfd_create resumed>) = 3 [pid 5640] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5640] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5640] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5640] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5640] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5640] close(3) = 0 [pid 5640] mkdir("./file0", 0777) = 0 [pid 5640] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5640] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5640] chdir("./file0") = 0 [pid 5640] ioctl(4, LOOP_CLR_FD) = 0 [pid 5640] close(4) = 0 [pid 5640] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5639] <... futex resumed>) = 0 [pid 5640] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5639] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5640] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5639] <... futex resumed>) = 0 [pid 5640] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 162.577014][ T5640] loop0: detected capacity change from 0 to 4096 [ 162.607610][ T5640] ntfs: volume version 3.1. [pid 5639] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5640] <... openat resumed>) = 4 [pid 5640] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5639] <... futex resumed>) = 0 [pid 5640] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5639] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5640] <... futex resumed>) = 0 [pid 5639] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5640] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5639] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5639] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5639] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5639] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5639] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5639] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5641 attached [pid 5641] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5639] <... clone3 resumed> => {parent_tid=[571]}, 88) = 571 [pid 5641] set_robust_list(0x7eff0a3299a0, 24 [pid 5639] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5639] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5641] <... set_robust_list resumed>) = 0 [pid 5639] <... futex resumed>) = 0 [pid 5641] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5641] creat("./file1", 000 [pid 5639] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5641] <... creat resumed>) = 5 [pid 5640] <... write resumed>) = 1048064 [pid 5641] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5640] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5641] <... futex resumed>) = 1 [pid 5639] <... futex resumed>) = 0 [pid 5641] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5640] <... futex resumed>) = 0 [pid 5639] close(3) = 0 [pid 5639] close(4 [pid 5640] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5639] <... close resumed>) = 0 [pid 5639] close(5) = 0 [pid 5639] close(6) = -1 EBADF (Bad file descriptor) [pid 5639] close(7) = -1 EBADF (Bad file descriptor) [pid 5639] close(8) = -1 EBADF (Bad file descriptor) [pid 5639] close(9) = -1 EBADF (Bad file descriptor) [pid 5639] close(10) = -1 EBADF (Bad file descriptor) [pid 5639] close(11) = -1 EBADF (Bad file descriptor) [pid 5639] close(12) = -1 EBADF (Bad file descriptor) [pid 5639] close(13) = -1 EBADF (Bad file descriptor) [pid 5639] close(14) = -1 EBADF (Bad file descriptor) [pid 5639] close(15) = -1 EBADF (Bad file descriptor) [pid 5639] close(16) = -1 EBADF (Bad file descriptor) [pid 5639] close(17) = -1 EBADF (Bad file descriptor) [pid 5639] close(18) = -1 EBADF (Bad file descriptor) [pid 5639] close(19) = -1 EBADF (Bad file descriptor) [pid 5639] close(20) = -1 EBADF (Bad file descriptor) [pid 5639] close(21) = -1 EBADF (Bad file descriptor) [pid 5639] close(22) = -1 EBADF (Bad file descriptor) [pid 5639] close(23) = -1 EBADF (Bad file descriptor) [pid 5639] close(24) = -1 EBADF (Bad file descriptor) [pid 5639] close(25) = -1 EBADF (Bad file descriptor) [pid 5639] close(26) = -1 EBADF (Bad file descriptor) [pid 5639] close(27) = -1 EBADF (Bad file descriptor) [pid 5639] close(28) = -1 EBADF (Bad file descriptor) [pid 5639] close(29) = -1 EBADF (Bad file descriptor) [pid 5639] exit_group(0 [pid 5641] <... futex resumed>) = ? [pid 5639] <... exit_group resumed>) = ? [pid 5641] +++ exited with 0 +++ [pid 5640] <... futex resumed>) = ? [pid 5640] +++ exited with 0 +++ [pid 5639] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=569, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./189", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./189", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./189/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./189/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./189/cgroup.cpu") = 0 [pid 5063] umount2("./189/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./189/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./189/binderfs") = 0 [pid 5063] umount2("./189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./189/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./189/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./189/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./189/file0") = 0 [pid 5063] umount2("./189/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./189/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./189/cgroup") = 0 [pid 5063] umount2("./189/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./189/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./189/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./189") = 0 [pid 5063] mkdir("./190", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5642 attached [pid 5642] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 572 [pid 5642] <... set_robust_list resumed>) = 0 [pid 5642] chdir("./190") = 0 [pid 5642] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5642] setpgid(0, 0) = 0 [pid 5642] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5642] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5642] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5642] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5642] write(3, "1000", 4) = 4 [pid 5642] close(3) = 0 [pid 5642] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5642] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5642] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5642] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5642] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5642] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5642] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5642] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5643 attached [pid 5643] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5642] <... clone3 resumed> => {parent_tid=[573]}, 88) = 573 [pid 5643] <... rseq resumed>) = 0 [pid 5642] rt_sigprocmask(SIG_SETMASK, [], [pid 5643] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5642] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5643] rt_sigprocmask(SIG_SETMASK, [], [pid 5642] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5643] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5642] <... futex resumed>) = 0 [pid 5642] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5643] memfd_create("syzkaller", 0) = 3 [pid 5643] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5643] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5643] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5643] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5643] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5643] close(3) = 0 [pid 5643] mkdir("./file0", 0777) = 0 [pid 5643] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5643] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5643] chdir("./file0") = 0 [pid 5643] ioctl(4, LOOP_CLR_FD) = 0 [pid 5643] close(4) = 0 [pid 5643] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5642] <... futex resumed>) = 0 [pid 5643] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5642] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5643] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5643] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5642] <... futex resumed>) = 0 [ 163.183243][ T5643] loop0: detected capacity change from 0 to 4096 [ 163.199150][ T5643] ntfs: volume version 3.1. [pid 5642] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5643] <... openat resumed>) = 4 [pid 5643] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5643] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5642] <... futex resumed>) = 0 [pid 5642] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5643] <... futex resumed>) = 0 [pid 5642] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5643] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5642] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5642] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5642] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5642] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5642] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5642] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5642] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5644 attached => {parent_tid=[574]}, 88) = 574 [pid 5644] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5642] rt_sigprocmask(SIG_SETMASK, [], [pid 5644] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5644] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5644] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5642] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5644] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5642] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5644] creat("./file1", 000 [pid 5642] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5644] <... creat resumed>) = 5 [pid 5643] <... write resumed>) = 1048064 [pid 5644] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5644] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5642] <... futex resumed>) = 0 [pid 5643] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5643] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5642] close(3) = 0 [pid 5642] close(4) = 0 [pid 5642] close(5) = 0 [pid 5642] close(6) = -1 EBADF (Bad file descriptor) [pid 5642] close(7) = -1 EBADF (Bad file descriptor) [pid 5642] close(8) = -1 EBADF (Bad file descriptor) [pid 5642] close(9) = -1 EBADF (Bad file descriptor) [pid 5642] close(10) = -1 EBADF (Bad file descriptor) [pid 5642] close(11) = -1 EBADF (Bad file descriptor) [pid 5642] close(12) = -1 EBADF (Bad file descriptor) [pid 5642] close(13) = -1 EBADF (Bad file descriptor) [pid 5642] close(14) = -1 EBADF (Bad file descriptor) [pid 5642] close(15) = -1 EBADF (Bad file descriptor) [pid 5642] close(16) = -1 EBADF (Bad file descriptor) [pid 5642] close(17) = -1 EBADF (Bad file descriptor) [pid 5642] close(18) = -1 EBADF (Bad file descriptor) [pid 5642] close(19) = -1 EBADF (Bad file descriptor) [pid 5642] close(20) = -1 EBADF (Bad file descriptor) [pid 5642] close(21) = -1 EBADF (Bad file descriptor) [pid 5642] close(22) = -1 EBADF (Bad file descriptor) [pid 5642] close(23) = -1 EBADF (Bad file descriptor) [pid 5642] close(24) = -1 EBADF (Bad file descriptor) [pid 5642] close(25) = -1 EBADF (Bad file descriptor) [pid 5642] close(26) = -1 EBADF (Bad file descriptor) [pid 5642] close(27) = -1 EBADF (Bad file descriptor) [pid 5642] close(28) = -1 EBADF (Bad file descriptor) [pid 5642] close(29) = -1 EBADF (Bad file descriptor) [pid 5642] exit_group(0 [pid 5644] <... futex resumed>) = ? [pid 5644] +++ exited with 0 +++ [pid 5643] <... futex resumed>) = ? [pid 5642] <... exit_group resumed>) = ? [pid 5643] +++ exited with 0 +++ [pid 5642] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=572, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./190", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./190", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./190/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./190/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./190/cgroup.cpu") = 0 [pid 5063] umount2("./190/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./190/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./190/binderfs") = 0 [pid 5063] umount2("./190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./190/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./190/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./190/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./190/file0") = 0 [pid 5063] umount2("./190/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./190/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./190/cgroup") = 0 [pid 5063] umount2("./190/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./190/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./190/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./190") = 0 [pid 5063] mkdir("./191", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5645 attached , child_tidptr=0x5555560b8690) = 575 [pid 5645] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5645] chdir("./191") = 0 [pid 5645] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5645] setpgid(0, 0) = 0 [pid 5645] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5645] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5645] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5645] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5645] write(3, "1000", 4) = 4 [pid 5645] close(3) = 0 [pid 5645] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5645] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5645] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5645] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5645] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5645] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5645] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5645] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5646 attached => {parent_tid=[576]}, 88) = 576 [pid 5646] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5645] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5645] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5645] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5646] <... rseq resumed>) = 0 [pid 5646] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5646] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5646] memfd_create("syzkaller", 0) = 3 [pid 5646] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5646] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5646] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5646] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5646] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5646] close(3) = 0 [pid 5646] mkdir("./file0", 0777) = 0 [pid 5646] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5646] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5646] chdir("./file0") = 0 [pid 5646] ioctl(4, LOOP_CLR_FD) = 0 [pid 5646] close(4) = 0 [pid 5646] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5645] <... futex resumed>) = 0 [pid 5646] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5645] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5646] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5645] <... futex resumed>) = 0 [pid 5646] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5645] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5646] <... openat resumed>) = 4 [pid 5646] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5645] <... futex resumed>) = 0 [pid 5646] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5645] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5646] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5645] <... futex resumed>) = 0 [ 163.871349][ T5646] loop0: detected capacity change from 0 to 4096 [ 163.894932][ T5646] ntfs: volume version 3.1. [pid 5645] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5645] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5645] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5645] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5645] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5645] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5647 attached [pid 5647] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5647] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5645] <... clone3 resumed> => {parent_tid=[577]}, 88) = 577 [pid 5647] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5647] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5645] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5645] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5647] <... futex resumed>) = 0 [pid 5645] <... futex resumed>) = 1 [pid 5647] creat("./file1", 000 [pid 5645] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5647] <... creat resumed>) = 5 [pid 5647] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5646] <... write resumed>) = 1048064 [pid 5646] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5647] <... futex resumed>) = 1 [pid 5645] <... futex resumed>) = 0 [pid 5646] <... futex resumed>) = 0 [pid 5645] close(3 [pid 5646] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5645] <... close resumed>) = 0 [pid 5645] close(4) = 0 [pid 5645] close(5 [pid 5647] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5645] <... close resumed>) = 0 [pid 5645] close(6) = -1 EBADF (Bad file descriptor) [pid 5645] close(7) = -1 EBADF (Bad file descriptor) [pid 5645] close(8) = -1 EBADF (Bad file descriptor) [pid 5645] close(9) = -1 EBADF (Bad file descriptor) [pid 5645] close(10) = -1 EBADF (Bad file descriptor) [pid 5645] close(11) = -1 EBADF (Bad file descriptor) [pid 5645] close(12) = -1 EBADF (Bad file descriptor) [pid 5645] close(13) = -1 EBADF (Bad file descriptor) [pid 5645] close(14) = -1 EBADF (Bad file descriptor) [pid 5645] close(15) = -1 EBADF (Bad file descriptor) [pid 5645] close(16) = -1 EBADF (Bad file descriptor) [pid 5645] close(17) = -1 EBADF (Bad file descriptor) [pid 5645] close(18) = -1 EBADF (Bad file descriptor) [pid 5645] close(19) = -1 EBADF (Bad file descriptor) [pid 5645] close(20) = -1 EBADF (Bad file descriptor) [pid 5645] close(21) = -1 EBADF (Bad file descriptor) [pid 5645] close(22) = -1 EBADF (Bad file descriptor) [pid 5645] close(23) = -1 EBADF (Bad file descriptor) [pid 5645] close(24) = -1 EBADF (Bad file descriptor) [pid 5645] close(25) = -1 EBADF (Bad file descriptor) [pid 5645] close(26) = -1 EBADF (Bad file descriptor) [pid 5645] close(27) = -1 EBADF (Bad file descriptor) [pid 5645] close(28) = -1 EBADF (Bad file descriptor) [pid 5645] close(29) = -1 EBADF (Bad file descriptor) [pid 5645] exit_group(0 [pid 5646] <... futex resumed>) = ? [pid 5645] <... exit_group resumed>) = ? [pid 5647] <... futex resumed>) = ? [pid 5646] +++ exited with 0 +++ [pid 5647] +++ exited with 0 +++ [pid 5645] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=575, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./191", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./191", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./191/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./191/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./191/cgroup.cpu") = 0 [pid 5063] umount2("./191/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./191/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./191/binderfs") = 0 [pid 5063] umount2("./191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./191/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./191/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./191/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./191/file0") = 0 [pid 5063] umount2("./191/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./191/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./191/cgroup") = 0 [pid 5063] umount2("./191/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./191/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./191/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./191") = 0 [pid 5063] mkdir("./192", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5648 attached , child_tidptr=0x5555560b8690) = 578 [pid 5648] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5648] chdir("./192") = 0 [pid 5648] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5648] setpgid(0, 0) = 0 [pid 5648] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5648] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5648] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5648] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5648] write(3, "1000", 4) = 4 [pid 5648] close(3) = 0 [pid 5648] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5648] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5648] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5648] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5648] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5648] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5648] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5648] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5649 attached [pid 5649] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5648] <... clone3 resumed> => {parent_tid=[579]}, 88) = 579 [pid 5649] <... rseq resumed>) = 0 [pid 5648] rt_sigprocmask(SIG_SETMASK, [], [pid 5649] set_robust_list(0x7eff0a34a9a0, 24 [pid 5648] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5649] <... set_robust_list resumed>) = 0 [pid 5648] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5649] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5648] <... futex resumed>) = 0 [pid 5648] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5649] memfd_create("syzkaller", 0) = 3 [pid 5649] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5649] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5649] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5649] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5649] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5649] close(3) = 0 [pid 5649] mkdir("./file0", 0777) = 0 [ 164.417317][ T5649] loop0: detected capacity change from 0 to 4096 [ 164.436561][ T5649] __ntfs_warning: 170 callbacks suppressed [ 164.436569][ T5649] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 164.463255][ T5649] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 164.472663][ T5649] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 164.489470][ T5649] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 164.498199][ T5649] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 164.518165][ T5649] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 164.526854][ T5649] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 164.546964][ T5649] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5649] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5649] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5649] chdir("./file0") = 0 [pid 5649] ioctl(4, LOOP_CLR_FD) = 0 [pid 5649] close(4) = 0 [pid 5649] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5648] <... futex resumed>) = 0 [pid 5649] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5648] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5649] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 164.555671][ T5649] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 164.575636][ T5649] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 164.586626][ T5649] ntfs: volume version 3.1. [pid 5648] <... futex resumed>) = 0 [pid 5649] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5648] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5649] <... openat resumed>) = 4 [pid 5649] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5648] <... futex resumed>) = 0 [pid 5649] <... futex resumed>) = 1 [pid 5648] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5649] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5648] <... futex resumed>) = 0 [pid 5648] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5648] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5648] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5648] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5648] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5648] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5650 attached [pid 5650] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5648] <... clone3 resumed> => {parent_tid=[580]}, 88) = 580 [pid 5650] set_robust_list(0x7eff0a3299a0, 24 [pid 5648] rt_sigprocmask(SIG_SETMASK, [], [pid 5650] <... set_robust_list resumed>) = 0 [pid 5648] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5648] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5650] rt_sigprocmask(SIG_SETMASK, [], [pid 5648] <... futex resumed>) = 0 [pid 5648] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5650] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5650] creat("./file1", 000) = 5 [pid 5649] <... write resumed>) = 1048064 [pid 5650] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5649] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5650] <... futex resumed>) = 1 [pid 5650] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5649] <... futex resumed>) = 0 [pid 5648] <... futex resumed>) = 0 [pid 5649] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5648] close(3) = 0 [pid 5648] close(4) = 0 [pid 5648] close(5) = 0 [pid 5648] close(6) = -1 EBADF (Bad file descriptor) [pid 5648] close(7) = -1 EBADF (Bad file descriptor) [pid 5648] close(8) = -1 EBADF (Bad file descriptor) [pid 5648] close(9) = -1 EBADF (Bad file descriptor) [pid 5648] close(10) = -1 EBADF (Bad file descriptor) [pid 5648] close(11) = -1 EBADF (Bad file descriptor) [pid 5648] close(12) = -1 EBADF (Bad file descriptor) [pid 5648] close(13) = -1 EBADF (Bad file descriptor) [pid 5648] close(14) = -1 EBADF (Bad file descriptor) [pid 5648] close(15) = -1 EBADF (Bad file descriptor) [pid 5648] close(16) = -1 EBADF (Bad file descriptor) [pid 5648] close(17) = -1 EBADF (Bad file descriptor) [pid 5648] close(18) = -1 EBADF (Bad file descriptor) [pid 5648] close(19) = -1 EBADF (Bad file descriptor) [pid 5648] close(20) = -1 EBADF (Bad file descriptor) [pid 5648] close(21) = -1 EBADF (Bad file descriptor) [pid 5648] close(22) = -1 EBADF (Bad file descriptor) [pid 5648] close(23) = -1 EBADF (Bad file descriptor) [pid 5648] close(24) = -1 EBADF (Bad file descriptor) [pid 5648] close(25) = -1 EBADF (Bad file descriptor) [pid 5648] close(26) = -1 EBADF (Bad file descriptor) [pid 5648] close(27) = -1 EBADF (Bad file descriptor) [pid 5648] close(28) = -1 EBADF (Bad file descriptor) [pid 5648] close(29) = -1 EBADF (Bad file descriptor) [pid 5648] exit_group(0 [pid 5650] <... futex resumed>) = ? [pid 5650] +++ exited with 0 +++ [pid 5649] <... futex resumed>) = ? [pid 5648] <... exit_group resumed>) = ? [pid 5649] +++ exited with 0 +++ [pid 5648] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=578, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./192", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./192", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./192/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./192/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./192/cgroup.cpu") = 0 [pid 5063] umount2("./192/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./192/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./192/binderfs") = 0 [pid 5063] umount2("./192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./192/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./192/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./192/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./192/file0") = 0 [pid 5063] umount2("./192/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./192/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./192/cgroup") = 0 [pid 5063] umount2("./192/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./192/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./192/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./192") = 0 [pid 5063] mkdir("./193", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5651 attached , child_tidptr=0x5555560b8690) = 581 [pid 5651] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5651] chdir("./193") = 0 [pid 5651] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5651] setpgid(0, 0) = 0 [pid 5651] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5651] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5651] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5651] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5651] write(3, "1000", 4) = 4 [pid 5651] close(3) = 0 [pid 5651] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5651] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5651] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5651] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5651] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5651] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5651] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5651] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5652 attached => {parent_tid=[582]}, 88) = 582 [pid 5652] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5652] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5652] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5652] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5651] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5651] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5652] <... futex resumed>) = 0 [pid 5651] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5652] memfd_create("syzkaller", 0) = 3 [pid 5652] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5652] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5652] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5652] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5652] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5652] close(3) = 0 [pid 5652] mkdir("./file0", 0777) = 0 [pid 5652] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5652] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5652] chdir("./file0") = 0 [pid 5652] ioctl(4, LOOP_CLR_FD) = 0 [pid 5652] close(4) = 0 [pid 5652] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5651] <... futex resumed>) = 0 [pid 5651] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5652] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5651] <... futex resumed>) = 0 [ 165.197771][ T5652] loop0: detected capacity change from 0 to 4096 [ 165.219054][ T5652] ntfs: volume version 3.1. [pid 5651] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5652] <... openat resumed>) = 4 [pid 5652] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5651] <... futex resumed>) = 0 [pid 5652] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5651] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5652] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5651] <... futex resumed>) = 0 [pid 5652] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5651] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5651] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5651] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5651] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5651] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5651] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5653 attached => {parent_tid=[583]}, 88) = 583 [pid 5653] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5651] rt_sigprocmask(SIG_SETMASK, [], [pid 5653] <... rseq resumed>) = 0 [pid 5651] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5653] set_robust_list(0x7eff0a3299a0, 24 [pid 5651] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5653] <... set_robust_list resumed>) = 0 [pid 5651] <... futex resumed>) = 0 [pid 5653] rt_sigprocmask(SIG_SETMASK, [], [pid 5651] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5653] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5653] creat("./file1", 000) = 5 [pid 5652] <... write resumed>) = 1048064 [pid 5653] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5652] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5653] <... futex resumed>) = 1 [pid 5651] <... futex resumed>) = 0 [pid 5653] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5652] <... futex resumed>) = 0 [pid 5651] close(3 [pid 5652] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5651] <... close resumed>) = 0 [pid 5651] close(4) = 0 [pid 5651] close(5) = 0 [pid 5651] close(6) = -1 EBADF (Bad file descriptor) [pid 5651] close(7) = -1 EBADF (Bad file descriptor) [pid 5651] close(8) = -1 EBADF (Bad file descriptor) [pid 5651] close(9) = -1 EBADF (Bad file descriptor) [pid 5651] close(10) = -1 EBADF (Bad file descriptor) [pid 5651] close(11) = -1 EBADF (Bad file descriptor) [pid 5651] close(12) = -1 EBADF (Bad file descriptor) [pid 5651] close(13) = -1 EBADF (Bad file descriptor) [pid 5651] close(14) = -1 EBADF (Bad file descriptor) [pid 5651] close(15) = -1 EBADF (Bad file descriptor) [pid 5651] close(16) = -1 EBADF (Bad file descriptor) [pid 5651] close(17) = -1 EBADF (Bad file descriptor) [pid 5651] close(18) = -1 EBADF (Bad file descriptor) [pid 5651] close(19) = -1 EBADF (Bad file descriptor) [pid 5651] close(20) = -1 EBADF (Bad file descriptor) [pid 5651] close(21) = -1 EBADF (Bad file descriptor) [pid 5651] close(22) = -1 EBADF (Bad file descriptor) [pid 5651] close(23) = -1 EBADF (Bad file descriptor) [pid 5651] close(24) = -1 EBADF (Bad file descriptor) [pid 5651] close(25) = -1 EBADF (Bad file descriptor) [pid 5651] close(26) = -1 EBADF (Bad file descriptor) [pid 5651] close(27) = -1 EBADF (Bad file descriptor) [pid 5651] close(28) = -1 EBADF (Bad file descriptor) [pid 5651] close(29) = -1 EBADF (Bad file descriptor) [pid 5651] exit_group(0) = ? [pid 5652] <... futex resumed>) = ? [pid 5653] <... futex resumed>) = ? [pid 5652] +++ exited with 0 +++ [pid 5653] +++ exited with 0 +++ [pid 5651] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=581, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./193", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./193", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./193/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./193/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./193/cgroup.cpu") = 0 [pid 5063] umount2("./193/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./193/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./193/binderfs") = 0 [pid 5063] umount2("./193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./193/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./193/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./193/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./193/file0") = 0 [pid 5063] umount2("./193/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./193/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./193/cgroup") = 0 [pid 5063] umount2("./193/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./193/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./193/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./193") = 0 [pid 5063] mkdir("./194", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5654 attached , child_tidptr=0x5555560b8690) = 584 [pid 5654] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5654] chdir("./194") = 0 [pid 5654] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5654] setpgid(0, 0) = 0 [pid 5654] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5654] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5654] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5654] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5654] write(3, "1000", 4) = 4 [pid 5654] close(3) = 0 [pid 5654] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5654] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5654] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5654] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5654] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5654] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5654] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5655 attached [pid 5655] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5654] <... clone3 resumed> => {parent_tid=[585]}, 88) = 585 [pid 5655] <... rseq resumed>) = 0 [pid 5654] rt_sigprocmask(SIG_SETMASK, [], [pid 5655] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5654] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5655] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5654] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5654] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5655] memfd_create("syzkaller", 0) = 3 [pid 5655] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5655] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5655] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5655] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5655] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5655] close(3) = 0 [pid 5655] mkdir("./file0", 0777) = 0 [pid 5655] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5655] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5655] chdir("./file0") = 0 [pid 5655] ioctl(4, LOOP_CLR_FD) = 0 [pid 5655] close(4) = 0 [pid 5655] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 165.728851][ T5655] loop0: detected capacity change from 0 to 4096 [ 165.758679][ T5655] ntfs: volume version 3.1. [pid 5655] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5654] <... futex resumed>) = 0 [pid 5654] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5655] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5654] <... futex resumed>) = 0 [pid 5655] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5654] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5655] <... openat resumed>) = 4 [pid 5655] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5654] <... futex resumed>) = 0 [pid 5655] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5654] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5655] <... futex resumed>) = 0 [pid 5654] <... futex resumed>) = 1 [pid 5655] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5654] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5654] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5654] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5654] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5654] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5654] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5656 attached => {parent_tid=[586]}, 88) = 586 [pid 5656] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5656] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5656] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5654] rt_sigprocmask(SIG_SETMASK, [], [pid 5656] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5654] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5654] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5656] <... futex resumed>) = 0 [pid 5656] creat("./file1", 000 [pid 5654] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5656] <... creat resumed>) = 5 [pid 5655] <... write resumed>) = 1048064 [pid 5656] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5655] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5654] <... futex resumed>) = 0 [pid 5655] <... futex resumed>) = 0 [pid 5656] <... futex resumed>) = 1 [pid 5655] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5654] close(3 [pid 5656] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5654] <... close resumed>) = 0 [pid 5654] close(4) = 0 [pid 5654] close(5) = 0 [pid 5654] close(6) = -1 EBADF (Bad file descriptor) [pid 5654] close(7) = -1 EBADF (Bad file descriptor) [pid 5654] close(8) = -1 EBADF (Bad file descriptor) [pid 5654] close(9) = -1 EBADF (Bad file descriptor) [pid 5654] close(10) = -1 EBADF (Bad file descriptor) [pid 5654] close(11) = -1 EBADF (Bad file descriptor) [pid 5654] close(12) = -1 EBADF (Bad file descriptor) [pid 5654] close(13) = -1 EBADF (Bad file descriptor) [pid 5654] close(14) = -1 EBADF (Bad file descriptor) [pid 5654] close(15) = -1 EBADF (Bad file descriptor) [pid 5654] close(16) = -1 EBADF (Bad file descriptor) [pid 5654] close(17) = -1 EBADF (Bad file descriptor) [pid 5654] close(18) = -1 EBADF (Bad file descriptor) [pid 5654] close(19) = -1 EBADF (Bad file descriptor) [pid 5654] close(20) = -1 EBADF (Bad file descriptor) [pid 5654] close(21) = -1 EBADF (Bad file descriptor) [pid 5654] close(22) = -1 EBADF (Bad file descriptor) [pid 5654] close(23) = -1 EBADF (Bad file descriptor) [pid 5654] close(24) = -1 EBADF (Bad file descriptor) [pid 5654] close(25) = -1 EBADF (Bad file descriptor) [pid 5654] close(26) = -1 EBADF (Bad file descriptor) [pid 5654] close(27) = -1 EBADF (Bad file descriptor) [pid 5654] close(28) = -1 EBADF (Bad file descriptor) [pid 5654] close(29) = -1 EBADF (Bad file descriptor) [pid 5654] exit_group(0) = ? [pid 5655] <... futex resumed>) = ? [pid 5656] <... futex resumed>) = ? [pid 5656] +++ exited with 0 +++ [pid 5655] +++ exited with 0 +++ [pid 5654] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=584, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./194", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./194", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./194/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./194/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./194/cgroup.cpu") = 0 [pid 5063] umount2("./194/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./194/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./194/binderfs") = 0 [pid 5063] umount2("./194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./194/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./194/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./194/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./194/file0") = 0 [pid 5063] umount2("./194/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./194/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./194/cgroup") = 0 [pid 5063] umount2("./194/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./194/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./194/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./194") = 0 [pid 5063] mkdir("./195", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5657 attached , child_tidptr=0x5555560b8690) = 587 [pid 5657] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5657] chdir("./195") = 0 [pid 5657] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5657] setpgid(0, 0) = 0 [pid 5657] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5657] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5657] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5657] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5657] write(3, "1000", 4) = 4 [pid 5657] close(3) = 0 [pid 5657] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5657] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5657] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5657] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5657] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5657] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5657] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5657] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5658 attached => {parent_tid=[588]}, 88) = 588 [pid 5658] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5658] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5658] rt_sigprocmask(SIG_SETMASK, [], [pid 5657] rt_sigprocmask(SIG_SETMASK, [], [pid 5658] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5657] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5658] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5657] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5658] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5657] <... futex resumed>) = 0 [pid 5657] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5658] memfd_create("syzkaller", 0) = 3 [pid 5658] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5658] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5658] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5658] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5658] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5658] close(3) = 0 [pid 5658] mkdir("./file0", 0777) = 0 [pid 5658] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5658] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5658] chdir("./file0") = 0 [pid 5658] ioctl(4, LOOP_CLR_FD) = 0 [pid 5658] close(4) = 0 [pid 5658] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5658] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5657] <... futex resumed>) = 0 [pid 5657] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5657] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5658] <... futex resumed>) = 0 [pid 5658] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5658] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5657] <... futex resumed>) = 0 [ 166.301992][ T5658] loop0: detected capacity change from 0 to 4096 [ 166.327486][ T5658] ntfs: volume version 3.1. [pid 5658] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5657] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5658] <... futex resumed>) = 0 [pid 5657] <... futex resumed>) = 1 [pid 5658] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5657] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5657] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5657] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5657] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5657] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5657] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[589]}, 88) = 589 ./strace-static-x86_64: Process 5659 attached [pid 5658] <... write resumed>) = 1048064 [pid 5657] rt_sigprocmask(SIG_SETMASK, [], [pid 5659] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5658] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5657] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5659] <... rseq resumed>) = 0 [pid 5658] <... futex resumed>) = 0 [pid 5657] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5659] set_robust_list(0x7eff0a3299a0, 24 [pid 5658] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5657] <... futex resumed>) = 0 [pid 5659] <... set_robust_list resumed>) = 0 [pid 5657] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5659] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5659] creat("./file1", 000) = 5 [pid 5659] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5657] <... futex resumed>) = 0 [pid 5659] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5657] close(3) = 0 [pid 5657] close(4) = 0 [pid 5657] close(5) = 0 [pid 5657] close(6) = -1 EBADF (Bad file descriptor) [pid 5657] close(7) = -1 EBADF (Bad file descriptor) [pid 5657] close(8) = -1 EBADF (Bad file descriptor) [pid 5657] close(9) = -1 EBADF (Bad file descriptor) [pid 5657] close(10) = -1 EBADF (Bad file descriptor) [pid 5657] close(11) = -1 EBADF (Bad file descriptor) [pid 5657] close(12) = -1 EBADF (Bad file descriptor) [pid 5657] close(13) = -1 EBADF (Bad file descriptor) [pid 5657] close(14) = -1 EBADF (Bad file descriptor) [pid 5657] close(15) = -1 EBADF (Bad file descriptor) [pid 5657] close(16) = -1 EBADF (Bad file descriptor) [pid 5657] close(17) = -1 EBADF (Bad file descriptor) [pid 5657] close(18) = -1 EBADF (Bad file descriptor) [pid 5657] close(19) = -1 EBADF (Bad file descriptor) [pid 5657] close(20) = -1 EBADF (Bad file descriptor) [pid 5657] close(21) = -1 EBADF (Bad file descriptor) [pid 5657] close(22) = -1 EBADF (Bad file descriptor) [pid 5657] close(23) = -1 EBADF (Bad file descriptor) [pid 5657] close(24) = -1 EBADF (Bad file descriptor) [pid 5657] close(25) = -1 EBADF (Bad file descriptor) [pid 5657] close(26) = -1 EBADF (Bad file descriptor) [pid 5657] close(27) = -1 EBADF (Bad file descriptor) [pid 5657] close(28) = -1 EBADF (Bad file descriptor) [pid 5657] close(29) = -1 EBADF (Bad file descriptor) [pid 5657] exit_group(0) = ? [pid 5658] <... futex resumed>) = ? [pid 5659] <... futex resumed>) = ? [pid 5658] +++ exited with 0 +++ [pid 5659] +++ exited with 0 +++ [pid 5657] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=587, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./195", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./195", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./195/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./195/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./195/cgroup.cpu") = 0 [pid 5063] umount2("./195/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./195/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./195/binderfs") = 0 [pid 5063] umount2("./195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./195/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./195/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./195/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./195/file0") = 0 [pid 5063] umount2("./195/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./195/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./195/cgroup") = 0 [pid 5063] umount2("./195/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./195/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./195/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./195") = 0 [pid 5063] mkdir("./196", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5660 attached , child_tidptr=0x5555560b8690) = 590 [pid 5660] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5660] chdir("./196") = 0 [pid 5660] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5660] setpgid(0, 0) = 0 [pid 5660] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5660] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5660] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5660] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5660] write(3, "1000", 4) = 4 [pid 5660] close(3) = 0 [pid 5660] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5660] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5660] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5660] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5660] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5660] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5660] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5660] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5661 attached => {parent_tid=[591]}, 88) = 591 [pid 5661] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5660] rt_sigprocmask(SIG_SETMASK, [], [pid 5661] <... rseq resumed>) = 0 [pid 5660] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5661] set_robust_list(0x7eff0a34a9a0, 24 [pid 5660] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5661] <... set_robust_list resumed>) = 0 [pid 5661] rt_sigprocmask(SIG_SETMASK, [], [pid 5660] <... futex resumed>) = 0 [pid 5661] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5660] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5661] memfd_create("syzkaller", 0) = 3 [pid 5661] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5661] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5661] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5661] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5661] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5661] close(3) = 0 [pid 5661] mkdir("./file0", 0777) = 0 [ 166.907011][ T5661] loop0: detected capacity change from 0 to 4096 [pid 5661] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5661] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5661] chdir("./file0") = 0 [pid 5661] ioctl(4, LOOP_CLR_FD) = 0 [pid 5661] close(4) = 0 [ 166.953099][ T5661] ntfs: volume version 3.1. [pid 5661] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5661] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5660] <... futex resumed>) = 0 [pid 5660] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5661] <... futex resumed>) = 0 [pid 5660] <... futex resumed>) = 1 [pid 5661] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5660] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5661] <... openat resumed>) = 4 [pid 5661] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5661] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5660] <... futex resumed>) = 0 [pid 5660] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5661] <... futex resumed>) = 0 [pid 5661] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5660] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5660] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5660] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5660] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5660] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5660] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5662 attached => {parent_tid=[592]}, 88) = 592 [pid 5662] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5660] rt_sigprocmask(SIG_SETMASK, [], [pid 5662] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5660] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5662] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5660] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5662] creat("./file1", 000 [pid 5660] <... futex resumed>) = 0 [pid 5660] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5662] <... creat resumed>) = 5 [pid 5662] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5660] <... futex resumed>) = 0 [pid 5662] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5661] <... write resumed>) = 1048064 [pid 5661] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5661] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5660] close(3) = 0 [pid 5660] close(4) = 0 [pid 5660] close(5) = 0 [pid 5660] close(6) = -1 EBADF (Bad file descriptor) [pid 5660] close(7) = -1 EBADF (Bad file descriptor) [pid 5660] close(8) = -1 EBADF (Bad file descriptor) [pid 5660] close(9) = -1 EBADF (Bad file descriptor) [pid 5660] close(10) = -1 EBADF (Bad file descriptor) [pid 5660] close(11) = -1 EBADF (Bad file descriptor) [pid 5660] close(12) = -1 EBADF (Bad file descriptor) [pid 5660] close(13) = -1 EBADF (Bad file descriptor) [pid 5660] close(14) = -1 EBADF (Bad file descriptor) [pid 5660] close(15) = -1 EBADF (Bad file descriptor) [pid 5660] close(16) = -1 EBADF (Bad file descriptor) [pid 5660] close(17) = -1 EBADF (Bad file descriptor) [pid 5660] close(18) = -1 EBADF (Bad file descriptor) [pid 5660] close(19) = -1 EBADF (Bad file descriptor) [pid 5660] close(20) = -1 EBADF (Bad file descriptor) [pid 5660] close(21) = -1 EBADF (Bad file descriptor) [pid 5660] close(22) = -1 EBADF (Bad file descriptor) [pid 5660] close(23) = -1 EBADF (Bad file descriptor) [pid 5660] close(24) = -1 EBADF (Bad file descriptor) [pid 5660] close(25) = -1 EBADF (Bad file descriptor) [pid 5660] close(26) = -1 EBADF (Bad file descriptor) [pid 5660] close(27) = -1 EBADF (Bad file descriptor) [pid 5660] close(28) = -1 EBADF (Bad file descriptor) [pid 5660] close(29) = -1 EBADF (Bad file descriptor) [pid 5660] exit_group(0 [pid 5662] <... futex resumed>) = ? [pid 5661] <... futex resumed>) = ? [pid 5660] <... exit_group resumed>) = ? [pid 5662] +++ exited with 0 +++ [pid 5661] +++ exited with 0 +++ [pid 5660] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=590, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./196", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./196", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./196/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./196/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./196/cgroup.cpu") = 0 [pid 5063] umount2("./196/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./196/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./196/binderfs") = 0 [pid 5063] umount2("./196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./196/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./196/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./196/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./196/file0") = 0 [pid 5063] umount2("./196/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./196/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./196/cgroup") = 0 [pid 5063] umount2("./196/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./196/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./196/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./196") = 0 [pid 5063] mkdir("./197", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5663 attached [pid 5663] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 593 [pid 5663] <... set_robust_list resumed>) = 0 [pid 5663] chdir("./197") = 0 [pid 5663] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5663] setpgid(0, 0) = 0 [pid 5663] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5663] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5663] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5663] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5663] write(3, "1000", 4) = 4 [pid 5663] close(3) = 0 [pid 5663] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5663] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5663] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5663] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5663] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5663] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5663] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5663] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5664 attached => {parent_tid=[594]}, 88) = 594 [pid 5664] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5663] rt_sigprocmask(SIG_SETMASK, [], [pid 5664] <... rseq resumed>) = 0 [pid 5663] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5664] set_robust_list(0x7eff0a34a9a0, 24 [pid 5663] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5664] <... set_robust_list resumed>) = 0 [pid 5664] rt_sigprocmask(SIG_SETMASK, [], [pid 5663] <... futex resumed>) = 0 [pid 5664] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5663] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5664] memfd_create("syzkaller", 0) = 3 [pid 5664] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5664] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5664] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5664] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5664] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5664] close(3) = 0 [pid 5664] mkdir("./file0", 0777) = 0 [pid 5664] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5664] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5664] chdir("./file0") = 0 [pid 5664] ioctl(4, LOOP_CLR_FD) = 0 [pid 5664] close(4) = 0 [pid 5664] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5663] <... futex resumed>) = 0 [pid 5664] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5663] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5664] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5664] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5663] <... futex resumed>) = 0 [pid 5663] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5664] <... openat resumed>) = 4 [pid 5664] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5663] <... futex resumed>) = 0 [pid 5664] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [ 167.610302][ T5664] loop0: detected capacity change from 0 to 4096 [ 167.632396][ T5664] ntfs: volume version 3.1. [pid 5663] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5664] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5664] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5663] <... futex resumed>) = 0 [pid 5663] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5663] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5663] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5663] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5663] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5663] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5665 attached [pid 5665] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5665] set_robust_list(0x7eff0a3299a0, 24 [pid 5663] <... clone3 resumed> => {parent_tid=[595]}, 88) = 595 [pid 5665] <... set_robust_list resumed>) = 0 [pid 5665] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5665] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5663] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5663] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5665] <... futex resumed>) = 0 [pid 5663] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5665] creat("./file1", 000) = 5 [pid 5664] <... write resumed>) = 1048064 [pid 5665] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5664] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5663] <... futex resumed>) = 0 [pid 5665] <... futex resumed>) = 1 [pid 5663] close(3 [pid 5665] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5664] <... futex resumed>) = 0 [pid 5663] <... close resumed>) = 0 [pid 5664] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5663] close(4) = 0 [pid 5663] close(5) = 0 [pid 5663] close(6) = -1 EBADF (Bad file descriptor) [pid 5663] close(7) = -1 EBADF (Bad file descriptor) [pid 5663] close(8) = -1 EBADF (Bad file descriptor) [pid 5663] close(9) = -1 EBADF (Bad file descriptor) [pid 5663] close(10) = -1 EBADF (Bad file descriptor) [pid 5663] close(11) = -1 EBADF (Bad file descriptor) [pid 5663] close(12) = -1 EBADF (Bad file descriptor) [pid 5663] close(13) = -1 EBADF (Bad file descriptor) [pid 5663] close(14) = -1 EBADF (Bad file descriptor) [pid 5663] close(15) = -1 EBADF (Bad file descriptor) [pid 5663] close(16) = -1 EBADF (Bad file descriptor) [pid 5663] close(17) = -1 EBADF (Bad file descriptor) [pid 5663] close(18) = -1 EBADF (Bad file descriptor) [pid 5663] close(19) = -1 EBADF (Bad file descriptor) [pid 5663] close(20) = -1 EBADF (Bad file descriptor) [pid 5663] close(21) = -1 EBADF (Bad file descriptor) [pid 5663] close(22) = -1 EBADF (Bad file descriptor) [pid 5663] close(23) = -1 EBADF (Bad file descriptor) [pid 5663] close(24) = -1 EBADF (Bad file descriptor) [pid 5663] close(25) = -1 EBADF (Bad file descriptor) [pid 5663] close(26) = -1 EBADF (Bad file descriptor) [pid 5663] close(27) = -1 EBADF (Bad file descriptor) [pid 5663] close(28) = -1 EBADF (Bad file descriptor) [pid 5663] close(29) = -1 EBADF (Bad file descriptor) [pid 5663] exit_group(0) = ? [pid 5665] <... futex resumed>) = ? [pid 5664] <... futex resumed>) = ? [pid 5665] +++ exited with 0 +++ [pid 5664] +++ exited with 0 +++ [pid 5663] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=593, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./197", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./197", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./197/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./197/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./197/cgroup.cpu") = 0 [pid 5063] umount2("./197/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./197/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./197/binderfs") = 0 [pid 5063] umount2("./197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./197/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./197/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./197/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./197/file0") = 0 [pid 5063] umount2("./197/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./197/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./197/cgroup") = 0 [pid 5063] umount2("./197/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./197/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./197/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./197") = 0 [pid 5063] mkdir("./198", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 596 ./strace-static-x86_64: Process 5666 attached [pid 5666] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5666] chdir("./198") = 0 [pid 5666] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5666] setpgid(0, 0) = 0 [pid 5666] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5666] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5666] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5666] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5666] write(3, "1000", 4) = 4 [pid 5666] close(3) = 0 [pid 5666] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5666] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5666] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5666] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5666] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5666] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5666] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5666] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5667 attached => {parent_tid=[597]}, 88) = 597 [pid 5667] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5666] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5666] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5666] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5667] <... rseq resumed>) = 0 [pid 5667] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5667] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5667] memfd_create("syzkaller", 0) = 3 [pid 5667] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5667] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5667] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5667] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5667] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5667] close(3) = 0 [pid 5667] mkdir("./file0", 0777) = 0 [pid 5667] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5667] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5667] chdir("./file0") = 0 [pid 5667] ioctl(4, LOOP_CLR_FD) = 0 [pid 5667] close(4) = 0 [pid 5667] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5666] <... futex resumed>) = 0 [pid 5666] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5666] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5667] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5667] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5666] <... futex resumed>) = 0 [ 168.221121][ T5667] loop0: detected capacity change from 0 to 4096 [ 168.240765][ T5667] ntfs: volume version 3.1. [pid 5667] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5666] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5666] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5666] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5666] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5666] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5666] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5666] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5668 attached => {parent_tid=[598]}, 88) = 598 [pid 5668] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5666] rt_sigprocmask(SIG_SETMASK, [], [pid 5668] set_robust_list(0x7eff0a3299a0, 24 [pid 5666] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5668] <... set_robust_list resumed>) = 0 [pid 5666] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5668] rt_sigprocmask(SIG_SETMASK, [], [pid 5666] <... futex resumed>) = 0 [pid 5668] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5666] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5668] creat("./file1", 000) = 5 [pid 5667] <... write resumed>) = 1048064 [pid 5668] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5667] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5666] <... futex resumed>) = 0 [pid 5668] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5666] close(3 [pid 5667] <... futex resumed>) = 0 [pid 5666] <... close resumed>) = 0 [pid 5667] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5666] close(4) = 0 [pid 5666] close(5) = 0 [pid 5666] close(6) = -1 EBADF (Bad file descriptor) [pid 5666] close(7) = -1 EBADF (Bad file descriptor) [pid 5666] close(8) = -1 EBADF (Bad file descriptor) [pid 5666] close(9) = -1 EBADF (Bad file descriptor) [pid 5666] close(10) = -1 EBADF (Bad file descriptor) [pid 5666] close(11) = -1 EBADF (Bad file descriptor) [pid 5666] close(12) = -1 EBADF (Bad file descriptor) [pid 5666] close(13) = -1 EBADF (Bad file descriptor) [pid 5666] close(14) = -1 EBADF (Bad file descriptor) [pid 5666] close(15) = -1 EBADF (Bad file descriptor) [pid 5666] close(16) = -1 EBADF (Bad file descriptor) [pid 5666] close(17) = -1 EBADF (Bad file descriptor) [pid 5666] close(18) = -1 EBADF (Bad file descriptor) [pid 5666] close(19) = -1 EBADF (Bad file descriptor) [pid 5666] close(20) = -1 EBADF (Bad file descriptor) [pid 5666] close(21) = -1 EBADF (Bad file descriptor) [pid 5666] close(22) = -1 EBADF (Bad file descriptor) [pid 5666] close(23) = -1 EBADF (Bad file descriptor) [pid 5666] close(24) = -1 EBADF (Bad file descriptor) [pid 5666] close(25) = -1 EBADF (Bad file descriptor) [pid 5666] close(26) = -1 EBADF (Bad file descriptor) [pid 5666] close(27) = -1 EBADF (Bad file descriptor) [pid 5666] close(28) = -1 EBADF (Bad file descriptor) [pid 5666] close(29) = -1 EBADF (Bad file descriptor) [pid 5666] exit_group(0 [pid 5668] <... futex resumed>) = ? [pid 5667] <... futex resumed>) = ? [pid 5666] <... exit_group resumed>) = ? [pid 5668] +++ exited with 0 +++ [pid 5667] +++ exited with 0 +++ [pid 5666] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=596, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./198", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./198", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./198/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./198/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./198/cgroup.cpu") = 0 [pid 5063] umount2("./198/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./198/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./198/binderfs") = 0 [pid 5063] umount2("./198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./198/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./198/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./198/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./198/file0") = 0 [pid 5063] umount2("./198/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./198/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./198/cgroup") = 0 [pid 5063] umount2("./198/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./198/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./198/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./198") = 0 [pid 5063] mkdir("./199", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5669 attached , child_tidptr=0x5555560b8690) = 599 [pid 5669] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5669] chdir("./199") = 0 [pid 5669] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5669] setpgid(0, 0) = 0 [pid 5669] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5669] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5669] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5669] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5669] write(3, "1000", 4) = 4 [pid 5669] close(3) = 0 [pid 5669] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5669] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5669] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5669] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5669] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5669] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5669] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5669] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5670 attached => {parent_tid=[600]}, 88) = 600 [pid 5670] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5670] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5670] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5670] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5669] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5669] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5670] <... futex resumed>) = 0 [pid 5669] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5670] memfd_create("syzkaller", 0) = 3 [pid 5670] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5670] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5670] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5670] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5670] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5670] close(3) = 0 [pid 5670] mkdir("./file0", 0777) = 0 [pid 5670] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5670] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5670] chdir("./file0") = 0 [pid 5670] ioctl(4, LOOP_CLR_FD) = 0 [pid 5670] close(4) = 0 [pid 5670] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5669] <... futex resumed>) = 0 [pid 5670] <... futex resumed>) = 1 [pid 5669] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5670] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5669] <... futex resumed>) = 0 [pid 5669] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5670] <... openat resumed>) = 4 [pid 5670] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5669] <... futex resumed>) = 0 [pid 5670] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5669] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 168.720765][ T5670] loop0: detected capacity change from 0 to 4096 [ 168.746003][ T5670] ntfs: volume version 3.1. [pid 5669] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5669] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5669] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5669] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5669] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5669] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5671 attached [pid 5671] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5669] <... clone3 resumed> => {parent_tid=[601]}, 88) = 601 [pid 5671] set_robust_list(0x7eff0a3299a0, 24 [pid 5669] rt_sigprocmask(SIG_SETMASK, [], [pid 5671] <... set_robust_list resumed>) = 0 [pid 5669] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5669] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5669] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5671] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5671] creat("./file1", 000) = 5 [pid 5670] <... write resumed>) = 1048064 [pid 5671] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5670] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5671] <... futex resumed>) = 1 [pid 5669] <... futex resumed>) = 0 [pid 5671] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5670] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5669] close(3) = 0 [pid 5669] close(4) = 0 [pid 5669] close(5) = 0 [pid 5669] close(6) = -1 EBADF (Bad file descriptor) [pid 5669] close(7) = -1 EBADF (Bad file descriptor) [pid 5669] close(8) = -1 EBADF (Bad file descriptor) [pid 5669] close(9) = -1 EBADF (Bad file descriptor) [pid 5669] close(10) = -1 EBADF (Bad file descriptor) [pid 5669] close(11) = -1 EBADF (Bad file descriptor) [pid 5669] close(12) = -1 EBADF (Bad file descriptor) [pid 5669] close(13) = -1 EBADF (Bad file descriptor) [pid 5669] close(14) = -1 EBADF (Bad file descriptor) [pid 5669] close(15) = -1 EBADF (Bad file descriptor) [pid 5669] close(16) = -1 EBADF (Bad file descriptor) [pid 5669] close(17) = -1 EBADF (Bad file descriptor) [pid 5669] close(18) = -1 EBADF (Bad file descriptor) [pid 5669] close(19) = -1 EBADF (Bad file descriptor) [pid 5669] close(20) = -1 EBADF (Bad file descriptor) [pid 5669] close(21) = -1 EBADF (Bad file descriptor) [pid 5669] close(22) = -1 EBADF (Bad file descriptor) [pid 5669] close(23) = -1 EBADF (Bad file descriptor) [pid 5669] close(24) = -1 EBADF (Bad file descriptor) [pid 5669] close(25) = -1 EBADF (Bad file descriptor) [pid 5669] close(26) = -1 EBADF (Bad file descriptor) [pid 5669] close(27) = -1 EBADF (Bad file descriptor) [pid 5669] close(28) = -1 EBADF (Bad file descriptor) [pid 5669] close(29) = -1 EBADF (Bad file descriptor) [pid 5669] exit_group(0 [pid 5671] <... futex resumed>) = ? [pid 5670] <... futex resumed>) = ? [pid 5671] +++ exited with 0 +++ [pid 5669] <... exit_group resumed>) = ? [pid 5670] +++ exited with 0 +++ [pid 5669] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=599, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./199", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./199", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./199/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./199/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./199/cgroup.cpu") = 0 [pid 5063] umount2("./199/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./199/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./199/binderfs") = 0 [pid 5063] umount2("./199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./199/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./199/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./199/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./199/file0") = 0 [pid 5063] umount2("./199/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./199/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./199/cgroup") = 0 [pid 5063] umount2("./199/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./199/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./199/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./199") = 0 [pid 5063] mkdir("./200", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5672 attached , child_tidptr=0x5555560b8690) = 602 [pid 5672] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5672] chdir("./200") = 0 [pid 5672] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5672] setpgid(0, 0) = 0 [pid 5672] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5672] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5672] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5672] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5672] write(3, "1000", 4) = 4 [pid 5672] close(3) = 0 [pid 5672] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5672] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5672] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5672] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5672] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5672] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5672] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5672] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5673 attached => {parent_tid=[603]}, 88) = 603 [pid 5673] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5672] rt_sigprocmask(SIG_SETMASK, [], [pid 5673] <... rseq resumed>) = 0 [pid 5672] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5673] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5672] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5673] rt_sigprocmask(SIG_SETMASK, [], [pid 5672] <... futex resumed>) = 0 [pid 5673] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5672] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5673] memfd_create("syzkaller", 0) = 3 [pid 5673] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5673] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5673] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5673] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5673] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5673] close(3) = 0 [pid 5673] mkdir("./file0", 0777) = 0 [pid 5673] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5673] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5673] chdir("./file0") = 0 [pid 5673] ioctl(4, LOOP_CLR_FD) = 0 [pid 5673] close(4) = 0 [ 169.281121][ T5673] loop0: detected capacity change from 0 to 4096 [ 169.312157][ T5673] ntfs: volume version 3.1. [pid 5673] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5672] <... futex resumed>) = 0 [pid 5672] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5672] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5673] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5673] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5673] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5672] <... futex resumed>) = 0 [pid 5672] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5672] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5673] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5673] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5672] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5672] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5672] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5672] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5672] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5672] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5672] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5674 attached [pid 5674] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5672] <... clone3 resumed> => {parent_tid=[604]}, 88) = 604 [pid 5674] set_robust_list(0x7eff0a3299a0, 24 [pid 5672] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5674] <... set_robust_list resumed>) = 0 [pid 5672] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5674] rt_sigprocmask(SIG_SETMASK, [], [pid 5672] <... futex resumed>) = 0 [pid 5674] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5674] creat("./file1", 000 [pid 5672] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5674] <... creat resumed>) = 5 [pid 5673] <... write resumed>) = 1048064 [pid 5674] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5673] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5674] <... futex resumed>) = 1 [pid 5672] <... futex resumed>) = 0 [pid 5674] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5673] <... futex resumed>) = 0 [pid 5672] close(3) = 0 [pid 5672] close(4) = 0 [pid 5672] close(5 [pid 5673] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5672] <... close resumed>) = 0 [pid 5672] close(6) = -1 EBADF (Bad file descriptor) [pid 5672] close(7) = -1 EBADF (Bad file descriptor) [pid 5672] close(8) = -1 EBADF (Bad file descriptor) [pid 5672] close(9) = -1 EBADF (Bad file descriptor) [pid 5672] close(10) = -1 EBADF (Bad file descriptor) [pid 5672] close(11) = -1 EBADF (Bad file descriptor) [pid 5672] close(12) = -1 EBADF (Bad file descriptor) [pid 5672] close(13) = -1 EBADF (Bad file descriptor) [pid 5672] close(14) = -1 EBADF (Bad file descriptor) [pid 5672] close(15) = -1 EBADF (Bad file descriptor) [pid 5672] close(16) = -1 EBADF (Bad file descriptor) [pid 5672] close(17) = -1 EBADF (Bad file descriptor) [pid 5672] close(18) = -1 EBADF (Bad file descriptor) [pid 5672] close(19) = -1 EBADF (Bad file descriptor) [pid 5672] close(20) = -1 EBADF (Bad file descriptor) [pid 5672] close(21) = -1 EBADF (Bad file descriptor) [pid 5672] close(22) = -1 EBADF (Bad file descriptor) [pid 5672] close(23) = -1 EBADF (Bad file descriptor) [pid 5672] close(24) = -1 EBADF (Bad file descriptor) [pid 5672] close(25) = -1 EBADF (Bad file descriptor) [pid 5672] close(26) = -1 EBADF (Bad file descriptor) [pid 5672] close(27) = -1 EBADF (Bad file descriptor) [pid 5672] close(28) = -1 EBADF (Bad file descriptor) [pid 5672] close(29) = -1 EBADF (Bad file descriptor) [pid 5672] exit_group(0) = ? [pid 5673] <... futex resumed>) = ? [pid 5674] <... futex resumed>) = ? [pid 5674] +++ exited with 0 +++ [pid 5673] +++ exited with 0 +++ [pid 5672] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=602, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5063] umount2("./200", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./200", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./200/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./200/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./200/cgroup.cpu") = 0 [pid 5063] umount2("./200/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./200/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./200/binderfs") = 0 [pid 5063] umount2("./200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./200/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./200/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./200/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./200/file0") = 0 [pid 5063] umount2("./200/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./200/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./200/cgroup") = 0 [pid 5063] umount2("./200/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./200/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./200/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./200") = 0 [pid 5063] mkdir("./201", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5675 attached , child_tidptr=0x5555560b8690) = 605 [pid 5675] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5675] chdir("./201") = 0 [pid 5675] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5675] setpgid(0, 0) = 0 [pid 5675] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5675] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5675] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5675] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5675] write(3, "1000", 4) = 4 [pid 5675] close(3) = 0 [pid 5675] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5675] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5675] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5675] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5675] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5675] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5675] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5675] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[606]}, 88) = 606 ./strace-static-x86_64: Process 5676 attached [pid 5676] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5675] rt_sigprocmask(SIG_SETMASK, [], [pid 5676] <... rseq resumed>) = 0 [pid 5676] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5675] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5676] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5676] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5675] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5676] <... futex resumed>) = 0 [pid 5675] <... futex resumed>) = 1 [pid 5675] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5676] memfd_create("syzkaller", 0) = 3 [pid 5676] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5676] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5676] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5676] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5676] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5676] close(3) = 0 [pid 5676] mkdir("./file0", 0777) = 0 [ 169.863854][ T5676] loop0: detected capacity change from 0 to 4096 [ 169.877560][ T5676] __ntfs_warning: 170 callbacks suppressed [ 169.877568][ T5676] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 169.904078][ T5676] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 169.913649][ T5676] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 169.929920][ T5676] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 169.938796][ T5676] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 169.958804][ T5676] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 169.967543][ T5676] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 169.987719][ T5676] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5676] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5676] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5676] chdir("./file0") = 0 [pid 5676] ioctl(4, LOOP_CLR_FD) = 0 [pid 5676] close(4) = 0 [pid 5676] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5675] <... futex resumed>) = 0 [pid 5676] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5675] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5676] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5675] <... futex resumed>) = 0 [pid 5676] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 169.996435][ T5676] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 170.016406][ T5676] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 170.026774][ T5676] ntfs: volume version 3.1. [pid 5675] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5676] <... openat resumed>) = 4 [pid 5676] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5675] <... futex resumed>) = 0 [pid 5676] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5675] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5676] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5675] <... futex resumed>) = 0 [pid 5676] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5675] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5675] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5675] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5675] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5675] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5675] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5677 attached [pid 5677] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5675] <... clone3 resumed> => {parent_tid=[607]}, 88) = 607 [pid 5677] set_robust_list(0x7eff0a3299a0, 24 [pid 5675] rt_sigprocmask(SIG_SETMASK, [], [pid 5677] <... set_robust_list resumed>) = 0 [pid 5675] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5677] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5677] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5675] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5677] <... futex resumed>) = 0 [pid 5675] <... futex resumed>) = 1 [pid 5677] creat("./file1", 000 [pid 5675] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5677] <... creat resumed>) = 5 [pid 5676] <... write resumed>) = 1048064 [pid 5677] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5677] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5675] <... futex resumed>) = 0 [pid 5676] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5676] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5675] close(3) = 0 [pid 5675] close(4) = 0 [pid 5675] close(5) = 0 [pid 5675] close(6) = -1 EBADF (Bad file descriptor) [pid 5675] close(7) = -1 EBADF (Bad file descriptor) [pid 5675] close(8) = -1 EBADF (Bad file descriptor) [pid 5675] close(9) = -1 EBADF (Bad file descriptor) [pid 5675] close(10) = -1 EBADF (Bad file descriptor) [pid 5675] close(11) = -1 EBADF (Bad file descriptor) [pid 5675] close(12) = -1 EBADF (Bad file descriptor) [pid 5675] close(13) = -1 EBADF (Bad file descriptor) [pid 5675] close(14) = -1 EBADF (Bad file descriptor) [pid 5675] close(15) = -1 EBADF (Bad file descriptor) [pid 5675] close(16) = -1 EBADF (Bad file descriptor) [pid 5675] close(17) = -1 EBADF (Bad file descriptor) [pid 5675] close(18) = -1 EBADF (Bad file descriptor) [pid 5675] close(19) = -1 EBADF (Bad file descriptor) [pid 5675] close(20) = -1 EBADF (Bad file descriptor) [pid 5675] close(21) = -1 EBADF (Bad file descriptor) [pid 5675] close(22) = -1 EBADF (Bad file descriptor) [pid 5675] close(23) = -1 EBADF (Bad file descriptor) [pid 5675] close(24) = -1 EBADF (Bad file descriptor) [pid 5675] close(25) = -1 EBADF (Bad file descriptor) [pid 5675] close(26) = -1 EBADF (Bad file descriptor) [pid 5675] close(27) = -1 EBADF (Bad file descriptor) [pid 5675] close(28) = -1 EBADF (Bad file descriptor) [pid 5675] close(29) = -1 EBADF (Bad file descriptor) [pid 5675] exit_group(0 [pid 5677] <... futex resumed>) = ? [pid 5677] +++ exited with 0 +++ [pid 5676] <... futex resumed>) = ? [pid 5675] <... exit_group resumed>) = ? [pid 5676] +++ exited with 0 +++ [pid 5675] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=605, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./201", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./201", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./201/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./201/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./201/cgroup.cpu") = 0 [pid 5063] umount2("./201/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./201/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./201/binderfs") = 0 [pid 5063] umount2("./201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./201/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./201/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./201/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./201/file0") = 0 [pid 5063] umount2("./201/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./201/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./201/cgroup") = 0 [pid 5063] umount2("./201/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./201/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./201/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./201") = 0 [pid 5063] mkdir("./202", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5678 attached , child_tidptr=0x5555560b8690) = 608 [pid 5678] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5678] chdir("./202") = 0 [pid 5678] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5678] setpgid(0, 0) = 0 [pid 5678] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5678] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5678] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5678] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5678] write(3, "1000", 4) = 4 [pid 5678] close(3) = 0 [pid 5678] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5678] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5678] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5678] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5678] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5678] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5678] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5678] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5679 attached [pid 5679] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5679] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5678] <... clone3 resumed> => {parent_tid=[609]}, 88) = 609 [pid 5679] rt_sigprocmask(SIG_SETMASK, [], [pid 5678] rt_sigprocmask(SIG_SETMASK, [], [pid 5679] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5679] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5678] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5678] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5679] <... futex resumed>) = 0 [pid 5678] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5679] memfd_create("syzkaller", 0) = 3 [pid 5679] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5679] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5679] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5679] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5679] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5679] close(3) = 0 [pid 5679] mkdir("./file0", 0777) = 0 [pid 5679] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5679] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5679] chdir("./file0") = 0 [pid 5679] ioctl(4, LOOP_CLR_FD) = 0 [pid 5679] close(4) = 0 [pid 5679] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5678] <... futex resumed>) = 0 [pid 5679] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5678] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5679] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5678] <... futex resumed>) = 0 [pid 5679] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5678] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5679] <... openat resumed>) = 4 [pid 5679] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5678] <... futex resumed>) = 0 [pid 5678] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5679] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5678] <... futex resumed>) = 0 [ 170.620942][ T5679] loop0: detected capacity change from 0 to 4096 [ 170.642512][ T5679] ntfs: volume version 3.1. [pid 5678] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5678] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5678] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5678] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5678] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5678] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5680 attached [pid 5680] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5678] <... clone3 resumed> => {parent_tid=[610]}, 88) = 610 [pid 5680] set_robust_list(0x7eff0a3299a0, 24 [pid 5678] rt_sigprocmask(SIG_SETMASK, [], [pid 5680] <... set_robust_list resumed>) = 0 [pid 5678] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5680] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5678] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5680] creat("./file1", 000) = 5 [pid 5678] <... futex resumed>) = 0 [pid 5680] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5679] <... write resumed>) = 1048064 [pid 5678] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5680] <... futex resumed>) = 0 [pid 5678] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5679] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5680] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5679] <... futex resumed>) = 0 [pid 5678] close(3) = 0 [pid 5679] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5678] close(4) = 0 [pid 5678] close(5) = 0 [pid 5678] close(6) = -1 EBADF (Bad file descriptor) [pid 5678] close(7) = -1 EBADF (Bad file descriptor) [pid 5678] close(8) = -1 EBADF (Bad file descriptor) [pid 5678] close(9) = -1 EBADF (Bad file descriptor) [pid 5678] close(10) = -1 EBADF (Bad file descriptor) [pid 5678] close(11) = -1 EBADF (Bad file descriptor) [pid 5678] close(12) = -1 EBADF (Bad file descriptor) [pid 5678] close(13) = -1 EBADF (Bad file descriptor) [pid 5678] close(14) = -1 EBADF (Bad file descriptor) [pid 5678] close(15) = -1 EBADF (Bad file descriptor) [pid 5678] close(16) = -1 EBADF (Bad file descriptor) [pid 5678] close(17) = -1 EBADF (Bad file descriptor) [pid 5678] close(18) = -1 EBADF (Bad file descriptor) [pid 5678] close(19) = -1 EBADF (Bad file descriptor) [pid 5678] close(20) = -1 EBADF (Bad file descriptor) [pid 5678] close(21) = -1 EBADF (Bad file descriptor) [pid 5678] close(22) = -1 EBADF (Bad file descriptor) [pid 5678] close(23) = -1 EBADF (Bad file descriptor) [pid 5678] close(24) = -1 EBADF (Bad file descriptor) [pid 5678] close(25) = -1 EBADF (Bad file descriptor) [pid 5678] close(26) = -1 EBADF (Bad file descriptor) [pid 5678] close(27) = -1 EBADF (Bad file descriptor) [pid 5678] close(28) = -1 EBADF (Bad file descriptor) [pid 5678] close(29) = -1 EBADF (Bad file descriptor) [pid 5678] exit_group(0 [pid 5679] <... futex resumed>) = ? [pid 5678] <... exit_group resumed>) = ? [pid 5680] <... futex resumed>) = ? [pid 5679] +++ exited with 0 +++ [pid 5680] +++ exited with 0 +++ [pid 5678] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=608, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./202", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./202", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./202/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./202/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./202/cgroup.cpu") = 0 [pid 5063] umount2("./202/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./202/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./202/binderfs") = 0 [pid 5063] umount2("./202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./202/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./202/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./202/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./202/file0") = 0 [pid 5063] umount2("./202/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./202/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./202/cgroup") = 0 [pid 5063] umount2("./202/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./202/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./202/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./202") = 0 [pid 5063] mkdir("./203", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5681 attached [pid 5681] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 611 [pid 5681] chdir("./203") = 0 [pid 5681] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5681] setpgid(0, 0) = 0 [pid 5681] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5681] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5681] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5681] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5681] write(3, "1000", 4) = 4 [pid 5681] close(3) = 0 [pid 5681] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5681] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5681] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5681] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5681] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5681] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5681] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5681] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5682 attached => {parent_tid=[612]}, 88) = 612 [pid 5682] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5681] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5681] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5681] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5682] <... rseq resumed>) = 0 [pid 5682] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5682] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5682] memfd_create("syzkaller", 0) = 3 [pid 5682] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5682] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5682] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5682] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5682] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5682] close(3) = 0 [pid 5682] mkdir("./file0", 0777) = 0 [pid 5682] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5682] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5682] chdir("./file0") = 0 [pid 5682] ioctl(4, LOOP_CLR_FD) = 0 [pid 5682] close(4) = 0 [pid 5682] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5681] <... futex resumed>) = 0 [pid 5682] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5681] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5682] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5681] <... futex resumed>) = 0 [pid 5681] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5682] <... openat resumed>) = 4 [pid 5682] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5681] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5681] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5682] <... futex resumed>) = 0 [pid 5681] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 171.121820][ T5682] loop0: detected capacity change from 0 to 4096 [ 171.137830][ T5682] ntfs: volume version 3.1. [pid 5682] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5681] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5681] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5681] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5681] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5681] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5681] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5683 attached => {parent_tid=[613]}, 88) = 613 [pid 5683] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5681] rt_sigprocmask(SIG_SETMASK, [], [pid 5683] <... rseq resumed>) = 0 [pid 5681] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5683] set_robust_list(0x7eff0a3299a0, 24 [pid 5681] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5683] <... set_robust_list resumed>) = 0 [pid 5681] <... futex resumed>) = 0 [pid 5683] rt_sigprocmask(SIG_SETMASK, [], [pid 5681] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5683] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5683] creat("./file1", 000) = 5 [pid 5683] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5682] <... write resumed>) = 1048064 [pid 5683] <... futex resumed>) = 1 [pid 5682] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5681] <... futex resumed>) = 0 [pid 5683] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5682] <... futex resumed>) = 0 [pid 5681] close(3 [pid 5682] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5681] <... close resumed>) = 0 [pid 5681] close(4) = 0 [pid 5681] close(5) = 0 [pid 5681] close(6) = -1 EBADF (Bad file descriptor) [pid 5681] close(7) = -1 EBADF (Bad file descriptor) [pid 5681] close(8) = -1 EBADF (Bad file descriptor) [pid 5681] close(9) = -1 EBADF (Bad file descriptor) [pid 5681] close(10) = -1 EBADF (Bad file descriptor) [pid 5681] close(11) = -1 EBADF (Bad file descriptor) [pid 5681] close(12) = -1 EBADF (Bad file descriptor) [pid 5681] close(13) = -1 EBADF (Bad file descriptor) [pid 5681] close(14) = -1 EBADF (Bad file descriptor) [pid 5681] close(15) = -1 EBADF (Bad file descriptor) [pid 5681] close(16) = -1 EBADF (Bad file descriptor) [pid 5681] close(17) = -1 EBADF (Bad file descriptor) [pid 5681] close(18) = -1 EBADF (Bad file descriptor) [pid 5681] close(19) = -1 EBADF (Bad file descriptor) [pid 5681] close(20) = -1 EBADF (Bad file descriptor) [pid 5681] close(21) = -1 EBADF (Bad file descriptor) [pid 5681] close(22) = -1 EBADF (Bad file descriptor) [pid 5681] close(23) = -1 EBADF (Bad file descriptor) [pid 5681] close(24) = -1 EBADF (Bad file descriptor) [pid 5681] close(25) = -1 EBADF (Bad file descriptor) [pid 5681] close(26) = -1 EBADF (Bad file descriptor) [pid 5681] close(27) = -1 EBADF (Bad file descriptor) [pid 5681] close(28) = -1 EBADF (Bad file descriptor) [pid 5681] close(29) = -1 EBADF (Bad file descriptor) [pid 5681] exit_group(0 [pid 5683] <... futex resumed>) = ? [pid 5682] <... futex resumed>) = ? [pid 5681] <... exit_group resumed>) = ? [pid 5683] +++ exited with 0 +++ [pid 5682] +++ exited with 0 +++ [pid 5681] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=611, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./203", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./203", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./203/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./203/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./203/cgroup.cpu") = 0 [pid 5063] umount2("./203/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./203/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./203/binderfs") = 0 [pid 5063] umount2("./203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./203/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./203/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./203/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./203/file0") = 0 [pid 5063] umount2("./203/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./203/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./203/cgroup") = 0 [pid 5063] umount2("./203/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./203/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./203/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./203") = 0 [pid 5063] mkdir("./204", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5684 attached , child_tidptr=0x5555560b8690) = 614 [pid 5684] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5684] chdir("./204") = 0 [pid 5684] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5684] setpgid(0, 0) = 0 [pid 5684] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5684] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5684] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5684] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5684] write(3, "1000", 4) = 4 [pid 5684] close(3) = 0 [pid 5684] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5684] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5684] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5684] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5684] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5684] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5684] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5684] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5685 attached => {parent_tid=[615]}, 88) = 615 [pid 5685] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5684] rt_sigprocmask(SIG_SETMASK, [], [pid 5685] <... rseq resumed>) = 0 [pid 5685] set_robust_list(0x7eff0a34a9a0, 24 [pid 5684] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5685] <... set_robust_list resumed>) = 0 [pid 5684] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5685] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5684] <... futex resumed>) = 0 [pid 5684] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5685] memfd_create("syzkaller", 0) = 3 [pid 5685] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5685] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5685] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5685] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5685] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5685] close(3) = 0 [pid 5685] mkdir("./file0", 0777) = 0 [pid 5685] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5685] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5685] chdir("./file0") = 0 [pid 5685] ioctl(4, LOOP_CLR_FD) = 0 [pid 5685] close(4) = 0 [pid 5685] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5684] <... futex resumed>) = 0 [pid 5685] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5684] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5685] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5684] <... futex resumed>) = 0 [pid 5684] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5685] <... openat resumed>) = 4 [pid 5685] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5685] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5684] <... futex resumed>) = 0 [pid 5684] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 171.714788][ T5685] loop0: detected capacity change from 0 to 4096 [ 171.745144][ T5685] ntfs: volume version 3.1. [pid 5684] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5685] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5685] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5684] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5684] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5684] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5684] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5684] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5684] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5686 attached => {parent_tid=[616]}, 88) = 616 [pid 5686] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5684] rt_sigprocmask(SIG_SETMASK, [], [pid 5686] <... rseq resumed>) = 0 [pid 5684] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5686] set_robust_list(0x7eff0a3299a0, 24 [pid 5684] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5686] <... set_robust_list resumed>) = 0 [pid 5686] rt_sigprocmask(SIG_SETMASK, [], [pid 5684] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5686] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5686] creat("./file1", 000) = 5 [pid 5686] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5685] <... write resumed>) = 1048064 [pid 5686] <... futex resumed>) = 1 [pid 5684] <... futex resumed>) = 0 [pid 5685] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5684] close(3 [pid 5686] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5685] <... futex resumed>) = 0 [pid 5685] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5684] <... close resumed>) = 0 [pid 5684] close(4) = 0 [pid 5684] close(5) = 0 [pid 5684] close(6) = -1 EBADF (Bad file descriptor) [pid 5684] close(7) = -1 EBADF (Bad file descriptor) [pid 5684] close(8) = -1 EBADF (Bad file descriptor) [pid 5684] close(9) = -1 EBADF (Bad file descriptor) [pid 5684] close(10) = -1 EBADF (Bad file descriptor) [pid 5684] close(11) = -1 EBADF (Bad file descriptor) [pid 5684] close(12) = -1 EBADF (Bad file descriptor) [pid 5684] close(13) = -1 EBADF (Bad file descriptor) [pid 5684] close(14) = -1 EBADF (Bad file descriptor) [pid 5684] close(15) = -1 EBADF (Bad file descriptor) [pid 5684] close(16) = -1 EBADF (Bad file descriptor) [pid 5684] close(17) = -1 EBADF (Bad file descriptor) [pid 5684] close(18) = -1 EBADF (Bad file descriptor) [pid 5684] close(19) = -1 EBADF (Bad file descriptor) [pid 5684] close(20) = -1 EBADF (Bad file descriptor) [pid 5684] close(21) = -1 EBADF (Bad file descriptor) [pid 5684] close(22) = -1 EBADF (Bad file descriptor) [pid 5684] close(23) = -1 EBADF (Bad file descriptor) [pid 5684] close(24) = -1 EBADF (Bad file descriptor) [pid 5684] close(25) = -1 EBADF (Bad file descriptor) [pid 5684] close(26) = -1 EBADF (Bad file descriptor) [pid 5684] close(27) = -1 EBADF (Bad file descriptor) [pid 5684] close(28) = -1 EBADF (Bad file descriptor) [pid 5684] close(29) = -1 EBADF (Bad file descriptor) [pid 5684] exit_group(0 [pid 5686] <... futex resumed>) = ? [pid 5684] <... exit_group resumed>) = ? [pid 5686] +++ exited with 0 +++ [pid 5685] <... futex resumed>) = ? [pid 5685] +++ exited with 0 +++ [pid 5684] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=614, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./204", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./204", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./204/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./204/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./204/cgroup.cpu") = 0 [pid 5063] umount2("./204/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./204/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./204/binderfs") = 0 [pid 5063] umount2("./204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./204/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./204/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./204/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./204/file0") = 0 [pid 5063] umount2("./204/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./204/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./204/cgroup") = 0 [pid 5063] umount2("./204/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./204/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./204/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./204") = 0 [pid 5063] mkdir("./205", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5687 attached [pid 5687] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 617 [pid 5687] <... set_robust_list resumed>) = 0 [pid 5687] chdir("./205") = 0 [pid 5687] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5687] setpgid(0, 0) = 0 [pid 5687] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5687] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5687] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5687] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5687] write(3, "1000", 4) = 4 [pid 5687] close(3) = 0 [pid 5687] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5687] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5687] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5687] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5687] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5687] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5687] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5687] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5688 attached => {parent_tid=[618]}, 88) = 618 [pid 5688] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5687] rt_sigprocmask(SIG_SETMASK, [], [pid 5688] set_robust_list(0x7eff0a34a9a0, 24 [pid 5687] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5688] <... set_robust_list resumed>) = 0 [pid 5688] rt_sigprocmask(SIG_SETMASK, [], [pid 5687] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5688] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5687] <... futex resumed>) = 0 [pid 5687] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5688] memfd_create("syzkaller", 0) = 3 [pid 5688] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5688] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5688] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5688] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5688] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5688] close(3) = 0 [pid 5688] mkdir("./file0", 0777) = 0 [pid 5688] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5688] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5688] chdir("./file0") = 0 [pid 5688] ioctl(4, LOOP_CLR_FD) = 0 [pid 5688] close(4) = 0 [pid 5688] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5687] <... futex resumed>) = 0 [pid 5688] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5687] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 172.262597][ T5688] loop0: detected capacity change from 0 to 4096 [ 172.278867][ T5688] ntfs: volume version 3.1. [pid 5687] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5688] <... openat resumed>) = 4 [pid 5688] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5687] <... futex resumed>) = 0 [pid 5688] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5687] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5688] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5687] <... futex resumed>) = 0 [pid 5688] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5687] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5687] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5687] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5687] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5687] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5687] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5689 attached => {parent_tid=[619]}, 88) = 619 [pid 5689] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5687] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5687] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5689] <... rseq resumed>) = 0 [pid 5689] set_robust_list(0x7eff0a3299a0, 24 [pid 5687] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5689] <... set_robust_list resumed>) = 0 [pid 5689] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5689] creat("./file1", 000) = 5 [pid 5689] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5688] <... write resumed>) = 1048064 [pid 5689] <... futex resumed>) = 1 [pid 5688] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5687] <... futex resumed>) = 0 [pid 5687] close(3) = 0 [pid 5687] close(4 [pid 5689] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5688] <... futex resumed>) = 0 [pid 5688] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5687] <... close resumed>) = 0 [pid 5687] close(5) = 0 [pid 5687] close(6) = -1 EBADF (Bad file descriptor) [pid 5687] close(7) = -1 EBADF (Bad file descriptor) [pid 5687] close(8) = -1 EBADF (Bad file descriptor) [pid 5687] close(9) = -1 EBADF (Bad file descriptor) [pid 5687] close(10) = -1 EBADF (Bad file descriptor) [pid 5687] close(11) = -1 EBADF (Bad file descriptor) [pid 5687] close(12) = -1 EBADF (Bad file descriptor) [pid 5687] close(13) = -1 EBADF (Bad file descriptor) [pid 5687] close(14) = -1 EBADF (Bad file descriptor) [pid 5687] close(15) = -1 EBADF (Bad file descriptor) [pid 5687] close(16) = -1 EBADF (Bad file descriptor) [pid 5687] close(17) = -1 EBADF (Bad file descriptor) [pid 5687] close(18) = -1 EBADF (Bad file descriptor) [pid 5687] close(19) = -1 EBADF (Bad file descriptor) [pid 5687] close(20) = -1 EBADF (Bad file descriptor) [pid 5687] close(21) = -1 EBADF (Bad file descriptor) [pid 5687] close(22) = -1 EBADF (Bad file descriptor) [pid 5687] close(23) = -1 EBADF (Bad file descriptor) [pid 5687] close(24) = -1 EBADF (Bad file descriptor) [pid 5687] close(25) = -1 EBADF (Bad file descriptor) [pid 5687] close(26) = -1 EBADF (Bad file descriptor) [pid 5687] close(27) = -1 EBADF (Bad file descriptor) [pid 5687] close(28) = -1 EBADF (Bad file descriptor) [pid 5687] close(29) = -1 EBADF (Bad file descriptor) [pid 5687] exit_group(0) = ? [pid 5688] <... futex resumed>) = ? [pid 5688] +++ exited with 0 +++ [pid 5689] <... futex resumed>) = ? [pid 5689] +++ exited with 0 +++ [pid 5687] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=617, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./205", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./205", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./205/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./205/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./205/cgroup.cpu") = 0 [pid 5063] umount2("./205/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./205/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./205/binderfs") = 0 [pid 5063] umount2("./205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./205/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./205/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./205/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./205/file0") = 0 [pid 5063] umount2("./205/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./205/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./205/cgroup") = 0 [pid 5063] umount2("./205/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./205/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./205/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./205") = 0 [pid 5063] mkdir("./206", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5690 attached , child_tidptr=0x5555560b8690) = 620 [pid 5690] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5690] chdir("./206") = 0 [pid 5690] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5690] setpgid(0, 0) = 0 [pid 5690] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5690] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5690] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5690] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5690] write(3, "1000", 4) = 4 [pid 5690] close(3) = 0 [pid 5690] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5690] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5690] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5690] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5690] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5690] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5690] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5690] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5691 attached [pid 5691] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5690] <... clone3 resumed> => {parent_tid=[621]}, 88) = 621 [pid 5691] <... rseq resumed>) = 0 [pid 5690] rt_sigprocmask(SIG_SETMASK, [], [pid 5691] set_robust_list(0x7eff0a34a9a0, 24 [pid 5690] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5691] <... set_robust_list resumed>) = 0 [pid 5690] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5691] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5690] <... futex resumed>) = 0 [pid 5690] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5691] memfd_create("syzkaller", 0) = 3 [pid 5691] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5691] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5691] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5691] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5691] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5691] close(3) = 0 [pid 5691] mkdir("./file0", 0777) = 0 [pid 5691] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5691] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5691] chdir("./file0") = 0 [pid 5691] ioctl(4, LOOP_CLR_FD) = 0 [pid 5691] close(4) = 0 [pid 5691] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5691] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5690] <... futex resumed>) = 0 [ 172.882810][ T5691] loop0: detected capacity change from 0 to 4096 [ 172.912416][ T5691] ntfs: volume version 3.1. [pid 5690] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5691] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5690] <... futex resumed>) = 0 [pid 5691] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5690] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5691] <... openat resumed>) = 4 [pid 5691] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5690] <... futex resumed>) = 0 [pid 5691] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5690] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5691] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5690] <... futex resumed>) = 0 [pid 5690] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5690] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5690] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5690] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5690] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5690] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5692 attached => {parent_tid=[622]}, 88) = 622 [pid 5692] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5690] rt_sigprocmask(SIG_SETMASK, [], [pid 5692] set_robust_list(0x7eff0a3299a0, 24 [pid 5690] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5692] <... set_robust_list resumed>) = 0 [pid 5690] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5692] rt_sigprocmask(SIG_SETMASK, [], [pid 5690] <... futex resumed>) = 0 [pid 5692] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5690] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5692] creat("./file1", 000) = 5 [pid 5692] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5691] <... write resumed>) = 1048064 [pid 5692] <... futex resumed>) = 1 [pid 5690] <... futex resumed>) = 0 [pid 5691] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5690] close(3 [pid 5692] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5691] <... futex resumed>) = 0 [pid 5690] <... close resumed>) = 0 [pid 5691] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5690] close(4) = 0 [pid 5690] close(5) = 0 [pid 5690] close(6) = -1 EBADF (Bad file descriptor) [pid 5690] close(7) = -1 EBADF (Bad file descriptor) [pid 5690] close(8) = -1 EBADF (Bad file descriptor) [pid 5690] close(9) = -1 EBADF (Bad file descriptor) [pid 5690] close(10) = -1 EBADF (Bad file descriptor) [pid 5690] close(11) = -1 EBADF (Bad file descriptor) [pid 5690] close(12) = -1 EBADF (Bad file descriptor) [pid 5690] close(13) = -1 EBADF (Bad file descriptor) [pid 5690] close(14) = -1 EBADF (Bad file descriptor) [pid 5690] close(15) = -1 EBADF (Bad file descriptor) [pid 5690] close(16) = -1 EBADF (Bad file descriptor) [pid 5690] close(17) = -1 EBADF (Bad file descriptor) [pid 5690] close(18) = -1 EBADF (Bad file descriptor) [pid 5690] close(19) = -1 EBADF (Bad file descriptor) [pid 5690] close(20) = -1 EBADF (Bad file descriptor) [pid 5690] close(21) = -1 EBADF (Bad file descriptor) [pid 5690] close(22) = -1 EBADF (Bad file descriptor) [pid 5690] close(23) = -1 EBADF (Bad file descriptor) [pid 5690] close(24) = -1 EBADF (Bad file descriptor) [pid 5690] close(25) = -1 EBADF (Bad file descriptor) [pid 5690] close(26) = -1 EBADF (Bad file descriptor) [pid 5690] close(27) = -1 EBADF (Bad file descriptor) [pid 5690] close(28) = -1 EBADF (Bad file descriptor) [pid 5690] close(29) = -1 EBADF (Bad file descriptor) [pid 5690] exit_group(0 [pid 5692] <... futex resumed>) = ? [pid 5690] <... exit_group resumed>) = ? [pid 5692] +++ exited with 0 +++ [pid 5691] <... futex resumed>) = ? [pid 5691] +++ exited with 0 +++ [pid 5690] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=620, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./206", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./206", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./206/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./206/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./206/cgroup.cpu") = 0 [pid 5063] umount2("./206/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./206/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./206/binderfs") = 0 [pid 5063] umount2("./206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./206/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./206/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./206/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./206/file0") = 0 [pid 5063] umount2("./206/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./206/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./206/cgroup") = 0 [pid 5063] umount2("./206/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./206/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./206/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./206") = 0 [pid 5063] mkdir("./207", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5693 attached , child_tidptr=0x5555560b8690) = 623 [pid 5693] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5693] chdir("./207") = 0 [pid 5693] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5693] setpgid(0, 0) = 0 [pid 5693] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5693] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5693] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5693] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5693] write(3, "1000", 4) = 4 [pid 5693] close(3) = 0 [pid 5693] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5693] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5693] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5693] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5693] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5693] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5693] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5693] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5694 attached [pid 5694] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5694] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5693] <... clone3 resumed> => {parent_tid=[624]}, 88) = 624 [pid 5694] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5694] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5693] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5693] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5694] <... futex resumed>) = 0 [pid 5693] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5694] memfd_create("syzkaller", 0) = 3 [pid 5694] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5694] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5694] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5694] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5694] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5694] close(3) = 0 [pid 5694] mkdir("./file0", 0777) = 0 [pid 5694] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5694] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5694] chdir("./file0") = 0 [pid 5694] ioctl(4, LOOP_CLR_FD) = 0 [pid 5694] close(4) = 0 [pid 5694] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5693] <... futex resumed>) = 0 [pid 5694] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5693] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5694] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5693] <... futex resumed>) = 0 [pid 5694] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 173.399531][ T5694] loop0: detected capacity change from 0 to 4096 [ 173.434953][ T5694] ntfs: volume version 3.1. [pid 5693] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5694] <... openat resumed>) = 4 [pid 5694] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5693] <... futex resumed>) = 0 [pid 5694] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5693] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5694] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5693] <... futex resumed>) = 0 [pid 5693] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5693] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5693] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5693] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5693] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5693] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5695 attached => {parent_tid=[625]}, 88) = 625 [pid 5695] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5693] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5695] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5695] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5695] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5693] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5695] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5695] creat("./file1", 000 [pid 5693] <... futex resumed>) = 0 [pid 5693] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5695] <... creat resumed>) = 5 [pid 5694] <... write resumed>) = 1048064 [pid 5695] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5694] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5695] <... futex resumed>) = 1 [pid 5693] <... futex resumed>) = 0 [pid 5695] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5694] <... futex resumed>) = 0 [pid 5694] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5693] close(3) = 0 [pid 5693] close(4) = 0 [pid 5693] close(5) = 0 [pid 5693] close(6) = -1 EBADF (Bad file descriptor) [pid 5693] close(7) = -1 EBADF (Bad file descriptor) [pid 5693] close(8) = -1 EBADF (Bad file descriptor) [pid 5693] close(9) = -1 EBADF (Bad file descriptor) [pid 5693] close(10) = -1 EBADF (Bad file descriptor) [pid 5693] close(11) = -1 EBADF (Bad file descriptor) [pid 5693] close(12) = -1 EBADF (Bad file descriptor) [pid 5693] close(13) = -1 EBADF (Bad file descriptor) [pid 5693] close(14) = -1 EBADF (Bad file descriptor) [pid 5693] close(15) = -1 EBADF (Bad file descriptor) [pid 5693] close(16) = -1 EBADF (Bad file descriptor) [pid 5693] close(17) = -1 EBADF (Bad file descriptor) [pid 5693] close(18) = -1 EBADF (Bad file descriptor) [pid 5693] close(19) = -1 EBADF (Bad file descriptor) [pid 5693] close(20) = -1 EBADF (Bad file descriptor) [pid 5693] close(21) = -1 EBADF (Bad file descriptor) [pid 5693] close(22) = -1 EBADF (Bad file descriptor) [pid 5693] close(23) = -1 EBADF (Bad file descriptor) [pid 5693] close(24) = -1 EBADF (Bad file descriptor) [pid 5693] close(25) = -1 EBADF (Bad file descriptor) [pid 5693] close(26) = -1 EBADF (Bad file descriptor) [pid 5693] close(27) = -1 EBADF (Bad file descriptor) [pid 5693] close(28) = -1 EBADF (Bad file descriptor) [pid 5693] close(29) = -1 EBADF (Bad file descriptor) [pid 5693] exit_group(0) = ? [pid 5695] <... futex resumed>) = ? [pid 5694] <... futex resumed>) = ? [pid 5694] +++ exited with 0 +++ [pid 5695] +++ exited with 0 +++ [pid 5693] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=623, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] umount2("./207", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./207", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./207/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./207/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./207/cgroup.cpu") = 0 [pid 5063] umount2("./207/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./207/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./207/binderfs") = 0 [pid 5063] umount2("./207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./207/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./207/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./207/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./207/file0") = 0 [pid 5063] umount2("./207/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./207/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./207/cgroup") = 0 [pid 5063] umount2("./207/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./207/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./207/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./207") = 0 [pid 5063] mkdir("./208", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5696 attached , child_tidptr=0x5555560b8690) = 626 [pid 5696] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5696] chdir("./208") = 0 [pid 5696] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5696] setpgid(0, 0) = 0 [pid 5696] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5696] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5696] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5696] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5696] write(3, "1000", 4) = 4 [pid 5696] close(3) = 0 [pid 5696] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5696] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5696] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5696] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5696] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5696] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5696] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5696] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5697 attached => {parent_tid=[627]}, 88) = 627 [pid 5697] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5696] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5696] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5696] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5697] <... rseq resumed>) = 0 [pid 5697] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5697] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5697] memfd_create("syzkaller", 0) = 3 [pid 5697] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5697] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5697] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5697] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5697] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5697] close(3) = 0 [pid 5697] mkdir("./file0", 0777) = 0 [pid 5697] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5697] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5697] chdir("./file0") = 0 [pid 5697] ioctl(4, LOOP_CLR_FD) = 0 [pid 5697] close(4) = 0 [pid 5697] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5696] <... futex resumed>) = 0 [pid 5696] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5697] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5696] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5697] <... openat resumed>) = 4 [pid 5697] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5696] <... futex resumed>) = 0 [pid 5697] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5696] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5696] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5697] <... futex resumed>) = 0 [ 173.980816][ T5697] loop0: detected capacity change from 0 to 4096 [ 174.002645][ T5697] ntfs: volume version 3.1. [pid 5697] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5696] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5696] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5696] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5696] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5696] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5696] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5698 attached => {parent_tid=[628]}, 88) = 628 [pid 5698] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5696] rt_sigprocmask(SIG_SETMASK, [], [pid 5698] <... rseq resumed>) = 0 [pid 5696] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5698] set_robust_list(0x7eff0a3299a0, 24 [pid 5696] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5698] <... set_robust_list resumed>) = 0 [pid 5698] rt_sigprocmask(SIG_SETMASK, [], [pid 5696] <... futex resumed>) = 0 [pid 5698] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5696] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5698] creat("./file1", 000) = 5 [pid 5697] <... write resumed>) = 1048064 [pid 5698] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5696] <... futex resumed>) = 0 [pid 5698] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5697] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5697] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5696] close(3) = 0 [pid 5696] close(4) = 0 [pid 5696] close(5) = 0 [pid 5696] close(6) = -1 EBADF (Bad file descriptor) [pid 5696] close(7) = -1 EBADF (Bad file descriptor) [pid 5696] close(8) = -1 EBADF (Bad file descriptor) [pid 5696] close(9) = -1 EBADF (Bad file descriptor) [pid 5696] close(10) = -1 EBADF (Bad file descriptor) [pid 5696] close(11) = -1 EBADF (Bad file descriptor) [pid 5696] close(12) = -1 EBADF (Bad file descriptor) [pid 5696] close(13) = -1 EBADF (Bad file descriptor) [pid 5696] close(14) = -1 EBADF (Bad file descriptor) [pid 5696] close(15) = -1 EBADF (Bad file descriptor) [pid 5696] close(16) = -1 EBADF (Bad file descriptor) [pid 5696] close(17) = -1 EBADF (Bad file descriptor) [pid 5696] close(18) = -1 EBADF (Bad file descriptor) [pid 5696] close(19) = -1 EBADF (Bad file descriptor) [pid 5696] close(20) = -1 EBADF (Bad file descriptor) [pid 5696] close(21) = -1 EBADF (Bad file descriptor) [pid 5696] close(22) = -1 EBADF (Bad file descriptor) [pid 5696] close(23) = -1 EBADF (Bad file descriptor) [pid 5696] close(24) = -1 EBADF (Bad file descriptor) [pid 5696] close(25) = -1 EBADF (Bad file descriptor) [pid 5696] close(26) = -1 EBADF (Bad file descriptor) [pid 5696] close(27) = -1 EBADF (Bad file descriptor) [pid 5696] close(28) = -1 EBADF (Bad file descriptor) [pid 5696] close(29) = -1 EBADF (Bad file descriptor) [pid 5696] exit_group(0 [pid 5698] <... futex resumed>) = ? [pid 5697] <... futex resumed>) = ? [pid 5696] <... exit_group resumed>) = ? [pid 5698] +++ exited with 0 +++ [pid 5697] +++ exited with 0 +++ [pid 5696] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=626, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./208", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./208", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./208/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./208/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./208/cgroup.cpu") = 0 [pid 5063] umount2("./208/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./208/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./208/binderfs") = 0 [pid 5063] umount2("./208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./208/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./208/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./208/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./208/file0") = 0 [pid 5063] umount2("./208/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./208/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./208/cgroup") = 0 [pid 5063] umount2("./208/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./208/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./208/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./208") = 0 [pid 5063] mkdir("./209", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5699 attached , child_tidptr=0x5555560b8690) = 629 [pid 5699] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5699] chdir("./209") = 0 [pid 5699] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5699] setpgid(0, 0) = 0 [pid 5699] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5699] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5699] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5699] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5699] write(3, "1000", 4) = 4 [pid 5699] close(3) = 0 [pid 5699] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5699] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5699] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5699] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5699] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5699] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5699] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5699] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5700 attached => {parent_tid=[630]}, 88) = 630 [pid 5699] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5699] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5699] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5700] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5700] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5700] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5700] memfd_create("syzkaller", 0) = 3 [pid 5700] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5700] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5700] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5700] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5700] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5700] close(3) = 0 [pid 5700] mkdir("./file0", 0777) = 0 [pid 5700] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5700] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5700] chdir("./file0") = 0 [pid 5700] ioctl(4, LOOP_CLR_FD) = 0 [pid 5700] close(4) = 0 [pid 5700] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5700] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5699] <... futex resumed>) = 0 [pid 5699] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5700] <... futex resumed>) = 0 [pid 5699] <... futex resumed>) = 1 [pid 5699] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5700] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5700] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5699] <... futex resumed>) = 0 [pid 5699] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5699] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 174.565576][ T5700] loop0: detected capacity change from 0 to 4096 [ 174.596673][ T5700] ntfs: volume version 3.1. [pid 5700] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5699] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5699] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5699] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5699] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5699] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5699] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5701 attached [pid 5701] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5699] <... clone3 resumed> => {parent_tid=[631]}, 88) = 631 [pid 5701] <... rseq resumed>) = 0 [pid 5699] rt_sigprocmask(SIG_SETMASK, [], [pid 5701] set_robust_list(0x7eff0a3299a0, 24 [pid 5699] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5701] <... set_robust_list resumed>) = 0 [pid 5699] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5701] rt_sigprocmask(SIG_SETMASK, [], [pid 5699] <... futex resumed>) = 0 [pid 5701] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5699] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5701] creat("./file1", 000) = 5 [pid 5701] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5700] <... write resumed>) = 1048064 [pid 5699] <... futex resumed>) = 0 [pid 5701] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5700] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5700] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5699] close(3) = 0 [pid 5699] close(4) = 0 [pid 5699] close(5) = 0 [pid 5699] close(6) = -1 EBADF (Bad file descriptor) [pid 5699] close(7) = -1 EBADF (Bad file descriptor) [pid 5699] close(8) = -1 EBADF (Bad file descriptor) [pid 5699] close(9) = -1 EBADF (Bad file descriptor) [pid 5699] close(10) = -1 EBADF (Bad file descriptor) [pid 5699] close(11) = -1 EBADF (Bad file descriptor) [pid 5699] close(12) = -1 EBADF (Bad file descriptor) [pid 5699] close(13) = -1 EBADF (Bad file descriptor) [pid 5699] close(14) = -1 EBADF (Bad file descriptor) [pid 5699] close(15) = -1 EBADF (Bad file descriptor) [pid 5699] close(16) = -1 EBADF (Bad file descriptor) [pid 5699] close(17) = -1 EBADF (Bad file descriptor) [pid 5699] close(18) = -1 EBADF (Bad file descriptor) [pid 5699] close(19) = -1 EBADF (Bad file descriptor) [pid 5699] close(20) = -1 EBADF (Bad file descriptor) [pid 5699] close(21) = -1 EBADF (Bad file descriptor) [pid 5699] close(22) = -1 EBADF (Bad file descriptor) [pid 5699] close(23) = -1 EBADF (Bad file descriptor) [pid 5699] close(24) = -1 EBADF (Bad file descriptor) [pid 5699] close(25) = -1 EBADF (Bad file descriptor) [pid 5699] close(26) = -1 EBADF (Bad file descriptor) [pid 5699] close(27) = -1 EBADF (Bad file descriptor) [pid 5699] close(28) = -1 EBADF (Bad file descriptor) [pid 5699] close(29) = -1 EBADF (Bad file descriptor) [pid 5699] exit_group(0) = ? [pid 5700] <... futex resumed>) = ? [pid 5701] <... futex resumed>) = ? [pid 5701] +++ exited with 0 +++ [pid 5700] +++ exited with 0 +++ [pid 5699] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=629, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./209", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./209", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./209/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./209/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./209/cgroup.cpu") = 0 [pid 5063] umount2("./209/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./209/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./209/binderfs") = 0 [pid 5063] umount2("./209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./209/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./209/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./209/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./209/file0") = 0 [pid 5063] umount2("./209/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./209/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./209/cgroup") = 0 [pid 5063] umount2("./209/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./209/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./209/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./209") = 0 [pid 5063] mkdir("./210", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5702 attached , child_tidptr=0x5555560b8690) = 632 [pid 5702] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5702] chdir("./210") = 0 [pid 5702] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5702] setpgid(0, 0) = 0 [pid 5702] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5702] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5702] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5702] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5702] write(3, "1000", 4) = 4 [pid 5702] close(3) = 0 [pid 5702] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5702] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5702] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5702] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5702] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5702] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5702] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5702] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5703 attached [pid 5703] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5702] <... clone3 resumed> => {parent_tid=[633]}, 88) = 633 [pid 5703] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5702] rt_sigprocmask(SIG_SETMASK, [], [pid 5703] rt_sigprocmask(SIG_SETMASK, [], [pid 5702] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5703] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5702] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5702] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5703] memfd_create("syzkaller", 0) = 3 [pid 5703] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5703] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5703] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5703] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5703] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5703] close(3) = 0 [pid 5703] mkdir("./file0", 0777) = 0 [ 175.058877][ T5703] loop0: detected capacity change from 0 to 4096 [ 175.073613][ T5703] __ntfs_warning: 170 callbacks suppressed [ 175.073621][ T5703] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 175.100537][ T5703] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 175.109930][ T5703] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 175.125886][ T5703] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 175.134676][ T5703] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 175.154645][ T5703] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 175.163349][ T5703] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 175.183464][ T5703] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5703] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5703] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5703] chdir("./file0") = 0 [pid 5703] ioctl(4, LOOP_CLR_FD) = 0 [pid 5703] close(4) = 0 [ 175.192169][ T5703] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 175.212142][ T5703] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 175.223145][ T5703] ntfs: volume version 3.1. [pid 5703] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5702] <... futex resumed>) = 0 [pid 5702] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5703] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5702] <... futex resumed>) = 0 [pid 5702] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5703] <... openat resumed>) = 4 [pid 5703] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5702] <... futex resumed>) = 0 [pid 5703] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5702] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5702] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5702] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5702] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5702] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5702] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5702] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5704 attached => {parent_tid=[634]}, 88) = 634 [pid 5704] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5702] rt_sigprocmask(SIG_SETMASK, [], [pid 5704] <... rseq resumed>) = 0 [pid 5702] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5704] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5702] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5704] rt_sigprocmask(SIG_SETMASK, [], [pid 5702] <... futex resumed>) = 0 [pid 5704] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5702] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5704] creat("./file1", 000) = 5 [pid 5703] <... write resumed>) = 1048064 [pid 5704] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5703] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5704] <... futex resumed>) = 1 [pid 5702] <... futex resumed>) = 0 [pid 5703] <... futex resumed>) = 0 [pid 5702] close(3 [pid 5704] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5703] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5702] <... close resumed>) = 0 [pid 5702] close(4) = 0 [pid 5702] close(5) = 0 [pid 5702] close(6) = -1 EBADF (Bad file descriptor) [pid 5702] close(7) = -1 EBADF (Bad file descriptor) [pid 5702] close(8) = -1 EBADF (Bad file descriptor) [pid 5702] close(9) = -1 EBADF (Bad file descriptor) [pid 5702] close(10) = -1 EBADF (Bad file descriptor) [pid 5702] close(11) = -1 EBADF (Bad file descriptor) [pid 5702] close(12) = -1 EBADF (Bad file descriptor) [pid 5702] close(13) = -1 EBADF (Bad file descriptor) [pid 5702] close(14) = -1 EBADF (Bad file descriptor) [pid 5702] close(15) = -1 EBADF (Bad file descriptor) [pid 5702] close(16) = -1 EBADF (Bad file descriptor) [pid 5702] close(17) = -1 EBADF (Bad file descriptor) [pid 5702] close(18) = -1 EBADF (Bad file descriptor) [pid 5702] close(19) = -1 EBADF (Bad file descriptor) [pid 5702] close(20) = -1 EBADF (Bad file descriptor) [pid 5702] close(21) = -1 EBADF (Bad file descriptor) [pid 5702] close(22) = -1 EBADF (Bad file descriptor) [pid 5702] close(23) = -1 EBADF (Bad file descriptor) [pid 5702] close(24) = -1 EBADF (Bad file descriptor) [pid 5702] close(25) = -1 EBADF (Bad file descriptor) [pid 5702] close(26) = -1 EBADF (Bad file descriptor) [pid 5702] close(27) = -1 EBADF (Bad file descriptor) [pid 5702] close(28) = -1 EBADF (Bad file descriptor) [pid 5702] close(29) = -1 EBADF (Bad file descriptor) [pid 5702] exit_group(0) = ? [pid 5703] <... futex resumed>) = ? [pid 5704] <... futex resumed>) = ? [pid 5703] +++ exited with 0 +++ [pid 5704] +++ exited with 0 +++ [pid 5702] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=632, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./210", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./210", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./210/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./210/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./210/cgroup.cpu") = 0 [pid 5063] umount2("./210/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./210/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./210/binderfs") = 0 [pid 5063] umount2("./210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./210/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./210/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./210/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./210/file0") = 0 [pid 5063] umount2("./210/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./210/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./210/cgroup") = 0 [pid 5063] umount2("./210/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./210/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./210/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./210") = 0 [pid 5063] mkdir("./211", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5705 attached , child_tidptr=0x5555560b8690) = 635 [pid 5705] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5705] chdir("./211") = 0 [pid 5705] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5705] setpgid(0, 0) = 0 [pid 5705] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5705] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5705] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5705] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5705] write(3, "1000", 4) = 4 [pid 5705] close(3) = 0 [pid 5705] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5705] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5705] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5705] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5705] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5705] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5705] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5705] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5706 attached => {parent_tid=[636]}, 88) = 636 [pid 5705] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5706] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5705] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5706] set_robust_list(0x7eff0a34a9a0, 24 [pid 5705] <... futex resumed>) = 0 [pid 5706] <... set_robust_list resumed>) = 0 [pid 5705] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5706] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5706] memfd_create("syzkaller", 0) = 3 [pid 5706] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5706] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5706] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5706] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5706] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5706] close(3) = 0 [pid 5706] mkdir("./file0", 0777) = 0 [pid 5706] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5706] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5706] chdir("./file0") = 0 [pid 5706] ioctl(4, LOOP_CLR_FD) = 0 [pid 5706] close(4) = 0 [pid 5706] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5705] <... futex resumed>) = 0 [pid 5706] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5705] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5706] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5705] <... futex resumed>) = 0 [pid 5706] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5705] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5706] <... openat resumed>) = 4 [pid 5706] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5705] <... futex resumed>) = 0 [pid 5706] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5705] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5706] <... futex resumed>) = 0 [pid 5705] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 175.739000][ T5706] loop0: detected capacity change from 0 to 4096 [ 175.774580][ T5706] ntfs: volume version 3.1. [pid 5706] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5705] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5705] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5705] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5705] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5705] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5705] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5707 attached [pid 5707] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5707] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5707] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5707] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5705] <... clone3 resumed> => {parent_tid=[637]}, 88) = 637 [pid 5705] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5705] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5707] <... futex resumed>) = 0 [pid 5707] creat("./file1", 000 [pid 5705] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5707] <... creat resumed>) = 5 [pid 5706] <... write resumed>) = 1048064 [pid 5707] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5706] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5707] <... futex resumed>) = 1 [pid 5705] <... futex resumed>) = 0 [pid 5707] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5706] <... futex resumed>) = 0 [pid 5705] close(3) = 0 [pid 5705] close(4 [pid 5706] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5705] <... close resumed>) = 0 [pid 5705] close(5) = 0 [pid 5705] close(6) = -1 EBADF (Bad file descriptor) [pid 5705] close(7) = -1 EBADF (Bad file descriptor) [pid 5705] close(8) = -1 EBADF (Bad file descriptor) [pid 5705] close(9) = -1 EBADF (Bad file descriptor) [pid 5705] close(10) = -1 EBADF (Bad file descriptor) [pid 5705] close(11) = -1 EBADF (Bad file descriptor) [pid 5705] close(12) = -1 EBADF (Bad file descriptor) [pid 5705] close(13) = -1 EBADF (Bad file descriptor) [pid 5705] close(14) = -1 EBADF (Bad file descriptor) [pid 5705] close(15) = -1 EBADF (Bad file descriptor) [pid 5705] close(16) = -1 EBADF (Bad file descriptor) [pid 5705] close(17) = -1 EBADF (Bad file descriptor) [pid 5705] close(18) = -1 EBADF (Bad file descriptor) [pid 5705] close(19) = -1 EBADF (Bad file descriptor) [pid 5705] close(20) = -1 EBADF (Bad file descriptor) [pid 5705] close(21) = -1 EBADF (Bad file descriptor) [pid 5705] close(22) = -1 EBADF (Bad file descriptor) [pid 5705] close(23) = -1 EBADF (Bad file descriptor) [pid 5705] close(24) = -1 EBADF (Bad file descriptor) [pid 5705] close(25) = -1 EBADF (Bad file descriptor) [pid 5705] close(26) = -1 EBADF (Bad file descriptor) [pid 5705] close(27) = -1 EBADF (Bad file descriptor) [pid 5705] close(28) = -1 EBADF (Bad file descriptor) [pid 5705] close(29) = -1 EBADF (Bad file descriptor) [pid 5705] exit_group(0 [pid 5707] <... futex resumed>) = ? [pid 5705] <... exit_group resumed>) = ? [pid 5707] +++ exited with 0 +++ [pid 5706] <... futex resumed>) = ? [pid 5706] +++ exited with 0 +++ [pid 5705] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=635, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./211", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./211", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./211/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./211/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./211/cgroup.cpu") = 0 [pid 5063] umount2("./211/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./211/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./211/binderfs") = 0 [pid 5063] umount2("./211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./211/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./211/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./211/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./211/file0") = 0 [pid 5063] umount2("./211/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./211/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./211/cgroup") = 0 [pid 5063] umount2("./211/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./211/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./211/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./211") = 0 [pid 5063] mkdir("./212", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5708 attached , child_tidptr=0x5555560b8690) = 638 [pid 5708] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5708] chdir("./212") = 0 [pid 5708] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5708] setpgid(0, 0) = 0 [pid 5708] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5708] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5708] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5708] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5708] write(3, "1000", 4) = 4 [pid 5708] close(3) = 0 [pid 5708] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5708] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5708] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5708] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5708] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5708] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5708] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5708] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5709 attached => {parent_tid=[639]}, 88) = 639 [pid 5709] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5708] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5708] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5709] <... rseq resumed>) = 0 [pid 5709] set_robust_list(0x7eff0a34a9a0, 24 [pid 5708] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5709] <... set_robust_list resumed>) = 0 [pid 5709] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5709] memfd_create("syzkaller", 0) = 3 [pid 5709] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5709] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5709] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5709] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5709] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5709] close(3) = 0 [pid 5709] mkdir("./file0", 0777) = 0 [pid 5709] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5709] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5709] chdir("./file0") = 0 [pid 5709] ioctl(4, LOOP_CLR_FD) = 0 [pid 5709] close(4) = 0 [pid 5709] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5708] <... futex resumed>) = 0 [pid 5709] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5708] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5709] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5708] <... futex resumed>) = 0 [pid 5708] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5709] <... openat resumed>) = 4 [pid 5709] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5708] <... futex resumed>) = 0 [pid 5709] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5708] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5709] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5708] <... futex resumed>) = 0 [pid 5709] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 176.342140][ T5709] loop0: detected capacity change from 0 to 4096 [ 176.370630][ T5709] ntfs: volume version 3.1. [pid 5708] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5708] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5708] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5708] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5708] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5708] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5710 attached => {parent_tid=[640]}, 88) = 640 [pid 5710] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5708] rt_sigprocmask(SIG_SETMASK, [], [pid 5710] <... rseq resumed>) = 0 [pid 5708] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5710] set_robust_list(0x7eff0a3299a0, 24 [pid 5708] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5710] <... set_robust_list resumed>) = 0 [pid 5710] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5710] creat("./file1", 000 [pid 5708] <... futex resumed>) = 0 [pid 5708] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5710] <... creat resumed>) = 5 [pid 5709] <... write resumed>) = 1048064 [pid 5710] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5709] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5709] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5708] <... futex resumed>) = 0 [pid 5708] close(3 [pid 5710] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5708] <... close resumed>) = 0 [pid 5708] close(4) = 0 [pid 5708] close(5) = 0 [pid 5708] close(6) = -1 EBADF (Bad file descriptor) [pid 5708] close(7) = -1 EBADF (Bad file descriptor) [pid 5708] close(8) = -1 EBADF (Bad file descriptor) [pid 5708] close(9) = -1 EBADF (Bad file descriptor) [pid 5708] close(10) = -1 EBADF (Bad file descriptor) [pid 5708] close(11) = -1 EBADF (Bad file descriptor) [pid 5708] close(12) = -1 EBADF (Bad file descriptor) [pid 5708] close(13) = -1 EBADF (Bad file descriptor) [pid 5708] close(14) = -1 EBADF (Bad file descriptor) [pid 5708] close(15) = -1 EBADF (Bad file descriptor) [pid 5708] close(16) = -1 EBADF (Bad file descriptor) [pid 5708] close(17) = -1 EBADF (Bad file descriptor) [pid 5708] close(18) = -1 EBADF (Bad file descriptor) [pid 5708] close(19) = -1 EBADF (Bad file descriptor) [pid 5708] close(20) = -1 EBADF (Bad file descriptor) [pid 5708] close(21) = -1 EBADF (Bad file descriptor) [pid 5708] close(22) = -1 EBADF (Bad file descriptor) [pid 5708] close(23) = -1 EBADF (Bad file descriptor) [pid 5708] close(24) = -1 EBADF (Bad file descriptor) [pid 5708] close(25) = -1 EBADF (Bad file descriptor) [pid 5708] close(26) = -1 EBADF (Bad file descriptor) [pid 5708] close(27) = -1 EBADF (Bad file descriptor) [pid 5708] close(28) = -1 EBADF (Bad file descriptor) [pid 5708] close(29) = -1 EBADF (Bad file descriptor) [pid 5708] exit_group(0) = ? [pid 5710] <... futex resumed>) = ? [pid 5709] <... futex resumed>) = ? [pid 5710] +++ exited with 0 +++ [pid 5709] +++ exited with 0 +++ [pid 5708] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=638, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./212", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./212", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./212/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./212/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./212/cgroup.cpu") = 0 [pid 5063] umount2("./212/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./212/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./212/binderfs") = 0 [pid 5063] umount2("./212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./212/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./212/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./212/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./212/file0") = 0 [pid 5063] umount2("./212/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./212/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./212/cgroup") = 0 [pid 5063] umount2("./212/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./212/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./212/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./212") = 0 [pid 5063] mkdir("./213", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5711 attached [pid 5711] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 641 [pid 5711] <... set_robust_list resumed>) = 0 [pid 5711] chdir("./213") = 0 [pid 5711] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5711] setpgid(0, 0) = 0 [pid 5711] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5711] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5711] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5711] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5711] write(3, "1000", 4) = 4 [pid 5711] close(3) = 0 [pid 5711] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5711] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5711] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5711] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5711] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5711] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5711] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5711] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5712 attached => {parent_tid=[642]}, 88) = 642 [pid 5712] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5711] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5711] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5711] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5712] <... rseq resumed>) = 0 [pid 5712] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5712] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5712] memfd_create("syzkaller", 0) = 3 [pid 5712] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5712] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5712] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5712] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5712] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5712] close(3) = 0 [pid 5712] mkdir("./file0", 0777) = 0 [pid 5712] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5712] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5712] chdir("./file0") = 0 [pid 5712] ioctl(4, LOOP_CLR_FD) = 0 [pid 5712] close(4) = 0 [pid 5712] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5711] <... futex resumed>) = 0 [pid 5711] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5712] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5711] <... futex resumed>) = 0 [pid 5711] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5712] <... openat resumed>) = 4 [pid 5712] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5711] <... futex resumed>) = 0 [pid 5712] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5711] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5712] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5711] <... futex resumed>) = 0 [pid 5711] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 176.914134][ T5712] loop0: detected capacity change from 0 to 4096 [ 176.934068][ T5712] ntfs: volume version 3.1. [pid 5712] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5711] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5711] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5711] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5711] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5711] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5711] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5711] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5713 attached => {parent_tid=[643]}, 88) = 643 [pid 5713] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5711] rt_sigprocmask(SIG_SETMASK, [], [pid 5713] <... rseq resumed>) = 0 [pid 5711] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5713] set_robust_list(0x7eff0a3299a0, 24 [pid 5711] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5713] <... set_robust_list resumed>) = 0 [pid 5711] <... futex resumed>) = 0 [pid 5713] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5711] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5713] creat("./file1", 000) = 5 [pid 5712] <... write resumed>) = 1048064 [pid 5713] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5712] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5712] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5713] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5711] <... futex resumed>) = 0 [pid 5711] close(3) = 0 [pid 5711] close(4) = 0 [pid 5711] close(5) = 0 [pid 5711] close(6) = -1 EBADF (Bad file descriptor) [pid 5711] close(7) = -1 EBADF (Bad file descriptor) [pid 5711] close(8) = -1 EBADF (Bad file descriptor) [pid 5711] close(9) = -1 EBADF (Bad file descriptor) [pid 5711] close(10) = -1 EBADF (Bad file descriptor) [pid 5711] close(11) = -1 EBADF (Bad file descriptor) [pid 5711] close(12) = -1 EBADF (Bad file descriptor) [pid 5711] close(13) = -1 EBADF (Bad file descriptor) [pid 5711] close(14) = -1 EBADF (Bad file descriptor) [pid 5711] close(15) = -1 EBADF (Bad file descriptor) [pid 5711] close(16) = -1 EBADF (Bad file descriptor) [pid 5711] close(17) = -1 EBADF (Bad file descriptor) [pid 5711] close(18) = -1 EBADF (Bad file descriptor) [pid 5711] close(19) = -1 EBADF (Bad file descriptor) [pid 5711] close(20) = -1 EBADF (Bad file descriptor) [pid 5711] close(21) = -1 EBADF (Bad file descriptor) [pid 5711] close(22) = -1 EBADF (Bad file descriptor) [pid 5711] close(23) = -1 EBADF (Bad file descriptor) [pid 5711] close(24) = -1 EBADF (Bad file descriptor) [pid 5711] close(25) = -1 EBADF (Bad file descriptor) [pid 5711] close(26) = -1 EBADF (Bad file descriptor) [pid 5711] close(27) = -1 EBADF (Bad file descriptor) [pid 5711] close(28) = -1 EBADF (Bad file descriptor) [pid 5711] close(29) = -1 EBADF (Bad file descriptor) [pid 5711] exit_group(0) = ? [pid 5713] <... futex resumed>) = ? [pid 5713] +++ exited with 0 +++ [pid 5712] <... futex resumed>) = ? [pid 5712] +++ exited with 0 +++ [pid 5711] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=641, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./213", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./213", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./213/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./213/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./213/cgroup.cpu") = 0 [pid 5063] umount2("./213/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./213/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./213/binderfs") = 0 [pid 5063] umount2("./213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./213/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./213/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./213/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./213/file0") = 0 [pid 5063] umount2("./213/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./213/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./213/cgroup") = 0 [pid 5063] umount2("./213/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./213/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./213/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./213") = 0 [pid 5063] mkdir("./214", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5714 attached [pid 5714] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5714] chdir("./214") = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 644 [pid 5714] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5714] setpgid(0, 0) = 0 [pid 5714] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5714] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5714] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5714] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5714] write(3, "1000", 4) = 4 [pid 5714] close(3) = 0 [pid 5714] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5714] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5714] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5714] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5714] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5714] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5714] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5714] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5715 attached => {parent_tid=[645]}, 88) = 645 [pid 5715] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5714] rt_sigprocmask(SIG_SETMASK, [], [pid 5715] <... rseq resumed>) = 0 [pid 5714] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5715] set_robust_list(0x7eff0a34a9a0, 24 [pid 5714] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5715] <... set_robust_list resumed>) = 0 [pid 5715] rt_sigprocmask(SIG_SETMASK, [], [pid 5714] <... futex resumed>) = 0 [pid 5715] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5714] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5715] memfd_create("syzkaller", 0) = 3 [pid 5715] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5715] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5715] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5715] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5715] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5715] close(3) = 0 [pid 5715] mkdir("./file0", 0777) = 0 [pid 5715] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5715] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5715] chdir("./file0") = 0 [pid 5715] ioctl(4, LOOP_CLR_FD) = 0 [pid 5715] close(4) = 0 [pid 5715] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5714] <... futex resumed>) = 0 [ 177.435037][ T5715] loop0: detected capacity change from 0 to 4096 [ 177.457125][ T5715] ntfs: volume version 3.1. [pid 5714] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5715] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5714] <... futex resumed>) = 0 [pid 5714] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5715] <... openat resumed>) = 4 [pid 5715] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5714] <... futex resumed>) = 0 [pid 5715] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5714] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5715] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5714] <... futex resumed>) = 0 [pid 5715] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5714] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5714] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5714] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5714] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5714] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5714] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5716 attached [pid 5716] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5714] <... clone3 resumed> => {parent_tid=[646]}, 88) = 646 [pid 5716] <... rseq resumed>) = 0 [pid 5716] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5716] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5714] rt_sigprocmask(SIG_SETMASK, [], [pid 5716] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5714] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5714] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5716] <... futex resumed>) = 0 [pid 5715] <... write resumed>) = 1048064 [pid 5714] <... futex resumed>) = 1 [pid 5716] creat("./file1", 000 [pid 5714] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5715] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5716] <... creat resumed>) = 5 [pid 5715] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5716] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5714] <... futex resumed>) = 0 [pid 5716] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5714] close(3) = 0 [pid 5714] close(4) = 0 [pid 5714] close(5) = 0 [pid 5714] close(6) = -1 EBADF (Bad file descriptor) [pid 5714] close(7) = -1 EBADF (Bad file descriptor) [pid 5714] close(8) = -1 EBADF (Bad file descriptor) [pid 5714] close(9) = -1 EBADF (Bad file descriptor) [pid 5714] close(10) = -1 EBADF (Bad file descriptor) [pid 5714] close(11) = -1 EBADF (Bad file descriptor) [pid 5714] close(12) = -1 EBADF (Bad file descriptor) [pid 5714] close(13) = -1 EBADF (Bad file descriptor) [pid 5714] close(14) = -1 EBADF (Bad file descriptor) [pid 5714] close(15) = -1 EBADF (Bad file descriptor) [pid 5714] close(16) = -1 EBADF (Bad file descriptor) [pid 5714] close(17) = -1 EBADF (Bad file descriptor) [pid 5714] close(18) = -1 EBADF (Bad file descriptor) [pid 5714] close(19) = -1 EBADF (Bad file descriptor) [pid 5714] close(20) = -1 EBADF (Bad file descriptor) [pid 5714] close(21) = -1 EBADF (Bad file descriptor) [pid 5714] close(22) = -1 EBADF (Bad file descriptor) [pid 5714] close(23) = -1 EBADF (Bad file descriptor) [pid 5714] close(24) = -1 EBADF (Bad file descriptor) [pid 5714] close(25) = -1 EBADF (Bad file descriptor) [pid 5714] close(26) = -1 EBADF (Bad file descriptor) [pid 5714] close(27) = -1 EBADF (Bad file descriptor) [pid 5714] close(28) = -1 EBADF (Bad file descriptor) [pid 5714] close(29) = -1 EBADF (Bad file descriptor) [pid 5714] exit_group(0) = ? [pid 5716] <... futex resumed>) = ? [pid 5715] <... futex resumed>) = ? [pid 5716] +++ exited with 0 +++ [pid 5715] +++ exited with 0 +++ [pid 5714] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=644, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] umount2("./214", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./214", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./214/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./214/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./214/cgroup.cpu") = 0 [pid 5063] umount2("./214/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./214/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./214/binderfs") = 0 [pid 5063] umount2("./214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./214/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./214/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./214/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./214/file0") = 0 [pid 5063] umount2("./214/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./214/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./214/cgroup") = 0 [pid 5063] umount2("./214/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./214/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./214/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./214") = 0 [pid 5063] mkdir("./215", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5717 attached , child_tidptr=0x5555560b8690) = 647 [pid 5717] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5717] chdir("./215") = 0 [pid 5717] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5717] setpgid(0, 0) = 0 [pid 5717] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5717] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5717] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5717] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5717] write(3, "1000", 4) = 4 [pid 5717] close(3) = 0 [pid 5717] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5717] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5717] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5717] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5717] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5717] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5717] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5717] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5718 attached => {parent_tid=[648]}, 88) = 648 [pid 5718] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5717] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5717] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5717] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5718] <... rseq resumed>) = 0 [pid 5718] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5718] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5718] memfd_create("syzkaller", 0) = 3 [pid 5718] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5718] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5718] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5718] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5718] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5718] close(3) = 0 [pid 5718] mkdir("./file0", 0777) = 0 [pid 5718] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5718] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5718] chdir("./file0") = 0 [pid 5718] ioctl(4, LOOP_CLR_FD) = 0 [pid 5718] close(4) = 0 [pid 5718] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5718] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5717] <... futex resumed>) = 0 [pid 5717] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5718] <... futex resumed>) = 0 [pid 5717] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 178.058946][ T5718] loop0: detected capacity change from 0 to 4096 [ 178.089432][ T5718] ntfs: volume version 3.1. [pid 5718] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5718] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5717] <... futex resumed>) = 0 [pid 5718] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5717] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5718] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5717] <... futex resumed>) = 0 [pid 5717] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5718] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5717] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5717] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5717] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5717] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5717] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5717] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5719 attached => {parent_tid=[649]}, 88) = 649 [pid 5719] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5717] rt_sigprocmask(SIG_SETMASK, [], [pid 5719] <... rseq resumed>) = 0 [pid 5717] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5719] set_robust_list(0x7eff0a3299a0, 24 [pid 5717] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5719] <... set_robust_list resumed>) = 0 [pid 5719] rt_sigprocmask(SIG_SETMASK, [], [pid 5717] <... futex resumed>) = 0 [pid 5717] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5719] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5719] creat("./file1", 000) = 5 [pid 5718] <... write resumed>) = 1048064 [pid 5719] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5718] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5719] <... futex resumed>) = 1 [pid 5719] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5718] <... futex resumed>) = 0 [pid 5718] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5717] <... futex resumed>) = 0 [pid 5717] close(3) = 0 [pid 5717] close(4) = 0 [pid 5717] close(5) = 0 [pid 5717] close(6) = -1 EBADF (Bad file descriptor) [pid 5717] close(7) = -1 EBADF (Bad file descriptor) [pid 5717] close(8) = -1 EBADF (Bad file descriptor) [pid 5717] close(9) = -1 EBADF (Bad file descriptor) [pid 5717] close(10) = -1 EBADF (Bad file descriptor) [pid 5717] close(11) = -1 EBADF (Bad file descriptor) [pid 5717] close(12) = -1 EBADF (Bad file descriptor) [pid 5717] close(13) = -1 EBADF (Bad file descriptor) [pid 5717] close(14) = -1 EBADF (Bad file descriptor) [pid 5717] close(15) = -1 EBADF (Bad file descriptor) [pid 5717] close(16) = -1 EBADF (Bad file descriptor) [pid 5717] close(17) = -1 EBADF (Bad file descriptor) [pid 5717] close(18) = -1 EBADF (Bad file descriptor) [pid 5717] close(19) = -1 EBADF (Bad file descriptor) [pid 5717] close(20) = -1 EBADF (Bad file descriptor) [pid 5717] close(21) = -1 EBADF (Bad file descriptor) [pid 5717] close(22) = -1 EBADF (Bad file descriptor) [pid 5717] close(23) = -1 EBADF (Bad file descriptor) [pid 5717] close(24) = -1 EBADF (Bad file descriptor) [pid 5717] close(25) = -1 EBADF (Bad file descriptor) [pid 5717] close(26) = -1 EBADF (Bad file descriptor) [pid 5717] close(27) = -1 EBADF (Bad file descriptor) [pid 5717] close(28) = -1 EBADF (Bad file descriptor) [pid 5717] close(29) = -1 EBADF (Bad file descriptor) [pid 5717] exit_group(0) = ? [pid 5719] <... futex resumed>) = ? [pid 5718] <... futex resumed>) = ? [pid 5719] +++ exited with 0 +++ [pid 5718] +++ exited with 0 +++ [pid 5717] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=647, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./215", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./215", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./215/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./215/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./215/cgroup.cpu") = 0 [pid 5063] umount2("./215/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./215/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./215/binderfs") = 0 [pid 5063] umount2("./215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./215/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./215/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./215/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./215/file0") = 0 [pid 5063] umount2("./215/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./215/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./215/cgroup") = 0 [pid 5063] umount2("./215/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./215/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./215/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./215") = 0 [pid 5063] mkdir("./216", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5720 attached , child_tidptr=0x5555560b8690) = 650 [pid 5720] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5720] chdir("./216") = 0 [pid 5720] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5720] setpgid(0, 0) = 0 [pid 5720] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5720] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5720] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5720] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5720] write(3, "1000", 4) = 4 [pid 5720] close(3) = 0 [pid 5720] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5720] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5720] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5720] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5720] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5720] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5720] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5720] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5721 attached [pid 5721] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5721] set_robust_list(0x7eff0a34a9a0, 24 [pid 5720] <... clone3 resumed> => {parent_tid=[651]}, 88) = 651 [pid 5721] <... set_robust_list resumed>) = 0 [pid 5721] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5721] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5720] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5720] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5721] <... futex resumed>) = 0 [pid 5720] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5721] memfd_create("syzkaller", 0) = 3 [pid 5721] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5721] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5721] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5721] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5721] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5721] close(3) = 0 [pid 5721] mkdir("./file0", 0777) = 0 [pid 5721] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5721] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5721] chdir("./file0") = 0 [pid 5721] ioctl(4, LOOP_CLR_FD) = 0 [pid 5721] close(4) = 0 [ 178.610562][ T5721] loop0: detected capacity change from 0 to 4096 [ 178.636634][ T5721] ntfs: volume version 3.1. [pid 5721] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5720] <... futex resumed>) = 0 [pid 5721] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5720] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5721] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5720] <... futex resumed>) = 0 [pid 5721] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5720] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5721] <... openat resumed>) = 4 [pid 5721] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5720] <... futex resumed>) = 0 [pid 5721] <... futex resumed>) = 1 [pid 5720] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5721] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5720] <... futex resumed>) = 0 [pid 5720] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5720] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5720] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5720] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5720] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5720] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5722 attached => {parent_tid=[652]}, 88) = 652 [pid 5722] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5720] rt_sigprocmask(SIG_SETMASK, [], [pid 5722] <... rseq resumed>) = 0 [pid 5720] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5722] set_robust_list(0x7eff0a3299a0, 24 [pid 5720] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5722] <... set_robust_list resumed>) = 0 [pid 5720] <... futex resumed>) = 0 [pid 5722] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5720] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5722] creat("./file1", 000) = 5 [pid 5721] <... write resumed>) = 1048064 [pid 5722] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5721] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5722] <... futex resumed>) = 1 [pid 5721] <... futex resumed>) = 0 [pid 5720] <... futex resumed>) = 0 [pid 5721] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5720] close(3) = 0 [pid 5720] close(4 [pid 5722] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5720] <... close resumed>) = 0 [pid 5720] close(5) = 0 [pid 5720] close(6) = -1 EBADF (Bad file descriptor) [pid 5720] close(7) = -1 EBADF (Bad file descriptor) [pid 5720] close(8) = -1 EBADF (Bad file descriptor) [pid 5720] close(9) = -1 EBADF (Bad file descriptor) [pid 5720] close(10) = -1 EBADF (Bad file descriptor) [pid 5720] close(11) = -1 EBADF (Bad file descriptor) [pid 5720] close(12) = -1 EBADF (Bad file descriptor) [pid 5720] close(13) = -1 EBADF (Bad file descriptor) [pid 5720] close(14) = -1 EBADF (Bad file descriptor) [pid 5720] close(15) = -1 EBADF (Bad file descriptor) [pid 5720] close(16) = -1 EBADF (Bad file descriptor) [pid 5720] close(17) = -1 EBADF (Bad file descriptor) [pid 5720] close(18) = -1 EBADF (Bad file descriptor) [pid 5720] close(19) = -1 EBADF (Bad file descriptor) [pid 5720] close(20) = -1 EBADF (Bad file descriptor) [pid 5720] close(21) = -1 EBADF (Bad file descriptor) [pid 5720] close(22) = -1 EBADF (Bad file descriptor) [pid 5720] close(23) = -1 EBADF (Bad file descriptor) [pid 5720] close(24) = -1 EBADF (Bad file descriptor) [pid 5720] close(25) = -1 EBADF (Bad file descriptor) [pid 5720] close(26) = -1 EBADF (Bad file descriptor) [pid 5720] close(27) = -1 EBADF (Bad file descriptor) [pid 5720] close(28) = -1 EBADF (Bad file descriptor) [pid 5720] close(29) = -1 EBADF (Bad file descriptor) [pid 5720] exit_group(0 [pid 5721] <... futex resumed>) = ? [pid 5721] +++ exited with 0 +++ [pid 5722] <... futex resumed>) = ? [pid 5720] <... exit_group resumed>) = ? [pid 5722] +++ exited with 0 +++ [pid 5720] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=650, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./216", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./216", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./216/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./216/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./216/cgroup.cpu") = 0 [pid 5063] umount2("./216/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./216/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./216/binderfs") = 0 [pid 5063] umount2("./216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./216/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./216/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./216/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./216/file0") = 0 [pid 5063] umount2("./216/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./216/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./216/cgroup") = 0 [pid 5063] umount2("./216/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./216/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./216/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./216") = 0 [pid 5063] mkdir("./217", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5723 attached [pid 5723] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 653 [pid 5723] <... set_robust_list resumed>) = 0 [pid 5723] chdir("./217") = 0 [pid 5723] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5723] setpgid(0, 0) = 0 [pid 5723] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5723] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5723] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5723] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5723] write(3, "1000", 4) = 4 [pid 5723] close(3) = 0 [pid 5723] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5723] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5723] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5723] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5723] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5723] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5723] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5723] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5724 attached => {parent_tid=[654]}, 88) = 654 [pid 5724] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5723] rt_sigprocmask(SIG_SETMASK, [], [pid 5724] <... rseq resumed>) = 0 [pid 5723] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5724] set_robust_list(0x7eff0a34a9a0, 24 [pid 5723] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5724] <... set_robust_list resumed>) = 0 [pid 5723] <... futex resumed>) = 0 [pid 5724] rt_sigprocmask(SIG_SETMASK, [], [pid 5723] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5724] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5724] memfd_create("syzkaller", 0) = 3 [pid 5724] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5724] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5724] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5724] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5724] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5724] close(3) = 0 [pid 5724] mkdir("./file0", 0777) = 0 [pid 5724] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5724] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5724] chdir("./file0") = 0 [pid 5724] ioctl(4, LOOP_CLR_FD) = 0 [pid 5724] close(4) = 0 [ 179.200853][ T5724] loop0: detected capacity change from 0 to 4096 [ 179.221260][ T5724] ntfs: volume version 3.1. [pid 5724] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5723] <... futex resumed>) = 0 [pid 5723] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5723] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5724] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5724] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5723] <... futex resumed>) = 0 [pid 5724] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5723] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5724] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5723] <... futex resumed>) = 0 [pid 5724] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5723] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5723] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5723] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5723] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5723] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5723] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5725 attached => {parent_tid=[655]}, 88) = 655 [pid 5725] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5723] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5725] <... rseq resumed>) = 0 [pid 5725] set_robust_list(0x7eff0a3299a0, 24 [pid 5723] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5725] <... set_robust_list resumed>) = 0 [pid 5725] rt_sigprocmask(SIG_SETMASK, [], [pid 5723] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5725] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5725] creat("./file1", 000) = 5 [pid 5725] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5723] <... futex resumed>) = 0 [pid 5725] <... futex resumed>) = 1 [pid 5724] <... write resumed>) = 1048064 [pid 5724] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5724] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5725] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5723] close(3) = 0 [pid 5723] close(4) = 0 [pid 5723] close(5) = 0 [pid 5723] close(6) = -1 EBADF (Bad file descriptor) [pid 5723] close(7) = -1 EBADF (Bad file descriptor) [pid 5723] close(8) = -1 EBADF (Bad file descriptor) [pid 5723] close(9) = -1 EBADF (Bad file descriptor) [pid 5723] close(10) = -1 EBADF (Bad file descriptor) [pid 5723] close(11) = -1 EBADF (Bad file descriptor) [pid 5723] close(12) = -1 EBADF (Bad file descriptor) [pid 5723] close(13) = -1 EBADF (Bad file descriptor) [pid 5723] close(14) = -1 EBADF (Bad file descriptor) [pid 5723] close(15) = -1 EBADF (Bad file descriptor) [pid 5723] close(16) = -1 EBADF (Bad file descriptor) [pid 5723] close(17) = -1 EBADF (Bad file descriptor) [pid 5723] close(18) = -1 EBADF (Bad file descriptor) [pid 5723] close(19) = -1 EBADF (Bad file descriptor) [pid 5723] close(20) = -1 EBADF (Bad file descriptor) [pid 5723] close(21) = -1 EBADF (Bad file descriptor) [pid 5723] close(22) = -1 EBADF (Bad file descriptor) [pid 5723] close(23) = -1 EBADF (Bad file descriptor) [pid 5723] close(24) = -1 EBADF (Bad file descriptor) [pid 5723] close(25) = -1 EBADF (Bad file descriptor) [pid 5723] close(26) = -1 EBADF (Bad file descriptor) [pid 5723] close(27) = -1 EBADF (Bad file descriptor) [pid 5723] close(28) = -1 EBADF (Bad file descriptor) [pid 5723] close(29) = -1 EBADF (Bad file descriptor) [pid 5723] exit_group(0 [pid 5725] <... futex resumed>) = ? [pid 5725] +++ exited with 0 +++ [pid 5724] <... futex resumed>) = ? [pid 5723] <... exit_group resumed>) = ? [pid 5724] +++ exited with 0 +++ [pid 5723] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=653, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./217", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./217", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./217/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./217/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./217/cgroup.cpu") = 0 [pid 5063] umount2("./217/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./217/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./217/binderfs") = 0 [pid 5063] umount2("./217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./217/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./217/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./217/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./217/file0") = 0 [pid 5063] umount2("./217/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./217/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./217/cgroup") = 0 [pid 5063] umount2("./217/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./217/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./217/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./217") = 0 [pid 5063] mkdir("./218", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 656 ./strace-static-x86_64: Process 5726 attached [pid 5726] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5726] chdir("./218") = 0 [pid 5726] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5726] setpgid(0, 0) = 0 [pid 5726] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5726] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5726] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5726] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5726] write(3, "1000", 4) = 4 [pid 5726] close(3) = 0 [pid 5726] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5726] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5726] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5726] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5726] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5726] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5726] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5726] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5727 attached [pid 5727] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5727] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5727] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5726] <... clone3 resumed> => {parent_tid=[657]}, 88) = 657 [pid 5727] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5726] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5726] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5727] <... futex resumed>) = 0 [pid 5726] <... futex resumed>) = 1 [pid 5726] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5727] memfd_create("syzkaller", 0) = 3 [pid 5727] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5727] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5727] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5727] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5727] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5727] close(3) = 0 [pid 5727] mkdir("./file0", 0777) = 0 [pid 5727] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5727] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5727] chdir("./file0") = 0 [pid 5727] ioctl(4, LOOP_CLR_FD) = 0 [pid 5727] close(4) = 0 [pid 5727] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5726] <... futex resumed>) = 0 [pid 5727] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5726] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 179.738669][ T5727] loop0: detected capacity change from 0 to 4096 [ 179.759223][ T5727] ntfs: volume version 3.1. [pid 5727] <... openat resumed>) = 4 [pid 5726] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5727] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5726] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5727] <... futex resumed>) = 0 [pid 5726] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5727] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5726] <... futex resumed>) = 0 [pid 5726] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5726] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5726] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5726] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5726] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5726] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5728 attached [pid 5728] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5726] <... clone3 resumed> => {parent_tid=[658]}, 88) = 658 [pid 5728] <... rseq resumed>) = 0 [pid 5726] rt_sigprocmask(SIG_SETMASK, [], [pid 5728] set_robust_list(0x7eff0a3299a0, 24 [pid 5726] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5728] <... set_robust_list resumed>) = 0 [pid 5728] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5728] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5726] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5728] <... futex resumed>) = 0 [pid 5726] <... futex resumed>) = 1 [pid 5728] creat("./file1", 000 [pid 5726] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5728] <... creat resumed>) = 5 [pid 5727] <... write resumed>) = 1048064 [pid 5728] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5727] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5728] <... futex resumed>) = 1 [pid 5727] <... futex resumed>) = 0 [pid 5726] <... futex resumed>) = 0 [pid 5728] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5727] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5726] close(3) = 0 [pid 5726] close(4) = 0 [pid 5726] close(5) = 0 [pid 5726] close(6) = -1 EBADF (Bad file descriptor) [pid 5726] close(7) = -1 EBADF (Bad file descriptor) [pid 5726] close(8) = -1 EBADF (Bad file descriptor) [pid 5726] close(9) = -1 EBADF (Bad file descriptor) [pid 5726] close(10) = -1 EBADF (Bad file descriptor) [pid 5726] close(11) = -1 EBADF (Bad file descriptor) [pid 5726] close(12) = -1 EBADF (Bad file descriptor) [pid 5726] close(13) = -1 EBADF (Bad file descriptor) [pid 5726] close(14) = -1 EBADF (Bad file descriptor) [pid 5726] close(15) = -1 EBADF (Bad file descriptor) [pid 5726] close(16) = -1 EBADF (Bad file descriptor) [pid 5726] close(17) = -1 EBADF (Bad file descriptor) [pid 5726] close(18) = -1 EBADF (Bad file descriptor) [pid 5726] close(19) = -1 EBADF (Bad file descriptor) [pid 5726] close(20) = -1 EBADF (Bad file descriptor) [pid 5726] close(21) = -1 EBADF (Bad file descriptor) [pid 5726] close(22) = -1 EBADF (Bad file descriptor) [pid 5726] close(23) = -1 EBADF (Bad file descriptor) [pid 5726] close(24) = -1 EBADF (Bad file descriptor) [pid 5726] close(25) = -1 EBADF (Bad file descriptor) [pid 5726] close(26) = -1 EBADF (Bad file descriptor) [pid 5726] close(27) = -1 EBADF (Bad file descriptor) [pid 5726] close(28) = -1 EBADF (Bad file descriptor) [pid 5726] close(29) = -1 EBADF (Bad file descriptor) [pid 5726] exit_group(0) = ? [pid 5727] <... futex resumed>) = ? [pid 5728] <... futex resumed>) = ? [pid 5727] +++ exited with 0 +++ [pid 5728] +++ exited with 0 +++ [pid 5726] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=656, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./218", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./218", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./218/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./218/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./218/cgroup.cpu") = 0 [pid 5063] umount2("./218/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./218/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./218/binderfs") = 0 [pid 5063] umount2("./218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./218/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./218/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./218/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./218/file0") = 0 [pid 5063] umount2("./218/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./218/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./218/cgroup") = 0 [pid 5063] umount2("./218/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./218/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./218/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./218") = 0 [pid 5063] mkdir("./219", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5729 attached , child_tidptr=0x5555560b8690) = 659 [pid 5729] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5729] chdir("./219") = 0 [pid 5729] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5729] setpgid(0, 0) = 0 [pid 5729] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5729] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5729] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5729] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5729] write(3, "1000", 4) = 4 [pid 5729] close(3) = 0 [pid 5729] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5729] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5729] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5729] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5729] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5729] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5729] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5729] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5730 attached => {parent_tid=[660]}, 88) = 660 [pid 5730] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5729] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5730] <... rseq resumed>) = 0 [pid 5729] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5730] set_robust_list(0x7eff0a34a9a0, 24 [pid 5729] <... futex resumed>) = 0 [pid 5729] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5730] <... set_robust_list resumed>) = 0 [pid 5730] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5730] memfd_create("syzkaller", 0) = 3 [pid 5730] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5730] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5730] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5730] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5730] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5730] close(3) = 0 [pid 5730] mkdir("./file0", 0777) = 0 [ 180.357003][ T5730] loop0: detected capacity change from 0 to 4096 [ 180.370712][ T5730] __ntfs_warning: 170 callbacks suppressed [ 180.370720][ T5730] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 180.397451][ T5730] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 180.406855][ T5730] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 180.422678][ T5730] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 180.431415][ T5730] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 180.451496][ T5730] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 180.460247][ T5730] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 180.480625][ T5730] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5730] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5730] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5730] chdir("./file0") = 0 [pid 5730] ioctl(4, LOOP_CLR_FD) = 0 [pid 5730] close(4) = 0 [pid 5730] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5729] <... futex resumed>) = 0 [pid 5730] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5729] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5730] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5729] <... futex resumed>) = 0 [pid 5730] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5729] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5730] <... openat resumed>) = 4 [pid 5730] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5729] <... futex resumed>) = 0 [pid 5730] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5729] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5730] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5729] <... futex resumed>) = 0 [pid 5730] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 180.489809][ T5730] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 180.510208][ T5730] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 180.520897][ T5730] ntfs: volume version 3.1. [pid 5729] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5729] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5729] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5729] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5729] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5729] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5731 attached [pid 5731] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5729] <... clone3 resumed> => {parent_tid=[661]}, 88) = 661 [pid 5731] set_robust_list(0x7eff0a3299a0, 24 [pid 5729] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5729] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5729] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5731] <... set_robust_list resumed>) = 0 [pid 5731] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5731] creat("./file1", 000) = 5 [pid 5730] <... write resumed>) = 1048064 [pid 5731] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5730] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5731] <... futex resumed>) = 1 [pid 5731] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5730] <... futex resumed>) = 0 [pid 5729] <... futex resumed>) = 0 [pid 5730] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5729] close(3) = 0 [pid 5729] close(4) = 0 [pid 5729] close(5) = 0 [pid 5729] close(6) = -1 EBADF (Bad file descriptor) [pid 5729] close(7) = -1 EBADF (Bad file descriptor) [pid 5729] close(8) = -1 EBADF (Bad file descriptor) [pid 5729] close(9) = -1 EBADF (Bad file descriptor) [pid 5729] close(10) = -1 EBADF (Bad file descriptor) [pid 5729] close(11) = -1 EBADF (Bad file descriptor) [pid 5729] close(12) = -1 EBADF (Bad file descriptor) [pid 5729] close(13) = -1 EBADF (Bad file descriptor) [pid 5729] close(14) = -1 EBADF (Bad file descriptor) [pid 5729] close(15) = -1 EBADF (Bad file descriptor) [pid 5729] close(16) = -1 EBADF (Bad file descriptor) [pid 5729] close(17) = -1 EBADF (Bad file descriptor) [pid 5729] close(18) = -1 EBADF (Bad file descriptor) [pid 5729] close(19) = -1 EBADF (Bad file descriptor) [pid 5729] close(20) = -1 EBADF (Bad file descriptor) [pid 5729] close(21) = -1 EBADF (Bad file descriptor) [pid 5729] close(22) = -1 EBADF (Bad file descriptor) [pid 5729] close(23) = -1 EBADF (Bad file descriptor) [pid 5729] close(24) = -1 EBADF (Bad file descriptor) [pid 5729] close(25) = -1 EBADF (Bad file descriptor) [pid 5729] close(26) = -1 EBADF (Bad file descriptor) [pid 5729] close(27) = -1 EBADF (Bad file descriptor) [pid 5729] close(28) = -1 EBADF (Bad file descriptor) [pid 5729] close(29) = -1 EBADF (Bad file descriptor) [pid 5729] exit_group(0) = ? [pid 5731] <... futex resumed>) = ? [pid 5730] <... futex resumed>) = ? [pid 5731] +++ exited with 0 +++ [pid 5730] +++ exited with 0 +++ [pid 5729] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=659, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5063] umount2("./219", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./219", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./219/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./219/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./219/cgroup.cpu") = 0 [pid 5063] umount2("./219/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./219/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./219/binderfs") = 0 [pid 5063] umount2("./219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./219/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./219/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./219/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./219/file0") = 0 [pid 5063] umount2("./219/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./219/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./219/cgroup") = 0 [pid 5063] umount2("./219/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./219/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./219/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./219") = 0 [pid 5063] mkdir("./220", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5732 attached [pid 5732] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 662 [pid 5732] chdir("./220") = 0 [pid 5732] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5732] setpgid(0, 0) = 0 [pid 5732] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5732] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5732] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5732] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5732] write(3, "1000", 4) = 4 [pid 5732] close(3) = 0 [pid 5732] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5732] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5732] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5732] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5732] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5732] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5732] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5732] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5733 attached => {parent_tid=[663]}, 88) = 663 [pid 5733] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5732] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5732] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5732] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5733] <... rseq resumed>) = 0 [pid 5733] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5733] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5733] memfd_create("syzkaller", 0) = 3 [pid 5733] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5733] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5733] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5733] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5733] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5733] close(3) = 0 [pid 5733] mkdir("./file0", 0777) = 0 [pid 5733] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5733] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5733] chdir("./file0") = 0 [pid 5733] ioctl(4, LOOP_CLR_FD) = 0 [pid 5733] close(4) = 0 [pid 5733] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5732] <... futex resumed>) = 0 [pid 5733] <... futex resumed>) = 1 [pid 5733] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5732] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5732] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5733] <... openat resumed>) = 4 [pid 5733] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5733] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5732] <... futex resumed>) = 0 [pid 5732] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5733] <... futex resumed>) = 0 [pid 5732] <... futex resumed>) = 1 [pid 5733] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 181.100804][ T5733] loop0: detected capacity change from 0 to 4096 [ 181.127953][ T5733] ntfs: volume version 3.1. [pid 5732] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5732] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5732] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5732] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5732] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5732] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5734 attached [pid 5734] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5732] <... clone3 resumed> => {parent_tid=[664]}, 88) = 664 [pid 5732] rt_sigprocmask(SIG_SETMASK, [], [pid 5734] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5732] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5734] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5732] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5734] creat("./file1", 000 [pid 5732] <... futex resumed>) = 0 [pid 5732] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5734] <... creat resumed>) = 5 [pid 5733] <... write resumed>) = 1048064 [pid 5734] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5733] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5734] <... futex resumed>) = 1 [pid 5732] <... futex resumed>) = 0 [pid 5734] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5733] <... futex resumed>) = 0 [pid 5732] close(3 [pid 5733] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5732] <... close resumed>) = 0 [pid 5732] close(4) = 0 [pid 5732] close(5) = 0 [pid 5732] close(6) = -1 EBADF (Bad file descriptor) [pid 5732] close(7) = -1 EBADF (Bad file descriptor) [pid 5732] close(8) = -1 EBADF (Bad file descriptor) [pid 5732] close(9) = -1 EBADF (Bad file descriptor) [pid 5732] close(10) = -1 EBADF (Bad file descriptor) [pid 5732] close(11) = -1 EBADF (Bad file descriptor) [pid 5732] close(12) = -1 EBADF (Bad file descriptor) [pid 5732] close(13) = -1 EBADF (Bad file descriptor) [pid 5732] close(14) = -1 EBADF (Bad file descriptor) [pid 5732] close(15) = -1 EBADF (Bad file descriptor) [pid 5732] close(16) = -1 EBADF (Bad file descriptor) [pid 5732] close(17) = -1 EBADF (Bad file descriptor) [pid 5732] close(18) = -1 EBADF (Bad file descriptor) [pid 5732] close(19) = -1 EBADF (Bad file descriptor) [pid 5732] close(20) = -1 EBADF (Bad file descriptor) [pid 5732] close(21) = -1 EBADF (Bad file descriptor) [pid 5732] close(22) = -1 EBADF (Bad file descriptor) [pid 5732] close(23) = -1 EBADF (Bad file descriptor) [pid 5732] close(24) = -1 EBADF (Bad file descriptor) [pid 5732] close(25) = -1 EBADF (Bad file descriptor) [pid 5732] close(26) = -1 EBADF (Bad file descriptor) [pid 5732] close(27) = -1 EBADF (Bad file descriptor) [pid 5732] close(28) = -1 EBADF (Bad file descriptor) [pid 5732] close(29) = -1 EBADF (Bad file descriptor) [pid 5732] exit_group(0 [pid 5733] <... futex resumed>) = ? [pid 5732] <... exit_group resumed>) = ? [pid 5734] <... futex resumed>) = ? [pid 5734] +++ exited with 0 +++ [pid 5733] +++ exited with 0 +++ [pid 5732] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=662, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./220", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./220", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./220/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./220/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./220/cgroup.cpu") = 0 [pid 5063] umount2("./220/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./220/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./220/binderfs") = 0 [pid 5063] umount2("./220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./220/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./220/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./220/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./220/file0") = 0 [pid 5063] umount2("./220/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./220/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./220/cgroup") = 0 [pid 5063] umount2("./220/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./220/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./220/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./220") = 0 [pid 5063] mkdir("./221", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5735 attached , child_tidptr=0x5555560b8690) = 665 [pid 5735] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5735] chdir("./221") = 0 [pid 5735] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5735] setpgid(0, 0) = 0 [pid 5735] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5735] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5735] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5735] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5735] write(3, "1000", 4) = 4 [pid 5735] close(3) = 0 [pid 5735] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5735] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5735] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5735] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5735] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5735] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5735] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5735] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5736 attached => {parent_tid=[666]}, 88) = 666 [pid 5736] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5735] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5735] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5735] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5736] <... rseq resumed>) = 0 [pid 5736] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5736] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5736] memfd_create("syzkaller", 0) = 3 [pid 5736] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5736] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5736] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5736] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5736] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5736] close(3) = 0 [pid 5736] mkdir("./file0", 0777) = 0 [pid 5736] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5736] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5736] chdir("./file0") = 0 [pid 5736] ioctl(4, LOOP_CLR_FD) = 0 [pid 5736] close(4) = 0 [pid 5736] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5735] <... futex resumed>) = 0 [pid 5736] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5735] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5736] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5735] <... futex resumed>) = 0 [pid 5735] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5736] <... openat resumed>) = 4 [ 181.714803][ T5736] loop0: detected capacity change from 0 to 4096 [ 181.737346][ T5736] ntfs: volume version 3.1. [pid 5736] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5735] <... futex resumed>) = 0 [pid 5736] <... futex resumed>) = 1 [pid 5735] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5736] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5735] <... futex resumed>) = 0 [pid 5735] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5735] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5735] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5735] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5735] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5735] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5737 attached => {parent_tid=[667]}, 88) = 667 [pid 5737] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5737] set_robust_list(0x7eff0a3299a0, 24 [pid 5736] <... write resumed>) = 1048064 [pid 5735] rt_sigprocmask(SIG_SETMASK, [], [pid 5736] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5735] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5736] <... futex resumed>) = 0 [pid 5735] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5736] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5735] <... futex resumed>) = 0 [pid 5735] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5737] <... set_robust_list resumed>) = 0 [pid 5737] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5737] creat("./file1", 000) = 5 [pid 5737] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5735] <... futex resumed>) = 0 [pid 5737] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5735] close(3) = 0 [pid 5735] close(4) = 0 [pid 5735] close(5) = 0 [pid 5735] close(6) = -1 EBADF (Bad file descriptor) [pid 5735] close(7) = -1 EBADF (Bad file descriptor) [pid 5735] close(8) = -1 EBADF (Bad file descriptor) [pid 5735] close(9) = -1 EBADF (Bad file descriptor) [pid 5735] close(10) = -1 EBADF (Bad file descriptor) [pid 5735] close(11) = -1 EBADF (Bad file descriptor) [pid 5735] close(12) = -1 EBADF (Bad file descriptor) [pid 5735] close(13) = -1 EBADF (Bad file descriptor) [pid 5735] close(14) = -1 EBADF (Bad file descriptor) [pid 5735] close(15) = -1 EBADF (Bad file descriptor) [pid 5735] close(16) = -1 EBADF (Bad file descriptor) [pid 5735] close(17) = -1 EBADF (Bad file descriptor) [pid 5735] close(18) = -1 EBADF (Bad file descriptor) [pid 5735] close(19) = -1 EBADF (Bad file descriptor) [pid 5735] close(20) = -1 EBADF (Bad file descriptor) [pid 5735] close(21) = -1 EBADF (Bad file descriptor) [pid 5735] close(22) = -1 EBADF (Bad file descriptor) [pid 5735] close(23) = -1 EBADF (Bad file descriptor) [pid 5735] close(24) = -1 EBADF (Bad file descriptor) [pid 5735] close(25) = -1 EBADF (Bad file descriptor) [pid 5735] close(26) = -1 EBADF (Bad file descriptor) [pid 5735] close(27) = -1 EBADF (Bad file descriptor) [pid 5735] close(28) = -1 EBADF (Bad file descriptor) [pid 5735] close(29) = -1 EBADF (Bad file descriptor) [pid 5735] exit_group(0) = ? [pid 5736] <... futex resumed>) = ? [pid 5737] <... futex resumed>) = ? [pid 5736] +++ exited with 0 +++ [pid 5737] +++ exited with 0 +++ [pid 5735] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=665, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./221", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./221", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./221/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./221/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./221/cgroup.cpu") = 0 [pid 5063] umount2("./221/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./221/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./221/binderfs") = 0 [pid 5063] umount2("./221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./221/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./221/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./221/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./221/file0") = 0 [pid 5063] umount2("./221/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./221/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./221/cgroup") = 0 [pid 5063] umount2("./221/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./221/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./221/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./221") = 0 [pid 5063] mkdir("./222", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5738 attached , child_tidptr=0x5555560b8690) = 668 [pid 5738] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5738] chdir("./222") = 0 [pid 5738] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5738] setpgid(0, 0) = 0 [pid 5738] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5738] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5738] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5738] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5738] write(3, "1000", 4) = 4 [pid 5738] close(3) = 0 [pid 5738] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5738] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5738] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5738] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5738] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5738] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5738] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5738] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5739 attached => {parent_tid=[669]}, 88) = 669 [pid 5739] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5738] rt_sigprocmask(SIG_SETMASK, [], [pid 5739] <... rseq resumed>) = 0 [pid 5739] set_robust_list(0x7eff0a34a9a0, 24 [pid 5738] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5739] <... set_robust_list resumed>) = 0 [pid 5738] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5739] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5738] <... futex resumed>) = 0 [pid 5738] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5739] memfd_create("syzkaller", 0) = 3 [pid 5739] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5739] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5739] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5739] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5739] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5739] close(3) = 0 [pid 5739] mkdir("./file0", 0777) = 0 [pid 5739] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5739] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5739] chdir("./file0") = 0 [pid 5739] ioctl(4, LOOP_CLR_FD) = 0 [pid 5739] close(4) = 0 [pid 5739] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5739] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5738] <... futex resumed>) = 0 [pid 5738] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5739] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5738] <... futex resumed>) = 0 [pid 5739] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5738] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5739] <... openat resumed>) = 4 [ 182.380244][ T5739] loop0: detected capacity change from 0 to 4096 [ 182.401541][ T5739] ntfs: volume version 3.1. [pid 5739] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5738] <... futex resumed>) = 0 [pid 5739] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5738] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5739] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5738] <... futex resumed>) = 0 [pid 5739] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5738] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5738] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5738] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5738] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5738] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5738] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5740 attached => {parent_tid=[670]}, 88) = 670 [pid 5740] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5738] rt_sigprocmask(SIG_SETMASK, [], [pid 5740] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5740] rt_sigprocmask(SIG_SETMASK, [], [pid 5738] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5738] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5740] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5740] creat("./file1", 000 [pid 5738] <... futex resumed>) = 0 [pid 5738] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5740] <... creat resumed>) = 5 [pid 5740] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5739] <... write resumed>) = 1048064 [pid 5738] <... futex resumed>) = 0 [pid 5740] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5739] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5739] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5738] close(3) = 0 [pid 5738] close(4) = 0 [pid 5738] close(5) = 0 [pid 5738] close(6) = -1 EBADF (Bad file descriptor) [pid 5738] close(7) = -1 EBADF (Bad file descriptor) [pid 5738] close(8) = -1 EBADF (Bad file descriptor) [pid 5738] close(9) = -1 EBADF (Bad file descriptor) [pid 5738] close(10) = -1 EBADF (Bad file descriptor) [pid 5738] close(11) = -1 EBADF (Bad file descriptor) [pid 5738] close(12) = -1 EBADF (Bad file descriptor) [pid 5738] close(13) = -1 EBADF (Bad file descriptor) [pid 5738] close(14) = -1 EBADF (Bad file descriptor) [pid 5738] close(15) = -1 EBADF (Bad file descriptor) [pid 5738] close(16) = -1 EBADF (Bad file descriptor) [pid 5738] close(17) = -1 EBADF (Bad file descriptor) [pid 5738] close(18) = -1 EBADF (Bad file descriptor) [pid 5738] close(19) = -1 EBADF (Bad file descriptor) [pid 5738] close(20) = -1 EBADF (Bad file descriptor) [pid 5738] close(21) = -1 EBADF (Bad file descriptor) [pid 5738] close(22) = -1 EBADF (Bad file descriptor) [pid 5738] close(23) = -1 EBADF (Bad file descriptor) [pid 5738] close(24) = -1 EBADF (Bad file descriptor) [pid 5738] close(25) = -1 EBADF (Bad file descriptor) [pid 5738] close(26) = -1 EBADF (Bad file descriptor) [pid 5738] close(27) = -1 EBADF (Bad file descriptor) [pid 5738] close(28) = -1 EBADF (Bad file descriptor) [pid 5738] close(29) = -1 EBADF (Bad file descriptor) [pid 5738] exit_group(0 [pid 5739] <... futex resumed>) = ? [pid 5738] <... exit_group resumed>) = ? [pid 5740] <... futex resumed>) = ? [pid 5739] +++ exited with 0 +++ [pid 5740] +++ exited with 0 +++ [pid 5738] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=668, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./222", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./222", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./222/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./222/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./222/cgroup.cpu") = 0 [pid 5063] umount2("./222/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./222/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./222/binderfs") = 0 [pid 5063] umount2("./222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./222/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./222/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./222/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./222/file0") = 0 [pid 5063] umount2("./222/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./222/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./222/cgroup") = 0 [pid 5063] umount2("./222/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./222/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./222/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./222") = 0 [pid 5063] mkdir("./223", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5741 attached , child_tidptr=0x5555560b8690) = 671 [pid 5741] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5741] chdir("./223") = 0 [pid 5741] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5741] setpgid(0, 0) = 0 [pid 5741] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5741] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5741] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5741] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5741] write(3, "1000", 4) = 4 [pid 5741] close(3) = 0 [pid 5741] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5741] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5741] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5741] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5741] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5741] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5741] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5741] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5742 attached => {parent_tid=[672]}, 88) = 672 [pid 5742] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5741] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5742] <... rseq resumed>) = 0 [pid 5741] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5742] set_robust_list(0x7eff0a34a9a0, 24 [pid 5741] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5742] <... set_robust_list resumed>) = 0 [pid 5742] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5742] memfd_create("syzkaller", 0) = 3 [pid 5742] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5742] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5742] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5742] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5742] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5742] close(3) = 0 [pid 5742] mkdir("./file0", 0777) = 0 [pid 5742] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5742] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5742] chdir("./file0") = 0 [pid 5742] ioctl(4, LOOP_CLR_FD) = 0 [pid 5742] close(4) = 0 [pid 5742] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5741] <... futex resumed>) = 0 [pid 5742] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5741] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5742] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5741] <... futex resumed>) = 0 [pid 5741] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5742] <... openat resumed>) = 4 [pid 5742] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5742] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5741] <... futex resumed>) = 0 [pid 5741] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5742] <... futex resumed>) = 0 [pid 5741] <... futex resumed>) = 1 [pid 5742] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 183.012493][ T5742] loop0: detected capacity change from 0 to 4096 [ 183.042881][ T5742] ntfs: volume version 3.1. [pid 5741] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5741] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5741] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5741] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5741] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5741] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5743 attached [pid 5743] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5741] <... clone3 resumed> => {parent_tid=[673]}, 88) = 673 [pid 5743] <... rseq resumed>) = 0 [pid 5741] rt_sigprocmask(SIG_SETMASK, [], [pid 5743] set_robust_list(0x7eff0a3299a0, 24 [pid 5741] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5743] <... set_robust_list resumed>) = 0 [pid 5741] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5743] rt_sigprocmask(SIG_SETMASK, [], [pid 5741] <... futex resumed>) = 0 [pid 5743] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5743] creat("./file1", 000 [pid 5741] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5743] <... creat resumed>) = 5 [pid 5743] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5742] <... write resumed>) = 1048064 [pid 5741] <... futex resumed>) = 0 [pid 5743] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5742] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5742] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5741] close(3) = 0 [pid 5741] close(4) = 0 [pid 5741] close(5) = 0 [pid 5741] close(6) = -1 EBADF (Bad file descriptor) [pid 5741] close(7) = -1 EBADF (Bad file descriptor) [pid 5741] close(8) = -1 EBADF (Bad file descriptor) [pid 5741] close(9) = -1 EBADF (Bad file descriptor) [pid 5741] close(10) = -1 EBADF (Bad file descriptor) [pid 5741] close(11) = -1 EBADF (Bad file descriptor) [pid 5741] close(12) = -1 EBADF (Bad file descriptor) [pid 5741] close(13) = -1 EBADF (Bad file descriptor) [pid 5741] close(14) = -1 EBADF (Bad file descriptor) [pid 5741] close(15) = -1 EBADF (Bad file descriptor) [pid 5741] close(16) = -1 EBADF (Bad file descriptor) [pid 5741] close(17) = -1 EBADF (Bad file descriptor) [pid 5741] close(18) = -1 EBADF (Bad file descriptor) [pid 5741] close(19) = -1 EBADF (Bad file descriptor) [pid 5741] close(20) = -1 EBADF (Bad file descriptor) [pid 5741] close(21) = -1 EBADF (Bad file descriptor) [pid 5741] close(22) = -1 EBADF (Bad file descriptor) [pid 5741] close(23) = -1 EBADF (Bad file descriptor) [pid 5741] close(24) = -1 EBADF (Bad file descriptor) [pid 5741] close(25) = -1 EBADF (Bad file descriptor) [pid 5741] close(26) = -1 EBADF (Bad file descriptor) [pid 5741] close(27) = -1 EBADF (Bad file descriptor) [pid 5741] close(28) = -1 EBADF (Bad file descriptor) [pid 5741] close(29) = -1 EBADF (Bad file descriptor) [pid 5741] exit_group(0 [pid 5743] <... futex resumed>) = ? [pid 5742] <... futex resumed>) = ? [pid 5741] <... exit_group resumed>) = ? [pid 5743] +++ exited with 0 +++ [pid 5742] +++ exited with 0 +++ [pid 5741] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=671, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] umount2("./223", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./223", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./223/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./223/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./223/cgroup.cpu") = 0 [pid 5063] umount2("./223/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./223/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./223/binderfs") = 0 [pid 5063] umount2("./223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./223/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./223/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./223/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./223/file0") = 0 [pid 5063] umount2("./223/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./223/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./223/cgroup") = 0 [pid 5063] umount2("./223/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./223/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./223/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./223") = 0 [pid 5063] mkdir("./224", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5744 attached , child_tidptr=0x5555560b8690) = 674 [pid 5744] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5744] chdir("./224") = 0 [pid 5744] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5744] setpgid(0, 0) = 0 [pid 5744] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5744] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5744] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5744] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5744] write(3, "1000", 4) = 4 [pid 5744] close(3) = 0 [pid 5744] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5744] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5744] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5744] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5744] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5744] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5744] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5744] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5745 attached => {parent_tid=[675]}, 88) = 675 [pid 5745] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5744] rt_sigprocmask(SIG_SETMASK, [], [pid 5745] <... rseq resumed>) = 0 [pid 5744] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5745] set_robust_list(0x7eff0a34a9a0, 24 [pid 5744] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5745] <... set_robust_list resumed>) = 0 [pid 5745] rt_sigprocmask(SIG_SETMASK, [], [pid 5744] <... futex resumed>) = 0 [pid 5745] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5744] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5745] memfd_create("syzkaller", 0) = 3 [pid 5745] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5745] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5745] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5745] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5745] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5745] close(3) = 0 [pid 5745] mkdir("./file0", 0777) = 0 [pid 5745] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5745] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5745] chdir("./file0") = 0 [pid 5745] ioctl(4, LOOP_CLR_FD) = 0 [pid 5745] close(4) = 0 [pid 5745] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5744] <... futex resumed>) = 0 [pid 5745] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5744] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5745] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5744] <... futex resumed>) = 0 [pid 5745] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 183.543666][ T5745] loop0: detected capacity change from 0 to 4096 [ 183.576063][ T5745] ntfs: volume version 3.1. [pid 5744] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5745] <... openat resumed>) = 4 [pid 5745] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5744] <... futex resumed>) = 0 [pid 5745] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5744] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5745] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5745] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5744] <... futex resumed>) = 0 [pid 5744] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5744] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5744] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5744] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5744] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5744] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5746 attached [pid 5746] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5744] <... clone3 resumed> => {parent_tid=[676]}, 88) = 676 [pid 5746] set_robust_list(0x7eff0a3299a0, 24 [pid 5744] rt_sigprocmask(SIG_SETMASK, [], [pid 5746] <... set_robust_list resumed>) = 0 [pid 5744] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5746] rt_sigprocmask(SIG_SETMASK, [], [pid 5744] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5746] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5744] <... futex resumed>) = 0 [pid 5746] creat("./file1", 000 [pid 5744] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5746] <... creat resumed>) = 5 [pid 5745] <... write resumed>) = 1048064 [pid 5746] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5745] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5746] <... futex resumed>) = 1 [pid 5746] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5745] <... futex resumed>) = 0 [pid 5745] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5744] <... futex resumed>) = 0 [pid 5744] close(3) = 0 [pid 5744] close(4) = 0 [pid 5744] close(5) = 0 [pid 5744] close(6) = -1 EBADF (Bad file descriptor) [pid 5744] close(7) = -1 EBADF (Bad file descriptor) [pid 5744] close(8) = -1 EBADF (Bad file descriptor) [pid 5744] close(9) = -1 EBADF (Bad file descriptor) [pid 5744] close(10) = -1 EBADF (Bad file descriptor) [pid 5744] close(11) = -1 EBADF (Bad file descriptor) [pid 5744] close(12) = -1 EBADF (Bad file descriptor) [pid 5744] close(13) = -1 EBADF (Bad file descriptor) [pid 5744] close(14) = -1 EBADF (Bad file descriptor) [pid 5744] close(15) = -1 EBADF (Bad file descriptor) [pid 5744] close(16) = -1 EBADF (Bad file descriptor) [pid 5744] close(17) = -1 EBADF (Bad file descriptor) [pid 5744] close(18) = -1 EBADF (Bad file descriptor) [pid 5744] close(19) = -1 EBADF (Bad file descriptor) [pid 5744] close(20) = -1 EBADF (Bad file descriptor) [pid 5744] close(21) = -1 EBADF (Bad file descriptor) [pid 5744] close(22) = -1 EBADF (Bad file descriptor) [pid 5744] close(23) = -1 EBADF (Bad file descriptor) [pid 5744] close(24) = -1 EBADF (Bad file descriptor) [pid 5744] close(25) = -1 EBADF (Bad file descriptor) [pid 5744] close(26) = -1 EBADF (Bad file descriptor) [pid 5744] close(27) = -1 EBADF (Bad file descriptor) [pid 5744] close(28) = -1 EBADF (Bad file descriptor) [pid 5744] close(29) = -1 EBADF (Bad file descriptor) [pid 5744] exit_group(0) = ? [pid 5745] <... futex resumed>) = ? [pid 5746] <... futex resumed>) = ? [pid 5745] +++ exited with 0 +++ [pid 5746] +++ exited with 0 +++ [pid 5744] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=674, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./224", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./224", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./224/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./224/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./224/cgroup.cpu") = 0 [pid 5063] umount2("./224/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./224/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./224/binderfs") = 0 [pid 5063] umount2("./224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./224/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./224/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./224/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./224/file0") = 0 [pid 5063] umount2("./224/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./224/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./224/cgroup") = 0 [pid 5063] umount2("./224/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./224/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./224/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./224") = 0 [pid 5063] mkdir("./225", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5747 attached , child_tidptr=0x5555560b8690) = 677 [pid 5747] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5747] chdir("./225") = 0 [pid 5747] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5747] setpgid(0, 0) = 0 [pid 5747] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5747] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5747] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5747] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5747] write(3, "1000", 4) = 4 [pid 5747] close(3) = 0 [pid 5747] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5747] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5747] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5747] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5747] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5747] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5747] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5747] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5748 attached [pid 5748] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5747] <... clone3 resumed> => {parent_tid=[678]}, 88) = 678 [pid 5748] <... rseq resumed>) = 0 [pid 5747] rt_sigprocmask(SIG_SETMASK, [], [pid 5748] set_robust_list(0x7eff0a34a9a0, 24 [pid 5747] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5748] <... set_robust_list resumed>) = 0 [pid 5747] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5748] rt_sigprocmask(SIG_SETMASK, [], [pid 5747] <... futex resumed>) = 0 [pid 5748] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5747] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5748] memfd_create("syzkaller", 0) = 3 [pid 5748] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5748] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5748] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5748] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5748] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5748] close(3) = 0 [pid 5748] mkdir("./file0", 0777) = 0 [pid 5748] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5748] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5748] chdir("./file0") = 0 [pid 5748] ioctl(4, LOOP_CLR_FD) = 0 [pid 5748] close(4) = 0 [pid 5748] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5748] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5747] <... futex resumed>) = 0 [pid 5747] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5748] <... futex resumed>) = 0 [pid 5747] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 184.141241][ T5748] loop0: detected capacity change from 0 to 4096 [ 184.177053][ T5748] ntfs: volume version 3.1. [pid 5748] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5748] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5748] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5747] <... futex resumed>) = 0 [pid 5747] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5748] <... futex resumed>) = 0 [pid 5747] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5748] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5747] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5747] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5747] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5747] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5747] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5747] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5749 attached [pid 5749] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5747] <... clone3 resumed> => {parent_tid=[679]}, 88) = 679 [pid 5749] <... rseq resumed>) = 0 [pid 5747] rt_sigprocmask(SIG_SETMASK, [], [pid 5749] set_robust_list(0x7eff0a3299a0, 24 [pid 5747] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5749] <... set_robust_list resumed>) = 0 [pid 5747] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5749] rt_sigprocmask(SIG_SETMASK, [], [pid 5747] <... futex resumed>) = 0 [pid 5749] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5747] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5749] creat("./file1", 000) = 5 [pid 5748] <... write resumed>) = 1048064 [pid 5749] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5748] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5747] <... futex resumed>) = 0 [pid 5749] <... futex resumed>) = 1 [pid 5748] <... futex resumed>) = 0 [pid 5747] close(3 [pid 5748] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5747] <... close resumed>) = 0 [pid 5749] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5747] close(4) = 0 [pid 5747] close(5) = 0 [pid 5747] close(6) = -1 EBADF (Bad file descriptor) [pid 5747] close(7) = -1 EBADF (Bad file descriptor) [pid 5747] close(8) = -1 EBADF (Bad file descriptor) [pid 5747] close(9) = -1 EBADF (Bad file descriptor) [pid 5747] close(10) = -1 EBADF (Bad file descriptor) [pid 5747] close(11) = -1 EBADF (Bad file descriptor) [pid 5747] close(12) = -1 EBADF (Bad file descriptor) [pid 5747] close(13) = -1 EBADF (Bad file descriptor) [pid 5747] close(14) = -1 EBADF (Bad file descriptor) [pid 5747] close(15) = -1 EBADF (Bad file descriptor) [pid 5747] close(16) = -1 EBADF (Bad file descriptor) [pid 5747] close(17) = -1 EBADF (Bad file descriptor) [pid 5747] close(18) = -1 EBADF (Bad file descriptor) [pid 5747] close(19) = -1 EBADF (Bad file descriptor) [pid 5747] close(20) = -1 EBADF (Bad file descriptor) [pid 5747] close(21) = -1 EBADF (Bad file descriptor) [pid 5747] close(22) = -1 EBADF (Bad file descriptor) [pid 5747] close(23) = -1 EBADF (Bad file descriptor) [pid 5747] close(24) = -1 EBADF (Bad file descriptor) [pid 5747] close(25) = -1 EBADF (Bad file descriptor) [pid 5747] close(26) = -1 EBADF (Bad file descriptor) [pid 5747] close(27) = -1 EBADF (Bad file descriptor) [pid 5747] close(28) = -1 EBADF (Bad file descriptor) [pid 5747] close(29) = -1 EBADF (Bad file descriptor) [pid 5747] exit_group(0 [pid 5749] <... futex resumed>) = ? [pid 5748] <... futex resumed>) = ? [pid 5747] <... exit_group resumed>) = ? [pid 5748] +++ exited with 0 +++ [pid 5749] +++ exited with 0 +++ [pid 5747] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=677, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./225", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./225", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./225/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./225/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./225/cgroup.cpu") = 0 [pid 5063] umount2("./225/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./225/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./225/binderfs") = 0 [pid 5063] umount2("./225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./225/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./225/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./225/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./225/file0") = 0 [pid 5063] umount2("./225/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./225/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./225/cgroup") = 0 [pid 5063] umount2("./225/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./225/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./225/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./225") = 0 [pid 5063] mkdir("./226", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5750 attached , child_tidptr=0x5555560b8690) = 680 [pid 5750] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5750] chdir("./226") = 0 [pid 5750] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5750] setpgid(0, 0) = 0 [pid 5750] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5750] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5750] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5750] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5750] write(3, "1000", 4) = 4 [pid 5750] close(3) = 0 [pid 5750] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5750] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5750] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5750] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5750] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5750] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5750] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5750] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5751 attached [pid 5751] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5751] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5750] <... clone3 resumed> => {parent_tid=[681]}, 88) = 681 [pid 5751] rt_sigprocmask(SIG_SETMASK, [], [pid 5750] rt_sigprocmask(SIG_SETMASK, [], [pid 5751] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5750] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5751] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5750] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5750] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5751] memfd_create("syzkaller", 0) = 3 [pid 5751] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5751] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5751] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5751] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5751] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5751] close(3) = 0 [pid 5751] mkdir("./file0", 0777) = 0 [pid 5751] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5751] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5751] chdir("./file0") = 0 [pid 5751] ioctl(4, LOOP_CLR_FD) = 0 [pid 5751] close(4) = 0 [pid 5751] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5750] <... futex resumed>) = 0 [pid 5751] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5750] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5750] <... futex resumed>) = 0 [pid 5750] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5751] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5751] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5750] <... futex resumed>) = 0 [pid 5751] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5750] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5751] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5750] <... futex resumed>) = 0 [pid 5751] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 184.680682][ T5751] loop0: detected capacity change from 0 to 4096 [ 184.702368][ T5751] ntfs: volume version 3.1. [pid 5750] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5750] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5750] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5750] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5750] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5750] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5752 attached => {parent_tid=[682]}, 88) = 682 [pid 5752] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5750] rt_sigprocmask(SIG_SETMASK, [], [pid 5752] <... rseq resumed>) = 0 [pid 5750] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5752] set_robust_list(0x7eff0a3299a0, 24 [pid 5750] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5752] <... set_robust_list resumed>) = 0 [pid 5750] <... futex resumed>) = 0 [pid 5752] rt_sigprocmask(SIG_SETMASK, [], [pid 5750] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5752] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5752] creat("./file1", 000) = 5 [pid 5751] <... write resumed>) = 1048064 [pid 5752] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5751] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5750] <... futex resumed>) = 0 [pid 5752] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5750] close(3 [pid 5751] <... futex resumed>) = 0 [pid 5750] <... close resumed>) = 0 [pid 5751] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5750] close(4) = 0 [pid 5750] close(5) = 0 [pid 5750] close(6) = -1 EBADF (Bad file descriptor) [pid 5750] close(7) = -1 EBADF (Bad file descriptor) [pid 5750] close(8) = -1 EBADF (Bad file descriptor) [pid 5750] close(9) = -1 EBADF (Bad file descriptor) [pid 5750] close(10) = -1 EBADF (Bad file descriptor) [pid 5750] close(11) = -1 EBADF (Bad file descriptor) [pid 5750] close(12) = -1 EBADF (Bad file descriptor) [pid 5750] close(13) = -1 EBADF (Bad file descriptor) [pid 5750] close(14) = -1 EBADF (Bad file descriptor) [pid 5750] close(15) = -1 EBADF (Bad file descriptor) [pid 5750] close(16) = -1 EBADF (Bad file descriptor) [pid 5750] close(17) = -1 EBADF (Bad file descriptor) [pid 5750] close(18) = -1 EBADF (Bad file descriptor) [pid 5750] close(19) = -1 EBADF (Bad file descriptor) [pid 5750] close(20) = -1 EBADF (Bad file descriptor) [pid 5750] close(21) = -1 EBADF (Bad file descriptor) [pid 5750] close(22) = -1 EBADF (Bad file descriptor) [pid 5750] close(23) = -1 EBADF (Bad file descriptor) [pid 5750] close(24) = -1 EBADF (Bad file descriptor) [pid 5750] close(25) = -1 EBADF (Bad file descriptor) [pid 5750] close(26) = -1 EBADF (Bad file descriptor) [pid 5750] close(27) = -1 EBADF (Bad file descriptor) [pid 5750] close(28) = -1 EBADF (Bad file descriptor) [pid 5750] close(29) = -1 EBADF (Bad file descriptor) [pid 5750] exit_group(0 [pid 5751] <... futex resumed>) = ? [pid 5750] <... exit_group resumed>) = ? [pid 5752] <... futex resumed>) = ? [pid 5751] +++ exited with 0 +++ [pid 5752] +++ exited with 0 +++ [pid 5750] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=680, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./226", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./226", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./226/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./226/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./226/cgroup.cpu") = 0 [pid 5063] umount2("./226/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./226/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./226/binderfs") = 0 [pid 5063] umount2("./226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./226/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./226/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./226/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./226/file0") = 0 [pid 5063] umount2("./226/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./226/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./226/cgroup") = 0 [pid 5063] umount2("./226/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./226/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./226/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./226") = 0 [pid 5063] mkdir("./227", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5753 attached , child_tidptr=0x5555560b8690) = 683 [pid 5753] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5753] chdir("./227") = 0 [pid 5753] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5753] setpgid(0, 0) = 0 [pid 5753] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5753] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5753] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5753] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5753] write(3, "1000", 4) = 4 [pid 5753] close(3) = 0 [pid 5753] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5753] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5753] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5753] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5753] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5753] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5753] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5753] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5754 attached => {parent_tid=[684]}, 88) = 684 [pid 5754] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5753] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5753] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5753] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5754] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5754] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5754] memfd_create("syzkaller", 0) = 3 [pid 5754] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5754] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5754] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5754] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5754] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5754] close(3) = 0 [pid 5754] mkdir("./file0", 0777) = 0 [pid 5754] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5754] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5754] chdir("./file0") = 0 [pid 5754] ioctl(4, LOOP_CLR_FD) = 0 [pid 5754] close(4) = 0 [pid 5754] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5753] <... futex resumed>) = 0 [pid 5754] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5753] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5754] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5753] <... futex resumed>) = 0 [pid 5754] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5753] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5754] <... openat resumed>) = 4 [pid 5754] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5753] <... futex resumed>) = 0 [pid 5753] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5753] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 185.253060][ T5754] loop0: detected capacity change from 0 to 4096 [ 185.281959][ T5754] ntfs: volume version 3.1. [pid 5754] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5753] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5753] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5753] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5753] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5753] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5753] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5755 attached [pid 5755] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5753] <... clone3 resumed> => {parent_tid=[685]}, 88) = 685 [pid 5755] <... rseq resumed>) = 0 [pid 5753] rt_sigprocmask(SIG_SETMASK, [], [pid 5755] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5753] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5755] rt_sigprocmask(SIG_SETMASK, [], [pid 5753] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5755] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5753] <... futex resumed>) = 0 [pid 5755] creat("./file1", 000 [pid 5753] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5755] <... creat resumed>) = 5 [pid 5754] <... write resumed>) = 1048064 [pid 5755] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5754] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5755] <... futex resumed>) = 1 [pid 5754] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5753] <... futex resumed>) = 0 [pid 5755] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5753] close(3) = 0 [pid 5753] close(4) = 0 [pid 5753] close(5) = 0 [pid 5753] close(6) = -1 EBADF (Bad file descriptor) [pid 5753] close(7) = -1 EBADF (Bad file descriptor) [pid 5753] close(8) = -1 EBADF (Bad file descriptor) [pid 5753] close(9) = -1 EBADF (Bad file descriptor) [pid 5753] close(10) = -1 EBADF (Bad file descriptor) [pid 5753] close(11) = -1 EBADF (Bad file descriptor) [pid 5753] close(12) = -1 EBADF (Bad file descriptor) [pid 5753] close(13) = -1 EBADF (Bad file descriptor) [pid 5753] close(14) = -1 EBADF (Bad file descriptor) [pid 5753] close(15) = -1 EBADF (Bad file descriptor) [pid 5753] close(16) = -1 EBADF (Bad file descriptor) [pid 5753] close(17) = -1 EBADF (Bad file descriptor) [pid 5753] close(18) = -1 EBADF (Bad file descriptor) [pid 5753] close(19) = -1 EBADF (Bad file descriptor) [pid 5753] close(20) = -1 EBADF (Bad file descriptor) [pid 5753] close(21) = -1 EBADF (Bad file descriptor) [pid 5753] close(22) = -1 EBADF (Bad file descriptor) [pid 5753] close(23) = -1 EBADF (Bad file descriptor) [pid 5753] close(24) = -1 EBADF (Bad file descriptor) [pid 5753] close(25) = -1 EBADF (Bad file descriptor) [pid 5753] close(26) = -1 EBADF (Bad file descriptor) [pid 5753] close(27) = -1 EBADF (Bad file descriptor) [pid 5753] close(28) = -1 EBADF (Bad file descriptor) [pid 5753] close(29) = -1 EBADF (Bad file descriptor) [pid 5753] exit_group(0 [pid 5755] <... futex resumed>) = ? [pid 5754] <... futex resumed>) = ? [pid 5753] <... exit_group resumed>) = ? [pid 5755] +++ exited with 0 +++ [pid 5754] +++ exited with 0 +++ [pid 5753] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=683, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./227", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./227", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./227/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./227/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./227/cgroup.cpu") = 0 [pid 5063] umount2("./227/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./227/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./227/binderfs") = 0 [pid 5063] umount2("./227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./227/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./227/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./227/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./227/file0") = 0 [pid 5063] umount2("./227/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./227/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./227/cgroup") = 0 [pid 5063] umount2("./227/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./227/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./227/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./227") = 0 [pid 5063] mkdir("./228", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5756 attached , child_tidptr=0x5555560b8690) = 686 [pid 5756] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5756] chdir("./228") = 0 [pid 5756] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5756] setpgid(0, 0) = 0 [pid 5756] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5756] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5756] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5756] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5756] write(3, "1000", 4) = 4 [pid 5756] close(3) = 0 [pid 5756] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5756] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5756] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5756] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5756] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5756] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5756] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5756] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5757 attached [pid 5757] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5756] <... clone3 resumed> => {parent_tid=[687]}, 88) = 687 [pid 5757] <... rseq resumed>) = 0 [pid 5756] rt_sigprocmask(SIG_SETMASK, [], [pid 5757] set_robust_list(0x7eff0a34a9a0, 24 [pid 5756] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5757] <... set_robust_list resumed>) = 0 [pid 5757] rt_sigprocmask(SIG_SETMASK, [], [pid 5756] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5757] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5756] <... futex resumed>) = 0 [pid 5756] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5757] memfd_create("syzkaller", 0) = 3 [pid 5757] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5757] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5757] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5757] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5757] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5757] close(3) = 0 [pid 5757] mkdir("./file0", 0777) = 0 [ 185.775149][ T5757] loop0: detected capacity change from 0 to 4096 [ 185.794618][ T5757] __ntfs_warning: 170 callbacks suppressed [ 185.794626][ T5757] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 185.821479][ T5757] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 185.831018][ T5757] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 185.846677][ T5757] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 185.855447][ T5757] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 185.875424][ T5757] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 185.884365][ T5757] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 185.904674][ T5757] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5757] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5757] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5757] chdir("./file0") = 0 [pid 5757] ioctl(4, LOOP_CLR_FD) = 0 [pid 5757] close(4) = 0 [pid 5757] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5757] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5756] <... futex resumed>) = 0 [pid 5757] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5756] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5757] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5756] <... futex resumed>) = 0 [pid 5756] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5757] <... openat resumed>) = 4 [pid 5757] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5756] <... futex resumed>) = 0 [pid 5757] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5756] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5757] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5756] <... futex resumed>) = 0 [ 185.913406][ T5757] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 185.933399][ T5757] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 185.943763][ T5757] ntfs: volume version 3.1. [pid 5756] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5756] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5756] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5756] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5756] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5756] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5758 attached [pid 5758] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5756] <... clone3 resumed> => {parent_tid=[688]}, 88) = 688 [pid 5758] <... rseq resumed>) = 0 [pid 5756] rt_sigprocmask(SIG_SETMASK, [], [pid 5758] set_robust_list(0x7eff0a3299a0, 24 [pid 5756] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5756] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5758] <... set_robust_list resumed>) = 0 [pid 5758] rt_sigprocmask(SIG_SETMASK, [], [pid 5756] <... futex resumed>) = 0 [pid 5758] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5756] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5758] creat("./file1", 000) = 5 [pid 5757] <... write resumed>) = 1048064 [pid 5758] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5756] <... futex resumed>) = 0 [pid 5757] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5758] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5757] <... futex resumed>) = 0 [pid 5756] close(3 [pid 5757] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5756] <... close resumed>) = 0 [pid 5756] close(4) = 0 [pid 5756] close(5) = 0 [pid 5756] close(6) = -1 EBADF (Bad file descriptor) [pid 5756] close(7) = -1 EBADF (Bad file descriptor) [pid 5756] close(8) = -1 EBADF (Bad file descriptor) [pid 5756] close(9) = -1 EBADF (Bad file descriptor) [pid 5756] close(10) = -1 EBADF (Bad file descriptor) [pid 5756] close(11) = -1 EBADF (Bad file descriptor) [pid 5756] close(12) = -1 EBADF (Bad file descriptor) [pid 5756] close(13) = -1 EBADF (Bad file descriptor) [pid 5756] close(14) = -1 EBADF (Bad file descriptor) [pid 5756] close(15) = -1 EBADF (Bad file descriptor) [pid 5756] close(16) = -1 EBADF (Bad file descriptor) [pid 5756] close(17) = -1 EBADF (Bad file descriptor) [pid 5756] close(18) = -1 EBADF (Bad file descriptor) [pid 5756] close(19) = -1 EBADF (Bad file descriptor) [pid 5756] close(20) = -1 EBADF (Bad file descriptor) [pid 5756] close(21) = -1 EBADF (Bad file descriptor) [pid 5756] close(22) = -1 EBADF (Bad file descriptor) [pid 5756] close(23) = -1 EBADF (Bad file descriptor) [pid 5756] close(24) = -1 EBADF (Bad file descriptor) [pid 5756] close(25) = -1 EBADF (Bad file descriptor) [pid 5756] close(26) = -1 EBADF (Bad file descriptor) [pid 5756] close(27) = -1 EBADF (Bad file descriptor) [pid 5756] close(28) = -1 EBADF (Bad file descriptor) [pid 5756] close(29) = -1 EBADF (Bad file descriptor) [pid 5756] exit_group(0) = ? [pid 5758] <... futex resumed>) = ? [pid 5757] <... futex resumed>) = ? [pid 5758] +++ exited with 0 +++ [pid 5757] +++ exited with 0 +++ [pid 5756] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=686, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./228", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./228", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./228/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./228/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./228/cgroup.cpu") = 0 [pid 5063] umount2("./228/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./228/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./228/binderfs") = 0 [pid 5063] umount2("./228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./228/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./228/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./228/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./228/file0") = 0 [pid 5063] umount2("./228/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./228/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./228/cgroup") = 0 [pid 5063] umount2("./228/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./228/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./228/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./228") = 0 [pid 5063] mkdir("./229", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5759 attached , child_tidptr=0x5555560b8690) = 689 [pid 5759] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5759] chdir("./229") = 0 [pid 5759] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5759] setpgid(0, 0) = 0 [pid 5759] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5759] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5759] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5759] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5759] write(3, "1000", 4) = 4 [pid 5759] close(3) = 0 [pid 5759] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5759] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5759] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5759] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5759] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5759] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5759] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5759] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5760 attached [pid 5760] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5759] <... clone3 resumed> => {parent_tid=[690]}, 88) = 690 [pid 5760] <... rseq resumed>) = 0 [pid 5760] set_robust_list(0x7eff0a34a9a0, 24 [pid 5759] rt_sigprocmask(SIG_SETMASK, [], [pid 5760] <... set_robust_list resumed>) = 0 [pid 5759] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5760] rt_sigprocmask(SIG_SETMASK, [], [pid 5759] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5760] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5759] <... futex resumed>) = 0 [pid 5759] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5760] memfd_create("syzkaller", 0) = 3 [pid 5760] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5760] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5760] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5760] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5760] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5760] close(3) = 0 [pid 5760] mkdir("./file0", 0777) = 0 [pid 5760] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5760] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5760] chdir("./file0") = 0 [pid 5760] ioctl(4, LOOP_CLR_FD) = 0 [pid 5760] close(4) = 0 [pid 5760] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5759] <... futex resumed>) = 0 [pid 5760] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5759] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5760] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5759] <... futex resumed>) = 0 [pid 5760] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5759] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5760] <... openat resumed>) = 4 [ 186.425945][ T5760] loop0: detected capacity change from 0 to 4096 [ 186.453685][ T5760] ntfs: volume version 3.1. [pid 5760] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5759] <... futex resumed>) = 0 [pid 5760] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5759] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5759] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5759] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5759] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5759] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5759] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5759] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5761 attached => {parent_tid=[691]}, 88) = 691 [pid 5761] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5759] rt_sigprocmask(SIG_SETMASK, [], [pid 5761] <... rseq resumed>) = 0 [pid 5759] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5761] set_robust_list(0x7eff0a3299a0, 24 [pid 5759] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5761] <... set_robust_list resumed>) = 0 [pid 5761] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5759] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5761] creat("./file1", 000) = 5 [pid 5761] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5760] <... write resumed>) = 1048064 [pid 5761] <... futex resumed>) = 1 [pid 5761] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5760] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5759] <... futex resumed>) = 0 [pid 5760] <... futex resumed>) = 0 [pid 5760] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5759] close(3) = 0 [pid 5759] close(4) = 0 [pid 5759] close(5) = 0 [pid 5759] close(6) = -1 EBADF (Bad file descriptor) [pid 5759] close(7) = -1 EBADF (Bad file descriptor) [pid 5759] close(8) = -1 EBADF (Bad file descriptor) [pid 5759] close(9) = -1 EBADF (Bad file descriptor) [pid 5759] close(10) = -1 EBADF (Bad file descriptor) [pid 5759] close(11) = -1 EBADF (Bad file descriptor) [pid 5759] close(12) = -1 EBADF (Bad file descriptor) [pid 5759] close(13) = -1 EBADF (Bad file descriptor) [pid 5759] close(14) = -1 EBADF (Bad file descriptor) [pid 5759] close(15) = -1 EBADF (Bad file descriptor) [pid 5759] close(16) = -1 EBADF (Bad file descriptor) [pid 5759] close(17) = -1 EBADF (Bad file descriptor) [pid 5759] close(18) = -1 EBADF (Bad file descriptor) [pid 5759] close(19) = -1 EBADF (Bad file descriptor) [pid 5759] close(20) = -1 EBADF (Bad file descriptor) [pid 5759] close(21) = -1 EBADF (Bad file descriptor) [pid 5759] close(22) = -1 EBADF (Bad file descriptor) [pid 5759] close(23) = -1 EBADF (Bad file descriptor) [pid 5759] close(24) = -1 EBADF (Bad file descriptor) [pid 5759] close(25) = -1 EBADF (Bad file descriptor) [pid 5759] close(26) = -1 EBADF (Bad file descriptor) [pid 5759] close(27) = -1 EBADF (Bad file descriptor) [pid 5759] close(28) = -1 EBADF (Bad file descriptor) [pid 5759] close(29) = -1 EBADF (Bad file descriptor) [pid 5759] exit_group(0 [pid 5760] <... futex resumed>) = ? [pid 5759] <... exit_group resumed>) = ? [pid 5761] <... futex resumed>) = ? [pid 5760] +++ exited with 0 +++ [pid 5761] +++ exited with 0 +++ [pid 5759] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=689, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./229", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./229", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./229/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./229/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./229/cgroup.cpu") = 0 [pid 5063] umount2("./229/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./229/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./229/binderfs") = 0 [pid 5063] umount2("./229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./229/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./229/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./229/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./229/file0") = 0 [pid 5063] umount2("./229/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./229/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./229/cgroup") = 0 [pid 5063] umount2("./229/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./229/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./229/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./229") = 0 [pid 5063] mkdir("./230", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5762 attached , child_tidptr=0x5555560b8690) = 692 [pid 5762] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5762] chdir("./230") = 0 [pid 5762] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5762] setpgid(0, 0) = 0 [pid 5762] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5762] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5762] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5762] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5762] write(3, "1000", 4) = 4 [pid 5762] close(3) = 0 [pid 5762] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5762] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5762] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5762] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5762] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5762] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5762] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5762] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5763 attached => {parent_tid=[693]}, 88) = 693 [pid 5763] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5762] rt_sigprocmask(SIG_SETMASK, [], [pid 5763] <... rseq resumed>) = 0 [pid 5763] set_robust_list(0x7eff0a34a9a0, 24 [pid 5762] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5763] <... set_robust_list resumed>) = 0 [pid 5762] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5763] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5762] <... futex resumed>) = 0 [pid 5762] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5763] memfd_create("syzkaller", 0) = 3 [pid 5763] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5763] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5763] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5763] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5763] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5763] close(3) = 0 [pid 5763] mkdir("./file0", 0777) = 0 [pid 5763] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5763] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5763] chdir("./file0") = 0 [pid 5763] ioctl(4, LOOP_CLR_FD) = 0 [pid 5763] close(4) = 0 [pid 5763] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5762] <... futex resumed>) = 0 [pid 5763] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5762] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5763] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5763] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5762] <... futex resumed>) = 0 [pid 5762] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5763] <... openat resumed>) = 4 [pid 5763] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5762] <... futex resumed>) = 0 [pid 5762] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5763] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5762] <... futex resumed>) = 0 [ 187.046162][ T5763] loop0: detected capacity change from 0 to 4096 [ 187.076243][ T5763] ntfs: volume version 3.1. [pid 5762] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5762] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5762] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5762] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5762] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5762] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5762] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5764 attached => {parent_tid=[694]}, 88) = 694 [pid 5764] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5762] rt_sigprocmask(SIG_SETMASK, [], [pid 5764] set_robust_list(0x7eff0a3299a0, 24 [pid 5762] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5764] <... set_robust_list resumed>) = 0 [pid 5762] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5764] rt_sigprocmask(SIG_SETMASK, [], [pid 5762] <... futex resumed>) = 0 [pid 5764] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5762] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5764] creat("./file1", 000) = 5 [pid 5763] <... write resumed>) = 1048064 [pid 5764] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5763] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5764] <... futex resumed>) = 1 [pid 5762] <... futex resumed>) = 0 [pid 5764] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5763] <... futex resumed>) = 0 [pid 5762] close(3 [pid 5763] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5762] <... close resumed>) = 0 [pid 5762] close(4) = 0 [pid 5762] close(5) = 0 [pid 5762] close(6) = -1 EBADF (Bad file descriptor) [pid 5762] close(7) = -1 EBADF (Bad file descriptor) [pid 5762] close(8) = -1 EBADF (Bad file descriptor) [pid 5762] close(9) = -1 EBADF (Bad file descriptor) [pid 5762] close(10) = -1 EBADF (Bad file descriptor) [pid 5762] close(11) = -1 EBADF (Bad file descriptor) [pid 5762] close(12) = -1 EBADF (Bad file descriptor) [pid 5762] close(13) = -1 EBADF (Bad file descriptor) [pid 5762] close(14) = -1 EBADF (Bad file descriptor) [pid 5762] close(15) = -1 EBADF (Bad file descriptor) [pid 5762] close(16) = -1 EBADF (Bad file descriptor) [pid 5762] close(17) = -1 EBADF (Bad file descriptor) [pid 5762] close(18) = -1 EBADF (Bad file descriptor) [pid 5762] close(19) = -1 EBADF (Bad file descriptor) [pid 5762] close(20) = -1 EBADF (Bad file descriptor) [pid 5762] close(21) = -1 EBADF (Bad file descriptor) [pid 5762] close(22) = -1 EBADF (Bad file descriptor) [pid 5762] close(23) = -1 EBADF (Bad file descriptor) [pid 5762] close(24) = -1 EBADF (Bad file descriptor) [pid 5762] close(25) = -1 EBADF (Bad file descriptor) [pid 5762] close(26) = -1 EBADF (Bad file descriptor) [pid 5762] close(27) = -1 EBADF (Bad file descriptor) [pid 5762] close(28) = -1 EBADF (Bad file descriptor) [pid 5762] close(29) = -1 EBADF (Bad file descriptor) [pid 5762] exit_group(0) = ? [pid 5764] <... futex resumed>) = ? [pid 5763] <... futex resumed>) = ? [pid 5764] +++ exited with 0 +++ [pid 5763] +++ exited with 0 +++ [pid 5762] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=692, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./230", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./230", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./230/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./230/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./230/cgroup.cpu") = 0 [pid 5063] umount2("./230/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./230/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./230/binderfs") = 0 [pid 5063] umount2("./230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./230/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./230/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./230/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./230/file0") = 0 [pid 5063] umount2("./230/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./230/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./230/cgroup") = 0 [pid 5063] umount2("./230/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./230/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./230/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./230") = 0 [pid 5063] mkdir("./231", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5765 attached , child_tidptr=0x5555560b8690) = 695 [pid 5765] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5765] chdir("./231") = 0 [pid 5765] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5765] setpgid(0, 0) = 0 [pid 5765] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5765] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5765] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5765] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5765] write(3, "1000", 4) = 4 [pid 5765] close(3) = 0 [pid 5765] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5765] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5765] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5765] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5765] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5765] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5765] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5765] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5766 attached [pid 5766] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5765] <... clone3 resumed> => {parent_tid=[696]}, 88) = 696 [pid 5766] <... rseq resumed>) = 0 [pid 5766] set_robust_list(0x7eff0a34a9a0, 24 [pid 5765] rt_sigprocmask(SIG_SETMASK, [], [pid 5766] <... set_robust_list resumed>) = 0 [pid 5766] rt_sigprocmask(SIG_SETMASK, [], [pid 5765] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5766] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5766] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5765] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5766] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5765] <... futex resumed>) = 0 [pid 5765] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5766] memfd_create("syzkaller", 0) = 3 [pid 5766] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5766] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5766] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5766] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5766] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5766] close(3) = 0 [pid 5766] mkdir("./file0", 0777) = 0 [pid 5766] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5766] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5766] chdir("./file0") = 0 [pid 5766] ioctl(4, LOOP_CLR_FD) = 0 [pid 5766] close(4) = 0 [pid 5766] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5766] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5765] <... futex resumed>) = 0 [pid 5765] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5766] <... futex resumed>) = 0 [pid 5766] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5765] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5766] <... openat resumed>) = 4 [pid 5766] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5766] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5765] <... futex resumed>) = 0 [ 187.559932][ T5766] loop0: detected capacity change from 0 to 4096 [ 187.582066][ T5766] ntfs: volume version 3.1. [pid 5765] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5766] <... futex resumed>) = 0 [pid 5766] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5765] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5765] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5765] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5765] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5765] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5765] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5767 attached [pid 5767] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5765] <... clone3 resumed> => {parent_tid=[697]}, 88) = 697 [pid 5767] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5765] rt_sigprocmask(SIG_SETMASK, [], [pid 5767] rt_sigprocmask(SIG_SETMASK, [], [pid 5765] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5767] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5765] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5767] creat("./file1", 000 [pid 5765] <... futex resumed>) = 0 [pid 5765] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5767] <... creat resumed>) = 5 [pid 5767] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5767] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5766] <... write resumed>) = 1048064 [pid 5765] <... futex resumed>) = 0 [pid 5766] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5766] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5765] close(3) = 0 [pid 5765] close(4) = 0 [pid 5765] close(5) = 0 [pid 5765] close(6) = -1 EBADF (Bad file descriptor) [pid 5765] close(7) = -1 EBADF (Bad file descriptor) [pid 5765] close(8) = -1 EBADF (Bad file descriptor) [pid 5765] close(9) = -1 EBADF (Bad file descriptor) [pid 5765] close(10) = -1 EBADF (Bad file descriptor) [pid 5765] close(11) = -1 EBADF (Bad file descriptor) [pid 5765] close(12) = -1 EBADF (Bad file descriptor) [pid 5765] close(13) = -1 EBADF (Bad file descriptor) [pid 5765] close(14) = -1 EBADF (Bad file descriptor) [pid 5765] close(15) = -1 EBADF (Bad file descriptor) [pid 5765] close(16) = -1 EBADF (Bad file descriptor) [pid 5765] close(17) = -1 EBADF (Bad file descriptor) [pid 5765] close(18) = -1 EBADF (Bad file descriptor) [pid 5765] close(19) = -1 EBADF (Bad file descriptor) [pid 5765] close(20) = -1 EBADF (Bad file descriptor) [pid 5765] close(21) = -1 EBADF (Bad file descriptor) [pid 5765] close(22) = -1 EBADF (Bad file descriptor) [pid 5765] close(23) = -1 EBADF (Bad file descriptor) [pid 5765] close(24) = -1 EBADF (Bad file descriptor) [pid 5765] close(25) = -1 EBADF (Bad file descriptor) [pid 5765] close(26) = -1 EBADF (Bad file descriptor) [pid 5765] close(27) = -1 EBADF (Bad file descriptor) [pid 5765] close(28) = -1 EBADF (Bad file descriptor) [pid 5765] close(29) = -1 EBADF (Bad file descriptor) [pid 5765] exit_group(0 [pid 5766] <... futex resumed>) = ? [pid 5767] <... futex resumed>) = ? [pid 5765] <... exit_group resumed>) = ? [pid 5766] +++ exited with 0 +++ [pid 5767] +++ exited with 0 +++ [pid 5765] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=695, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./231", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./231", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./231/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./231/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./231/cgroup.cpu") = 0 [pid 5063] umount2("./231/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./231/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./231/binderfs") = 0 [pid 5063] umount2("./231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./231/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./231/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./231/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./231/file0") = 0 [pid 5063] umount2("./231/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./231/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./231/cgroup") = 0 [pid 5063] umount2("./231/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./231/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./231/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./231") = 0 [pid 5063] mkdir("./232", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5768 attached , child_tidptr=0x5555560b8690) = 698 [pid 5768] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5768] chdir("./232") = 0 [pid 5768] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5768] setpgid(0, 0) = 0 [pid 5768] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5768] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5768] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5768] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5768] write(3, "1000", 4) = 4 [pid 5768] close(3) = 0 [pid 5768] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5768] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5768] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5768] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5768] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5768] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5768] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5768] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5769 attached => {parent_tid=[699]}, 88) = 699 [pid 5769] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5768] rt_sigprocmask(SIG_SETMASK, [], [pid 5769] <... rseq resumed>) = 0 [pid 5768] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5769] set_robust_list(0x7eff0a34a9a0, 24 [pid 5768] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5769] <... set_robust_list resumed>) = 0 [pid 5768] <... futex resumed>) = 0 [pid 5769] rt_sigprocmask(SIG_SETMASK, [], [pid 5768] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5769] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5769] memfd_create("syzkaller", 0) = 3 [pid 5769] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5769] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5769] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5769] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5769] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5769] close(3) = 0 [pid 5769] mkdir("./file0", 0777) = 0 [pid 5769] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5769] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5769] chdir("./file0") = 0 [pid 5769] ioctl(4, LOOP_CLR_FD) = 0 [pid 5769] close(4) = 0 [pid 5769] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5769] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5768] <... futex resumed>) = 0 [pid 5768] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5769] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5768] <... futex resumed>) = 0 [pid 5769] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 188.123128][ T5769] loop0: detected capacity change from 0 to 4096 [ 188.143802][ T5769] ntfs: volume version 3.1. [pid 5768] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5769] <... openat resumed>) = 4 [pid 5769] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5768] <... futex resumed>) = 0 [pid 5769] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5768] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5769] <... futex resumed>) = 0 [pid 5769] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5768] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5768] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5768] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5768] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5768] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5768] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5770 attached => {parent_tid=[700]}, 88) = 700 [pid 5770] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5768] rt_sigprocmask(SIG_SETMASK, [], [pid 5770] set_robust_list(0x7eff0a3299a0, 24 [pid 5768] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5768] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5770] <... set_robust_list resumed>) = 0 [pid 5768] <... futex resumed>) = 0 [pid 5770] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5770] creat("./file1", 000 [pid 5768] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5770] <... creat resumed>) = 5 [pid 5769] <... write resumed>) = 1048064 [pid 5769] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5769] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5770] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5768] <... futex resumed>) = 0 [pid 5770] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5768] close(3) = 0 [pid 5768] close(4) = 0 [pid 5768] close(5) = 0 [pid 5768] close(6) = -1 EBADF (Bad file descriptor) [pid 5768] close(7) = -1 EBADF (Bad file descriptor) [pid 5768] close(8) = -1 EBADF (Bad file descriptor) [pid 5768] close(9) = -1 EBADF (Bad file descriptor) [pid 5768] close(10) = -1 EBADF (Bad file descriptor) [pid 5768] close(11) = -1 EBADF (Bad file descriptor) [pid 5768] close(12) = -1 EBADF (Bad file descriptor) [pid 5768] close(13) = -1 EBADF (Bad file descriptor) [pid 5768] close(14) = -1 EBADF (Bad file descriptor) [pid 5768] close(15) = -1 EBADF (Bad file descriptor) [pid 5768] close(16) = -1 EBADF (Bad file descriptor) [pid 5768] close(17) = -1 EBADF (Bad file descriptor) [pid 5768] close(18) = -1 EBADF (Bad file descriptor) [pid 5768] close(19) = -1 EBADF (Bad file descriptor) [pid 5768] close(20) = -1 EBADF (Bad file descriptor) [pid 5768] close(21) = -1 EBADF (Bad file descriptor) [pid 5768] close(22) = -1 EBADF (Bad file descriptor) [pid 5768] close(23) = -1 EBADF (Bad file descriptor) [pid 5768] close(24) = -1 EBADF (Bad file descriptor) [pid 5768] close(25) = -1 EBADF (Bad file descriptor) [pid 5768] close(26) = -1 EBADF (Bad file descriptor) [pid 5768] close(27) = -1 EBADF (Bad file descriptor) [pid 5768] close(28) = -1 EBADF (Bad file descriptor) [pid 5768] close(29) = -1 EBADF (Bad file descriptor) [pid 5768] exit_group(0 [pid 5770] <... futex resumed>) = ? [pid 5769] <... futex resumed>) = ? [pid 5768] <... exit_group resumed>) = ? [pid 5770] +++ exited with 0 +++ [pid 5769] +++ exited with 0 +++ [pid 5768] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=698, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./232", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./232", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./232/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./232/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./232/cgroup.cpu") = 0 [pid 5063] umount2("./232/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./232/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./232/binderfs") = 0 [pid 5063] umount2("./232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./232/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./232/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./232/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./232/file0") = 0 [pid 5063] umount2("./232/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./232/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./232/cgroup") = 0 [pid 5063] umount2("./232/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./232/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./232/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./232") = 0 [pid 5063] mkdir("./233", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5771 attached , child_tidptr=0x5555560b8690) = 701 [pid 5771] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5771] chdir("./233") = 0 [pid 5771] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5771] setpgid(0, 0) = 0 [pid 5771] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5771] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5771] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5771] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5771] write(3, "1000", 4) = 4 [pid 5771] close(3) = 0 [pid 5771] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5771] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5771] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5771] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5771] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5771] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5771] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5771] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5772 attached => {parent_tid=[702]}, 88) = 702 [pid 5772] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5771] rt_sigprocmask(SIG_SETMASK, [], [pid 5772] <... rseq resumed>) = 0 [pid 5771] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5772] set_robust_list(0x7eff0a34a9a0, 24 [pid 5771] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5772] <... set_robust_list resumed>) = 0 [pid 5771] <... futex resumed>) = 0 [pid 5772] rt_sigprocmask(SIG_SETMASK, [], [pid 5771] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5772] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5772] memfd_create("syzkaller", 0) = 3 [pid 5772] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5772] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5772] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5772] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5772] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5772] close(3) = 0 [pid 5772] mkdir("./file0", 0777) = 0 [pid 5772] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5772] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5772] chdir("./file0") = 0 [pid 5772] ioctl(4, LOOP_CLR_FD) = 0 [pid 5772] close(4) = 0 [pid 5772] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5771] <... futex resumed>) = 0 [pid 5772] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5771] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5772] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5771] <... futex resumed>) = 0 [pid 5772] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 188.669608][ T5772] loop0: detected capacity change from 0 to 4096 [ 188.691504][ T5772] ntfs: volume version 3.1. [pid 5771] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5772] <... openat resumed>) = 4 [pid 5772] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5771] <... futex resumed>) = 0 [pid 5772] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5771] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5772] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5771] <... futex resumed>) = 0 [pid 5772] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5771] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5771] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5771] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5771] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5771] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5771] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5773 attached => {parent_tid=[703]}, 88) = 703 [pid 5773] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5771] rt_sigprocmask(SIG_SETMASK, [], [pid 5773] <... rseq resumed>) = 0 [pid 5771] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5773] set_robust_list(0x7eff0a3299a0, 24 [pid 5771] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5773] <... set_robust_list resumed>) = 0 [pid 5773] rt_sigprocmask(SIG_SETMASK, [], [pid 5771] <... futex resumed>) = 0 [pid 5773] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5771] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5773] creat("./file1", 000) = 5 [pid 5772] <... write resumed>) = 1048064 [pid 5772] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5772] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5773] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5771] <... futex resumed>) = 0 [pid 5773] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5771] close(3) = 0 [pid 5771] close(4) = 0 [pid 5771] close(5) = 0 [pid 5771] close(6) = -1 EBADF (Bad file descriptor) [pid 5771] close(7) = -1 EBADF (Bad file descriptor) [pid 5771] close(8) = -1 EBADF (Bad file descriptor) [pid 5771] close(9) = -1 EBADF (Bad file descriptor) [pid 5771] close(10) = -1 EBADF (Bad file descriptor) [pid 5771] close(11) = -1 EBADF (Bad file descriptor) [pid 5771] close(12) = -1 EBADF (Bad file descriptor) [pid 5771] close(13) = -1 EBADF (Bad file descriptor) [pid 5771] close(14) = -1 EBADF (Bad file descriptor) [pid 5771] close(15) = -1 EBADF (Bad file descriptor) [pid 5771] close(16) = -1 EBADF (Bad file descriptor) [pid 5771] close(17) = -1 EBADF (Bad file descriptor) [pid 5771] close(18) = -1 EBADF (Bad file descriptor) [pid 5771] close(19) = -1 EBADF (Bad file descriptor) [pid 5771] close(20) = -1 EBADF (Bad file descriptor) [pid 5771] close(21) = -1 EBADF (Bad file descriptor) [pid 5771] close(22) = -1 EBADF (Bad file descriptor) [pid 5771] close(23) = -1 EBADF (Bad file descriptor) [pid 5771] close(24) = -1 EBADF (Bad file descriptor) [pid 5771] close(25) = -1 EBADF (Bad file descriptor) [pid 5771] close(26) = -1 EBADF (Bad file descriptor) [pid 5771] close(27) = -1 EBADF (Bad file descriptor) [pid 5771] close(28) = -1 EBADF (Bad file descriptor) [pid 5771] close(29) = -1 EBADF (Bad file descriptor) [pid 5771] exit_group(0) = ? [pid 5773] <... futex resumed>) = ? [pid 5772] <... futex resumed>) = ? [pid 5773] +++ exited with 0 +++ [pid 5772] +++ exited with 0 +++ [pid 5771] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=701, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./233", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./233", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./233/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./233/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./233/cgroup.cpu") = 0 [pid 5063] umount2("./233/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./233/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./233/binderfs") = 0 [pid 5063] umount2("./233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./233/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./233/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./233/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./233/file0") = 0 [pid 5063] umount2("./233/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./233/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./233/cgroup") = 0 [pid 5063] umount2("./233/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./233/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./233/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./233") = 0 [pid 5063] mkdir("./234", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5774 attached , child_tidptr=0x5555560b8690) = 704 [pid 5774] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5774] chdir("./234") = 0 [pid 5774] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5774] setpgid(0, 0) = 0 [pid 5774] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5774] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5774] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5774] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5774] write(3, "1000", 4) = 4 [pid 5774] close(3) = 0 [pid 5774] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5774] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5774] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5774] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5774] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5774] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5774] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5774] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5775 attached [pid 5775] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5775] set_robust_list(0x7eff0a34a9a0, 24 [pid 5774] <... clone3 resumed> => {parent_tid=[705]}, 88) = 705 [pid 5775] <... set_robust_list resumed>) = 0 [pid 5774] rt_sigprocmask(SIG_SETMASK, [], [pid 5775] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5774] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5775] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5774] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5775] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5774] <... futex resumed>) = 0 [pid 5774] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5775] memfd_create("syzkaller", 0) = 3 [pid 5775] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5775] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5775] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5775] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5775] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5775] close(3) = 0 [pid 5775] mkdir("./file0", 0777) = 0 [pid 5775] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5775] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5775] chdir("./file0") = 0 [pid 5775] ioctl(4, LOOP_CLR_FD) = 0 [pid 5775] close(4) = 0 [pid 5775] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5775] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5774] <... futex resumed>) = 0 [pid 5774] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5775] <... futex resumed>) = 0 [pid 5774] <... futex resumed>) = 1 [ 189.293439][ T5775] loop0: detected capacity change from 0 to 4096 [ 189.313543][ T5775] ntfs: volume version 3.1. [pid 5775] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5774] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5775] <... openat resumed>) = 4 [pid 5775] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5774] <... futex resumed>) = 0 [pid 5775] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5774] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5775] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5774] <... futex resumed>) = 0 [pid 5774] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5775] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5774] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5774] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5774] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5774] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5774] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5774] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5776 attached => {parent_tid=[706]}, 88) = 706 [pid 5776] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5774] rt_sigprocmask(SIG_SETMASK, [], [pid 5776] set_robust_list(0x7eff0a3299a0, 24 [pid 5774] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5776] <... set_robust_list resumed>) = 0 [pid 5774] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5776] rt_sigprocmask(SIG_SETMASK, [], [pid 5774] <... futex resumed>) = 0 [pid 5776] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5776] creat("./file1", 000 [pid 5774] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5776] <... creat resumed>) = 5 [pid 5776] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5774] <... futex resumed>) = 0 [pid 5775] <... write resumed>) = 1048064 [pid 5776] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5775] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5775] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5774] close(3) = 0 [pid 5774] close(4) = 0 [pid 5774] close(5) = 0 [pid 5774] close(6) = -1 EBADF (Bad file descriptor) [pid 5774] close(7) = -1 EBADF (Bad file descriptor) [pid 5774] close(8) = -1 EBADF (Bad file descriptor) [pid 5774] close(9) = -1 EBADF (Bad file descriptor) [pid 5774] close(10) = -1 EBADF (Bad file descriptor) [pid 5774] close(11) = -1 EBADF (Bad file descriptor) [pid 5774] close(12) = -1 EBADF (Bad file descriptor) [pid 5774] close(13) = -1 EBADF (Bad file descriptor) [pid 5774] close(14) = -1 EBADF (Bad file descriptor) [pid 5774] close(15) = -1 EBADF (Bad file descriptor) [pid 5774] close(16) = -1 EBADF (Bad file descriptor) [pid 5774] close(17) = -1 EBADF (Bad file descriptor) [pid 5774] close(18) = -1 EBADF (Bad file descriptor) [pid 5774] close(19) = -1 EBADF (Bad file descriptor) [pid 5774] close(20) = -1 EBADF (Bad file descriptor) [pid 5774] close(21) = -1 EBADF (Bad file descriptor) [pid 5774] close(22) = -1 EBADF (Bad file descriptor) [pid 5774] close(23) = -1 EBADF (Bad file descriptor) [pid 5774] close(24) = -1 EBADF (Bad file descriptor) [pid 5774] close(25) = -1 EBADF (Bad file descriptor) [pid 5774] close(26) = -1 EBADF (Bad file descriptor) [pid 5774] close(27) = -1 EBADF (Bad file descriptor) [pid 5774] close(28) = -1 EBADF (Bad file descriptor) [pid 5774] close(29) = -1 EBADF (Bad file descriptor) [pid 5774] exit_group(0 [pid 5776] <... futex resumed>) = ? [pid 5775] <... futex resumed>) = ? [pid 5774] <... exit_group resumed>) = ? [pid 5776] +++ exited with 0 +++ [pid 5775] +++ exited with 0 +++ [pid 5774] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=704, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./234", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./234", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./234/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./234/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./234/cgroup.cpu") = 0 [pid 5063] umount2("./234/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./234/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./234/binderfs") = 0 [pid 5063] umount2("./234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./234/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./234/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./234/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./234/file0") = 0 [pid 5063] umount2("./234/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./234/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./234/cgroup") = 0 [pid 5063] umount2("./234/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./234/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./234/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./234") = 0 [pid 5063] mkdir("./235", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5777 attached , child_tidptr=0x5555560b8690) = 707 [pid 5777] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5777] chdir("./235") = 0 [pid 5777] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5777] setpgid(0, 0) = 0 [pid 5777] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5777] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5777] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5777] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5777] write(3, "1000", 4) = 4 [pid 5777] close(3) = 0 [pid 5777] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5777] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5777] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5777] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5777] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5777] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5777] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5777] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5778 attached => {parent_tid=[708]}, 88) = 708 [pid 5778] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5777] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5777] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5777] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5778] <... rseq resumed>) = 0 [pid 5778] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5778] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5778] memfd_create("syzkaller", 0) = 3 [pid 5778] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5778] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5778] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5778] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5778] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5778] close(3) = 0 [pid 5778] mkdir("./file0", 0777) = 0 [pid 5778] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5778] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5778] chdir("./file0") = 0 [pid 5778] ioctl(4, LOOP_CLR_FD) = 0 [pid 5778] close(4) = 0 [pid 5778] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5778] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5777] <... futex resumed>) = 0 [ 189.792443][ T5778] loop0: detected capacity change from 0 to 4096 [ 189.821910][ T5778] ntfs: volume version 3.1. [pid 5777] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5778] <... futex resumed>) = 0 [pid 5777] <... futex resumed>) = 1 [pid 5777] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5778] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5778] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5777] <... futex resumed>) = 0 [pid 5778] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5777] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5778] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5777] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5778] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5777] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5777] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5777] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5777] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5777] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5777] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5779 attached [pid 5779] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5777] <... clone3 resumed> => {parent_tid=[709]}, 88) = 709 [pid 5779] <... rseq resumed>) = 0 [pid 5777] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5779] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5777] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5779] rt_sigprocmask(SIG_SETMASK, [], [pid 5777] <... futex resumed>) = 0 [pid 5779] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5779] creat("./file1", 000 [pid 5777] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5779] <... creat resumed>) = 5 [pid 5779] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5778] <... write resumed>) = 1048064 [pid 5777] <... futex resumed>) = 0 [pid 5779] <... futex resumed>) = 1 [pid 5778] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5779] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5778] <... futex resumed>) = 0 [pid 5777] close(3 [pid 5778] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5777] <... close resumed>) = 0 [pid 5777] close(4) = 0 [pid 5777] close(5) = 0 [pid 5777] close(6) = -1 EBADF (Bad file descriptor) [pid 5777] close(7) = -1 EBADF (Bad file descriptor) [pid 5777] close(8) = -1 EBADF (Bad file descriptor) [pid 5777] close(9) = -1 EBADF (Bad file descriptor) [pid 5777] close(10) = -1 EBADF (Bad file descriptor) [pid 5777] close(11) = -1 EBADF (Bad file descriptor) [pid 5777] close(12) = -1 EBADF (Bad file descriptor) [pid 5777] close(13) = -1 EBADF (Bad file descriptor) [pid 5777] close(14) = -1 EBADF (Bad file descriptor) [pid 5777] close(15) = -1 EBADF (Bad file descriptor) [pid 5777] close(16) = -1 EBADF (Bad file descriptor) [pid 5777] close(17) = -1 EBADF (Bad file descriptor) [pid 5777] close(18) = -1 EBADF (Bad file descriptor) [pid 5777] close(19) = -1 EBADF (Bad file descriptor) [pid 5777] close(20) = -1 EBADF (Bad file descriptor) [pid 5777] close(21) = -1 EBADF (Bad file descriptor) [pid 5777] close(22) = -1 EBADF (Bad file descriptor) [pid 5777] close(23) = -1 EBADF (Bad file descriptor) [pid 5777] close(24) = -1 EBADF (Bad file descriptor) [pid 5777] close(25) = -1 EBADF (Bad file descriptor) [pid 5777] close(26) = -1 EBADF (Bad file descriptor) [pid 5777] close(27) = -1 EBADF (Bad file descriptor) [pid 5777] close(28) = -1 EBADF (Bad file descriptor) [pid 5777] close(29) = -1 EBADF (Bad file descriptor) [pid 5777] exit_group(0) = ? [pid 5778] <... futex resumed>) = ? [pid 5779] <... futex resumed>) = ? [pid 5778] +++ exited with 0 +++ [pid 5779] +++ exited with 0 +++ [pid 5777] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=707, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] umount2("./235", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./235", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./235/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./235/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./235/cgroup.cpu") = 0 [pid 5063] umount2("./235/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./235/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./235/binderfs") = 0 [pid 5063] umount2("./235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./235/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./235/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./235/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./235/file0") = 0 [pid 5063] umount2("./235/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./235/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./235/cgroup") = 0 [pid 5063] umount2("./235/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./235/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./235/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./235") = 0 [pid 5063] mkdir("./236", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5780 attached , child_tidptr=0x5555560b8690) = 710 [pid 5780] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5780] chdir("./236") = 0 [pid 5780] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5780] setpgid(0, 0) = 0 [pid 5780] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5780] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5780] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5780] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5780] write(3, "1000", 4) = 4 [pid 5780] close(3) = 0 [pid 5780] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5780] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5780] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5780] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5780] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5780] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5780] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5780] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5781 attached => {parent_tid=[711]}, 88) = 711 [pid 5781] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5780] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5780] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5780] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5781] <... rseq resumed>) = 0 [pid 5781] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5781] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5781] memfd_create("syzkaller", 0) = 3 [pid 5781] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5781] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5781] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5781] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5781] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5781] close(3) = 0 [pid 5781] mkdir("./file0", 0777) = 0 [pid 5781] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5781] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5781] chdir("./file0") = 0 [pid 5781] ioctl(4, LOOP_CLR_FD) = 0 [pid 5781] close(4) = 0 [pid 5781] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5780] <... futex resumed>) = 0 [pid 5781] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 190.434622][ T5781] loop0: detected capacity change from 0 to 4096 [ 190.463691][ T5781] ntfs: volume version 3.1. [pid 5780] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5781] <... openat resumed>) = 4 [pid 5780] <... futex resumed>) = 0 [pid 5780] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5781] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5780] <... futex resumed>) = 0 [pid 5780] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5781] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5780] <... futex resumed>) = 0 [pid 5780] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5780] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5780] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5780] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5780] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5780] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5782 attached => {parent_tid=[712]}, 88) = 712 [pid 5782] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5780] rt_sigprocmask(SIG_SETMASK, [], [pid 5782] <... rseq resumed>) = 0 [pid 5780] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5782] set_robust_list(0x7eff0a3299a0, 24 [pid 5780] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5782] <... set_robust_list resumed>) = 0 [pid 5780] <... futex resumed>) = 0 [pid 5782] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5780] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5782] creat("./file1", 000) = 5 [pid 5781] <... write resumed>) = 1048064 [pid 5782] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5781] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5782] <... futex resumed>) = 1 [pid 5780] <... futex resumed>) = 0 [pid 5782] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5781] <... futex resumed>) = 0 [pid 5780] close(3 [pid 5781] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5780] <... close resumed>) = 0 [pid 5780] close(4) = 0 [pid 5780] close(5) = 0 [pid 5780] close(6) = -1 EBADF (Bad file descriptor) [pid 5780] close(7) = -1 EBADF (Bad file descriptor) [pid 5780] close(8) = -1 EBADF (Bad file descriptor) [pid 5780] close(9) = -1 EBADF (Bad file descriptor) [pid 5780] close(10) = -1 EBADF (Bad file descriptor) [pid 5780] close(11) = -1 EBADF (Bad file descriptor) [pid 5780] close(12) = -1 EBADF (Bad file descriptor) [pid 5780] close(13) = -1 EBADF (Bad file descriptor) [pid 5780] close(14) = -1 EBADF (Bad file descriptor) [pid 5780] close(15) = -1 EBADF (Bad file descriptor) [pid 5780] close(16) = -1 EBADF (Bad file descriptor) [pid 5780] close(17) = -1 EBADF (Bad file descriptor) [pid 5780] close(18) = -1 EBADF (Bad file descriptor) [pid 5780] close(19) = -1 EBADF (Bad file descriptor) [pid 5780] close(20) = -1 EBADF (Bad file descriptor) [pid 5780] close(21) = -1 EBADF (Bad file descriptor) [pid 5780] close(22) = -1 EBADF (Bad file descriptor) [pid 5780] close(23) = -1 EBADF (Bad file descriptor) [pid 5780] close(24) = -1 EBADF (Bad file descriptor) [pid 5780] close(25) = -1 EBADF (Bad file descriptor) [pid 5780] close(26) = -1 EBADF (Bad file descriptor) [pid 5780] close(27) = -1 EBADF (Bad file descriptor) [pid 5780] close(28) = -1 EBADF (Bad file descriptor) [pid 5780] close(29) = -1 EBADF (Bad file descriptor) [pid 5780] exit_group(0) = ? [pid 5782] <... futex resumed>) = ? [pid 5782] +++ exited with 0 +++ [pid 5781] <... futex resumed>) = ? [pid 5781] +++ exited with 0 +++ [pid 5780] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=710, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./236", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./236", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./236/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./236/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./236/cgroup.cpu") = 0 [pid 5063] umount2("./236/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./236/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./236/binderfs") = 0 [pid 5063] umount2("./236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./236/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./236/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./236/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./236/file0") = 0 [pid 5063] umount2("./236/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./236/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./236/cgroup") = 0 [pid 5063] umount2("./236/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./236/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./236/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./236") = 0 [pid 5063] mkdir("./237", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5783 attached , child_tidptr=0x5555560b8690) = 713 [pid 5783] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5783] chdir("./237") = 0 [pid 5783] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5783] setpgid(0, 0) = 0 [pid 5783] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5783] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5783] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5783] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5783] write(3, "1000", 4) = 4 [pid 5783] close(3) = 0 [pid 5783] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5783] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5783] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5783] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5783] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5783] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5783] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5783] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5784 attached => {parent_tid=[714]}, 88) = 714 [pid 5784] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5783] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5784] <... rseq resumed>) = 0 [pid 5784] set_robust_list(0x7eff0a34a9a0, 24 [pid 5783] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5784] <... set_robust_list resumed>) = 0 [pid 5784] rt_sigprocmask(SIG_SETMASK, [], [pid 5783] <... futex resumed>) = 0 [pid 5784] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5783] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5784] memfd_create("syzkaller", 0) = 3 [pid 5784] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5784] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5784] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5784] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5784] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5784] close(3) = 0 [pid 5784] mkdir("./file0", 0777) = 0 [ 190.975313][ T5784] loop0: detected capacity change from 0 to 4096 [ 190.991846][ T5784] __ntfs_warning: 170 callbacks suppressed [ 190.991854][ T5784] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 191.018570][ T5784] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 191.028730][ T5784] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 191.044939][ T5784] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 191.053683][ T5784] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 191.074009][ T5784] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 191.082962][ T5784] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 191.103176][ T5784] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5784] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5784] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5784] chdir("./file0") = 0 [pid 5784] ioctl(4, LOOP_CLR_FD) = 0 [pid 5784] close(4) = 0 [pid 5784] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5783] <... futex resumed>) = 0 [pid 5784] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5783] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5784] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5783] <... futex resumed>) = 0 [pid 5784] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5783] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5784] <... openat resumed>) = 4 [pid 5784] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5783] <... futex resumed>) = 0 [pid 5784] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5783] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 191.111916][ T5784] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 191.131870][ T5784] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 191.143597][ T5784] ntfs: volume version 3.1. [pid 5784] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5783] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5784] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5783] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5783] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5783] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5783] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5783] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5783] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5785 attached => {parent_tid=[715]}, 88) = 715 [pid 5785] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5783] rt_sigprocmask(SIG_SETMASK, [], [pid 5785] <... rseq resumed>) = 0 [pid 5783] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5785] set_robust_list(0x7eff0a3299a0, 24 [pid 5783] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5785] <... set_robust_list resumed>) = 0 [pid 5783] <... futex resumed>) = 0 [pid 5785] rt_sigprocmask(SIG_SETMASK, [], [pid 5783] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5785] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5785] creat("./file1", 000 [pid 5784] <... write resumed>) = 1048064 [pid 5784] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5785] <... creat resumed>) = 5 [pid 5784] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5785] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5783] <... futex resumed>) = 0 [pid 5785] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5783] close(3) = 0 [pid 5783] close(4) = 0 [pid 5783] close(5) = 0 [pid 5783] close(6) = -1 EBADF (Bad file descriptor) [pid 5783] close(7) = -1 EBADF (Bad file descriptor) [pid 5783] close(8) = -1 EBADF (Bad file descriptor) [pid 5783] close(9) = -1 EBADF (Bad file descriptor) [pid 5783] close(10) = -1 EBADF (Bad file descriptor) [pid 5783] close(11) = -1 EBADF (Bad file descriptor) [pid 5783] close(12) = -1 EBADF (Bad file descriptor) [pid 5783] close(13) = -1 EBADF (Bad file descriptor) [pid 5783] close(14) = -1 EBADF (Bad file descriptor) [pid 5783] close(15) = -1 EBADF (Bad file descriptor) [pid 5783] close(16) = -1 EBADF (Bad file descriptor) [pid 5783] close(17) = -1 EBADF (Bad file descriptor) [pid 5783] close(18) = -1 EBADF (Bad file descriptor) [pid 5783] close(19) = -1 EBADF (Bad file descriptor) [pid 5783] close(20) = -1 EBADF (Bad file descriptor) [pid 5783] close(21) = -1 EBADF (Bad file descriptor) [pid 5783] close(22) = -1 EBADF (Bad file descriptor) [pid 5783] close(23) = -1 EBADF (Bad file descriptor) [pid 5783] close(24) = -1 EBADF (Bad file descriptor) [pid 5783] close(25) = -1 EBADF (Bad file descriptor) [pid 5783] close(26) = -1 EBADF (Bad file descriptor) [pid 5783] close(27) = -1 EBADF (Bad file descriptor) [pid 5783] close(28) = -1 EBADF (Bad file descriptor) [pid 5783] close(29) = -1 EBADF (Bad file descriptor) [pid 5783] exit_group(0 [pid 5784] <... futex resumed>) = ? [pid 5785] <... futex resumed>) = ? [pid 5783] <... exit_group resumed>) = ? [pid 5784] +++ exited with 0 +++ [pid 5785] +++ exited with 0 +++ [pid 5783] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=713, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5063] umount2("./237", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./237", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./237/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./237/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./237/cgroup.cpu") = 0 [pid 5063] umount2("./237/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./237/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./237/binderfs") = 0 [pid 5063] umount2("./237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./237/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./237/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./237/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./237/file0") = 0 [pid 5063] umount2("./237/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./237/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./237/cgroup") = 0 [pid 5063] umount2("./237/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./237/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./237/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./237") = 0 [pid 5063] mkdir("./238", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5786 attached , child_tidptr=0x5555560b8690) = 716 [pid 5786] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5786] chdir("./238") = 0 [pid 5786] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5786] setpgid(0, 0) = 0 [pid 5786] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5786] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5786] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5786] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5786] write(3, "1000", 4) = 4 [pid 5786] close(3) = 0 [pid 5786] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5786] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5786] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5786] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5786] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5786] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5786] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5786] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5787 attached [pid 5787] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5786] <... clone3 resumed> => {parent_tid=[717]}, 88) = 717 [pid 5787] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5786] rt_sigprocmask(SIG_SETMASK, [], [pid 5787] rt_sigprocmask(SIG_SETMASK, [], [pid 5786] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5787] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5786] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5786] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5787] memfd_create("syzkaller", 0) = 3 [pid 5787] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5787] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5787] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5787] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5787] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5787] close(3) = 0 [pid 5787] mkdir("./file0", 0777) = 0 [pid 5787] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5787] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5787] chdir("./file0") = 0 [pid 5787] ioctl(4, LOOP_CLR_FD) = 0 [pid 5787] close(4) = 0 [pid 5787] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5787] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5786] <... futex resumed>) = 0 [pid 5786] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5787] <... futex resumed>) = 0 [pid 5786] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 191.720708][ T5787] loop0: detected capacity change from 0 to 4096 [ 191.739163][ T5787] ntfs: volume version 3.1. [pid 5787] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5787] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5787] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5786] <... futex resumed>) = 0 [pid 5786] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5787] <... futex resumed>) = 0 [pid 5787] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5786] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5786] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5786] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5786] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5786] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5786] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5788 attached => {parent_tid=[718]}, 88) = 718 [pid 5788] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5786] rt_sigprocmask(SIG_SETMASK, [], [pid 5788] <... rseq resumed>) = 0 [pid 5786] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5788] set_robust_list(0x7eff0a3299a0, 24 [pid 5786] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5788] <... set_robust_list resumed>) = 0 [pid 5786] <... futex resumed>) = 0 [pid 5788] rt_sigprocmask(SIG_SETMASK, [], [pid 5786] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5788] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5788] creat("./file1", 000) = 5 [pid 5788] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5787] <... write resumed>) = 1048064 [pid 5786] <... futex resumed>) = 0 [pid 5787] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5786] close(3 [pid 5787] <... futex resumed>) = 0 [pid 5786] <... close resumed>) = 0 [pid 5788] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5787] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5786] close(4) = 0 [pid 5786] close(5) = 0 [pid 5786] close(6) = -1 EBADF (Bad file descriptor) [pid 5786] close(7) = -1 EBADF (Bad file descriptor) [pid 5786] close(8) = -1 EBADF (Bad file descriptor) [pid 5786] close(9) = -1 EBADF (Bad file descriptor) [pid 5786] close(10) = -1 EBADF (Bad file descriptor) [pid 5786] close(11) = -1 EBADF (Bad file descriptor) [pid 5786] close(12) = -1 EBADF (Bad file descriptor) [pid 5786] close(13) = -1 EBADF (Bad file descriptor) [pid 5786] close(14) = -1 EBADF (Bad file descriptor) [pid 5786] close(15) = -1 EBADF (Bad file descriptor) [pid 5786] close(16) = -1 EBADF (Bad file descriptor) [pid 5786] close(17) = -1 EBADF (Bad file descriptor) [pid 5786] close(18) = -1 EBADF (Bad file descriptor) [pid 5786] close(19) = -1 EBADF (Bad file descriptor) [pid 5786] close(20) = -1 EBADF (Bad file descriptor) [pid 5786] close(21) = -1 EBADF (Bad file descriptor) [pid 5786] close(22) = -1 EBADF (Bad file descriptor) [pid 5786] close(23) = -1 EBADF (Bad file descriptor) [pid 5786] close(24) = -1 EBADF (Bad file descriptor) [pid 5786] close(25) = -1 EBADF (Bad file descriptor) [pid 5786] close(26) = -1 EBADF (Bad file descriptor) [pid 5786] close(27) = -1 EBADF (Bad file descriptor) [pid 5786] close(28) = -1 EBADF (Bad file descriptor) [pid 5786] close(29) = -1 EBADF (Bad file descriptor) [pid 5786] exit_group(0 [pid 5788] <... futex resumed>) = ? [pid 5786] <... exit_group resumed>) = ? [pid 5787] <... futex resumed>) = ? [pid 5788] +++ exited with 0 +++ [pid 5787] +++ exited with 0 +++ [pid 5786] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=716, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./238", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./238", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./238/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./238/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./238/cgroup.cpu") = 0 [pid 5063] umount2("./238/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./238/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./238/binderfs") = 0 [pid 5063] umount2("./238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./238/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./238/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./238/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./238/file0") = 0 [pid 5063] umount2("./238/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./238/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./238/cgroup") = 0 [pid 5063] umount2("./238/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./238/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./238/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./238") = 0 [pid 5063] mkdir("./239", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5789 attached , child_tidptr=0x5555560b8690) = 719 [pid 5789] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5789] chdir("./239") = 0 [pid 5789] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5789] setpgid(0, 0) = 0 [pid 5789] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5789] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5789] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5789] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5789] write(3, "1000", 4) = 4 [pid 5789] close(3) = 0 [pid 5789] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5789] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5789] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5789] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5789] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5789] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5789] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5789] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5790 attached => {parent_tid=[720]}, 88) = 720 [pid 5790] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5789] rt_sigprocmask(SIG_SETMASK, [], [pid 5790] <... rseq resumed>) = 0 [pid 5790] set_robust_list(0x7eff0a34a9a0, 24 [pid 5789] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5790] <... set_robust_list resumed>) = 0 [pid 5789] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5790] rt_sigprocmask(SIG_SETMASK, [], [pid 5789] <... futex resumed>) = 0 [pid 5790] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5789] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5790] memfd_create("syzkaller", 0) = 3 [pid 5790] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5790] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5790] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5790] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5790] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5790] close(3) = 0 [pid 5790] mkdir("./file0", 0777) = 0 [pid 5790] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5790] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5790] chdir("./file0") = 0 [pid 5790] ioctl(4, LOOP_CLR_FD) = 0 [pid 5790] close(4) = 0 [pid 5790] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5790] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5789] <... futex resumed>) = 0 [pid 5789] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5789] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5790] <... futex resumed>) = 0 [pid 5790] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5790] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5790] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5789] <... futex resumed>) = 0 [pid 5789] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5789] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5790] <... futex resumed>) = 0 [ 192.231179][ T5790] loop0: detected capacity change from 0 to 4096 [ 192.251736][ T5790] ntfs: volume version 3.1. [pid 5790] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5789] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5789] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5789] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5789] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5789] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5789] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5791 attached => {parent_tid=[721]}, 88) = 721 [pid 5791] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5789] rt_sigprocmask(SIG_SETMASK, [], [pid 5791] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5789] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5791] rt_sigprocmask(SIG_SETMASK, [], [pid 5789] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5791] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5789] <... futex resumed>) = 0 [pid 5791] creat("./file1", 000 [pid 5789] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5791] <... creat resumed>) = 5 [pid 5791] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5790] <... write resumed>) = 1048064 [pid 5791] <... futex resumed>) = 1 [pid 5790] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5789] <... futex resumed>) = 0 [pid 5790] <... futex resumed>) = 0 [pid 5791] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5789] close(3 [pid 5790] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5789] <... close resumed>) = 0 [pid 5789] close(4) = 0 [pid 5789] close(5) = 0 [pid 5789] close(6) = -1 EBADF (Bad file descriptor) [pid 5789] close(7) = -1 EBADF (Bad file descriptor) [pid 5789] close(8) = -1 EBADF (Bad file descriptor) [pid 5789] close(9) = -1 EBADF (Bad file descriptor) [pid 5789] close(10) = -1 EBADF (Bad file descriptor) [pid 5789] close(11) = -1 EBADF (Bad file descriptor) [pid 5789] close(12) = -1 EBADF (Bad file descriptor) [pid 5789] close(13) = -1 EBADF (Bad file descriptor) [pid 5789] close(14) = -1 EBADF (Bad file descriptor) [pid 5789] close(15) = -1 EBADF (Bad file descriptor) [pid 5789] close(16) = -1 EBADF (Bad file descriptor) [pid 5789] close(17) = -1 EBADF (Bad file descriptor) [pid 5789] close(18) = -1 EBADF (Bad file descriptor) [pid 5789] close(19) = -1 EBADF (Bad file descriptor) [pid 5789] close(20) = -1 EBADF (Bad file descriptor) [pid 5789] close(21) = -1 EBADF (Bad file descriptor) [pid 5789] close(22) = -1 EBADF (Bad file descriptor) [pid 5789] close(23) = -1 EBADF (Bad file descriptor) [pid 5789] close(24) = -1 EBADF (Bad file descriptor) [pid 5789] close(25) = -1 EBADF (Bad file descriptor) [pid 5789] close(26) = -1 EBADF (Bad file descriptor) [pid 5789] close(27) = -1 EBADF (Bad file descriptor) [pid 5789] close(28) = -1 EBADF (Bad file descriptor) [pid 5789] close(29) = -1 EBADF (Bad file descriptor) [pid 5789] exit_group(0 [pid 5790] <... futex resumed>) = ? [pid 5789] <... exit_group resumed>) = ? [pid 5790] +++ exited with 0 +++ [pid 5791] <... futex resumed>) = ? [pid 5791] +++ exited with 0 +++ [pid 5789] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=719, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./239", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./239", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./239/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./239/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./239/cgroup.cpu") = 0 [pid 5063] umount2("./239/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./239/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./239/binderfs") = 0 [pid 5063] umount2("./239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./239/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./239/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./239/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./239/file0") = 0 [pid 5063] umount2("./239/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./239/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./239/cgroup") = 0 [pid 5063] umount2("./239/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./239/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./239/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./239") = 0 [pid 5063] mkdir("./240", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5792 attached , child_tidptr=0x5555560b8690) = 722 [pid 5792] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5792] chdir("./240") = 0 [pid 5792] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5792] setpgid(0, 0) = 0 [pid 5792] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5792] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5792] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5792] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5792] write(3, "1000", 4) = 4 [pid 5792] close(3) = 0 [pid 5792] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5792] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5792] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5792] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5792] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5792] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5792] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5792] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5793 attached => {parent_tid=[723]}, 88) = 723 [pid 5793] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5792] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5792] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5792] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5793] <... rseq resumed>) = 0 [pid 5793] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5793] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5793] memfd_create("syzkaller", 0) = 3 [pid 5793] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5793] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5793] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5793] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5793] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5793] close(3) = 0 [pid 5793] mkdir("./file0", 0777) = 0 [pid 5793] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5793] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5793] chdir("./file0") = 0 [pid 5793] ioctl(4, LOOP_CLR_FD) = 0 [ 192.770274][ T5793] loop0: detected capacity change from 0 to 4096 [ 192.790383][ T5793] ntfs: volume version 3.1. [pid 5793] close(4) = 0 [pid 5793] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5793] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5792] <... futex resumed>) = 0 [pid 5792] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5793] <... futex resumed>) = 0 [pid 5792] <... futex resumed>) = 1 [pid 5793] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5792] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5793] <... openat resumed>) = 4 [pid 5793] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5792] <... futex resumed>) = 0 [pid 5793] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5792] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5793] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5792] <... futex resumed>) = 0 [pid 5793] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5792] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5792] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5792] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5792] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5792] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5792] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5794 attached [pid 5794] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5792] <... clone3 resumed> => {parent_tid=[724]}, 88) = 724 [pid 5794] set_robust_list(0x7eff0a3299a0, 24 [pid 5792] rt_sigprocmask(SIG_SETMASK, [], [pid 5794] <... set_robust_list resumed>) = 0 [pid 5792] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5794] rt_sigprocmask(SIG_SETMASK, [], [pid 5792] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5794] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5792] <... futex resumed>) = 0 [pid 5794] creat("./file1", 000 [pid 5792] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5794] <... creat resumed>) = 5 [pid 5793] <... write resumed>) = 1048064 [pid 5794] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5793] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5794] <... futex resumed>) = 1 [pid 5792] <... futex resumed>) = 0 [pid 5794] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5793] <... futex resumed>) = 0 [pid 5793] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5792] close(3) = 0 [pid 5792] close(4) = 0 [pid 5792] close(5) = 0 [pid 5792] close(6) = -1 EBADF (Bad file descriptor) [pid 5792] close(7) = -1 EBADF (Bad file descriptor) [pid 5792] close(8) = -1 EBADF (Bad file descriptor) [pid 5792] close(9) = -1 EBADF (Bad file descriptor) [pid 5792] close(10) = -1 EBADF (Bad file descriptor) [pid 5792] close(11) = -1 EBADF (Bad file descriptor) [pid 5792] close(12) = -1 EBADF (Bad file descriptor) [pid 5792] close(13) = -1 EBADF (Bad file descriptor) [pid 5792] close(14) = -1 EBADF (Bad file descriptor) [pid 5792] close(15) = -1 EBADF (Bad file descriptor) [pid 5792] close(16) = -1 EBADF (Bad file descriptor) [pid 5792] close(17) = -1 EBADF (Bad file descriptor) [pid 5792] close(18) = -1 EBADF (Bad file descriptor) [pid 5792] close(19) = -1 EBADF (Bad file descriptor) [pid 5792] close(20) = -1 EBADF (Bad file descriptor) [pid 5792] close(21) = -1 EBADF (Bad file descriptor) [pid 5792] close(22) = -1 EBADF (Bad file descriptor) [pid 5792] close(23) = -1 EBADF (Bad file descriptor) [pid 5792] close(24) = -1 EBADF (Bad file descriptor) [pid 5792] close(25) = -1 EBADF (Bad file descriptor) [pid 5792] close(26) = -1 EBADF (Bad file descriptor) [pid 5792] close(27) = -1 EBADF (Bad file descriptor) [pid 5792] close(28) = -1 EBADF (Bad file descriptor) [pid 5792] close(29) = -1 EBADF (Bad file descriptor) [pid 5792] exit_group(0) = ? [pid 5794] <... futex resumed>) = ? [pid 5793] <... futex resumed>) = ? [pid 5793] +++ exited with 0 +++ [pid 5794] +++ exited with 0 +++ [pid 5792] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=722, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./240", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./240", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./240/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./240/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./240/cgroup.cpu") = 0 [pid 5063] umount2("./240/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./240/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./240/binderfs") = 0 [pid 5063] umount2("./240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./240/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./240/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./240/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./240/file0") = 0 [pid 5063] umount2("./240/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./240/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./240/cgroup") = 0 [pid 5063] umount2("./240/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./240/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./240/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./240") = 0 [pid 5063] mkdir("./241", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5795 attached , child_tidptr=0x5555560b8690) = 725 [pid 5795] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5795] chdir("./241") = 0 [pid 5795] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5795] setpgid(0, 0) = 0 [pid 5795] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5795] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5795] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5795] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5795] write(3, "1000", 4) = 4 [pid 5795] close(3) = 0 [pid 5795] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5795] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5795] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5795] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5795] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5795] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5795] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5795] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5796 attached => {parent_tid=[726]}, 88) = 726 [pid 5796] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5795] rt_sigprocmask(SIG_SETMASK, [], [pid 5796] set_robust_list(0x7eff0a34a9a0, 24 [pid 5795] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5796] <... set_robust_list resumed>) = 0 [pid 5796] rt_sigprocmask(SIG_SETMASK, [], [pid 5795] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5796] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5795] <... futex resumed>) = 0 [pid 5795] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5796] memfd_create("syzkaller", 0) = 3 [pid 5796] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5796] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5796] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5796] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5796] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5796] close(3) = 0 [pid 5796] mkdir("./file0", 0777) = 0 [pid 5796] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5796] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5796] chdir("./file0") = 0 [pid 5796] ioctl(4, LOOP_CLR_FD) = 0 [pid 5796] close(4) = 0 [pid 5796] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5795] <... futex resumed>) = 0 [pid 5796] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5795] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5796] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5795] <... futex resumed>) = 0 [pid 5796] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5795] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5796] <... openat resumed>) = 4 [pid 5796] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5795] <... futex resumed>) = 0 [pid 5795] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5796] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5795] <... futex resumed>) = 0 [ 193.316216][ T5796] loop0: detected capacity change from 0 to 4096 [ 193.342124][ T5796] ntfs: volume version 3.1. [pid 5795] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5795] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5795] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5795] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5795] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5795] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5797 attached => {parent_tid=[727]}, 88) = 727 [pid 5797] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5795] rt_sigprocmask(SIG_SETMASK, [], [pid 5797] <... rseq resumed>) = 0 [pid 5795] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5797] set_robust_list(0x7eff0a3299a0, 24 [pid 5795] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5797] <... set_robust_list resumed>) = 0 [pid 5795] <... futex resumed>) = 0 [pid 5797] rt_sigprocmask(SIG_SETMASK, [], [pid 5795] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5797] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5797] creat("./file1", 000) = 5 [pid 5796] <... write resumed>) = 1048064 [pid 5797] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5796] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5797] <... futex resumed>) = 1 [pid 5795] <... futex resumed>) = 0 [pid 5797] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5796] <... futex resumed>) = 0 [pid 5796] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5795] close(3) = 0 [pid 5795] close(4) = 0 [pid 5795] close(5) = 0 [pid 5795] close(6) = -1 EBADF (Bad file descriptor) [pid 5795] close(7) = -1 EBADF (Bad file descriptor) [pid 5795] close(8) = -1 EBADF (Bad file descriptor) [pid 5795] close(9) = -1 EBADF (Bad file descriptor) [pid 5795] close(10) = -1 EBADF (Bad file descriptor) [pid 5795] close(11) = -1 EBADF (Bad file descriptor) [pid 5795] close(12) = -1 EBADF (Bad file descriptor) [pid 5795] close(13) = -1 EBADF (Bad file descriptor) [pid 5795] close(14) = -1 EBADF (Bad file descriptor) [pid 5795] close(15) = -1 EBADF (Bad file descriptor) [pid 5795] close(16) = -1 EBADF (Bad file descriptor) [pid 5795] close(17) = -1 EBADF (Bad file descriptor) [pid 5795] close(18) = -1 EBADF (Bad file descriptor) [pid 5795] close(19) = -1 EBADF (Bad file descriptor) [pid 5795] close(20) = -1 EBADF (Bad file descriptor) [pid 5795] close(21) = -1 EBADF (Bad file descriptor) [pid 5795] close(22) = -1 EBADF (Bad file descriptor) [pid 5795] close(23) = -1 EBADF (Bad file descriptor) [pid 5795] close(24) = -1 EBADF (Bad file descriptor) [pid 5795] close(25) = -1 EBADF (Bad file descriptor) [pid 5795] close(26) = -1 EBADF (Bad file descriptor) [pid 5795] close(27) = -1 EBADF (Bad file descriptor) [pid 5795] close(28) = -1 EBADF (Bad file descriptor) [pid 5795] close(29) = -1 EBADF (Bad file descriptor) [pid 5795] exit_group(0) = ? [pid 5796] <... futex resumed>) = ? [pid 5797] <... futex resumed>) = ? [pid 5796] +++ exited with 0 +++ [pid 5797] +++ exited with 0 +++ [pid 5795] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=725, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./241", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./241", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./241/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./241/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./241/cgroup.cpu") = 0 [pid 5063] umount2("./241/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./241/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./241/binderfs") = 0 [pid 5063] umount2("./241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./241/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./241/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./241/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./241/file0") = 0 [pid 5063] umount2("./241/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./241/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./241/cgroup") = 0 [pid 5063] umount2("./241/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./241/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./241/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./241") = 0 [pid 5063] mkdir("./242", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5798 attached , child_tidptr=0x5555560b8690) = 728 [pid 5798] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5798] chdir("./242") = 0 [pid 5798] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5798] setpgid(0, 0) = 0 [pid 5798] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5798] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5798] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5798] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5798] write(3, "1000", 4) = 4 [pid 5798] close(3) = 0 [pid 5798] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5798] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5798] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5798] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5798] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5798] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5798] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5798] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5799 attached [pid 5799] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5798] <... clone3 resumed> => {parent_tid=[729]}, 88) = 729 [pid 5799] <... rseq resumed>) = 0 [pid 5798] rt_sigprocmask(SIG_SETMASK, [], [pid 5799] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5798] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5799] rt_sigprocmask(SIG_SETMASK, [], [pid 5798] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5799] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5799] memfd_create("syzkaller", 0 [pid 5798] <... futex resumed>) = 0 [pid 5799] <... memfd_create resumed>) = 3 [pid 5798] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5799] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5799] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5799] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5799] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5799] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5799] close(3) = 0 [pid 5799] mkdir("./file0", 0777) = 0 [pid 5799] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5799] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5799] chdir("./file0") = 0 [pid 5799] ioctl(4, LOOP_CLR_FD) = 0 [pid 5799] close(4) = 0 [pid 5799] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5799] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5798] <... futex resumed>) = 0 [ 193.944124][ T5799] loop0: detected capacity change from 0 to 4096 [ 193.972823][ T5799] ntfs: volume version 3.1. [pid 5798] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5799] <... futex resumed>) = 0 [pid 5798] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5799] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5799] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5798] <... futex resumed>) = 0 [pid 5799] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5798] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5799] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5798] <... futex resumed>) = 0 [pid 5798] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5798] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5798] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5798] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5798] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5798] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5800 attached [pid 5800] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5798] <... clone3 resumed> => {parent_tid=[730]}, 88) = 730 [pid 5800] <... rseq resumed>) = 0 [pid 5798] rt_sigprocmask(SIG_SETMASK, [], [pid 5800] set_robust_list(0x7eff0a3299a0, 24 [pid 5798] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5800] <... set_robust_list resumed>) = 0 [pid 5798] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5800] rt_sigprocmask(SIG_SETMASK, [], [pid 5798] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5800] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5800] creat("./file1", 000) = 5 [pid 5800] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5799] <... write resumed>) = 1048064 [pid 5798] <... futex resumed>) = 0 [pid 5800] <... futex resumed>) = 1 [pid 5799] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5798] close(3 [pid 5800] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5799] <... futex resumed>) = 0 [pid 5799] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5798] <... close resumed>) = 0 [pid 5798] close(4) = 0 [pid 5798] close(5) = 0 [pid 5798] close(6) = -1 EBADF (Bad file descriptor) [pid 5798] close(7) = -1 EBADF (Bad file descriptor) [pid 5798] close(8) = -1 EBADF (Bad file descriptor) [pid 5798] close(9) = -1 EBADF (Bad file descriptor) [pid 5798] close(10) = -1 EBADF (Bad file descriptor) [pid 5798] close(11) = -1 EBADF (Bad file descriptor) [pid 5798] close(12) = -1 EBADF (Bad file descriptor) [pid 5798] close(13) = -1 EBADF (Bad file descriptor) [pid 5798] close(14) = -1 EBADF (Bad file descriptor) [pid 5798] close(15) = -1 EBADF (Bad file descriptor) [pid 5798] close(16) = -1 EBADF (Bad file descriptor) [pid 5798] close(17) = -1 EBADF (Bad file descriptor) [pid 5798] close(18) = -1 EBADF (Bad file descriptor) [pid 5798] close(19) = -1 EBADF (Bad file descriptor) [pid 5798] close(20) = -1 EBADF (Bad file descriptor) [pid 5798] close(21) = -1 EBADF (Bad file descriptor) [pid 5798] close(22) = -1 EBADF (Bad file descriptor) [pid 5798] close(23) = -1 EBADF (Bad file descriptor) [pid 5798] close(24) = -1 EBADF (Bad file descriptor) [pid 5798] close(25) = -1 EBADF (Bad file descriptor) [pid 5798] close(26) = -1 EBADF (Bad file descriptor) [pid 5798] close(27) = -1 EBADF (Bad file descriptor) [pid 5798] close(28) = -1 EBADF (Bad file descriptor) [pid 5798] close(29) = -1 EBADF (Bad file descriptor) [pid 5798] exit_group(0 [pid 5800] <... futex resumed>) = ? [pid 5799] <... futex resumed>) = ? [pid 5800] +++ exited with 0 +++ [pid 5799] +++ exited with 0 +++ [pid 5798] <... exit_group resumed>) = ? [pid 5798] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=728, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./242", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./242", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./242/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./242/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./242/cgroup.cpu") = 0 [pid 5063] umount2("./242/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./242/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./242/binderfs") = 0 [pid 5063] umount2("./242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./242/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./242/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./242/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./242/file0") = 0 [pid 5063] umount2("./242/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./242/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./242/cgroup") = 0 [pid 5063] umount2("./242/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./242/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./242/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./242") = 0 [pid 5063] mkdir("./243", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 731 ./strace-static-x86_64: Process 5801 attached [pid 5801] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5801] chdir("./243") = 0 [pid 5801] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5801] setpgid(0, 0) = 0 [pid 5801] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5801] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5801] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5801] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5801] write(3, "1000", 4) = 4 [pid 5801] close(3) = 0 [pid 5801] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5801] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5801] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5801] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5801] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5801] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5801] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5801] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5802 attached => {parent_tid=[732]}, 88) = 732 [pid 5802] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5801] rt_sigprocmask(SIG_SETMASK, [], [pid 5802] <... rseq resumed>) = 0 [pid 5802] set_robust_list(0x7eff0a34a9a0, 24 [pid 5801] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5802] <... set_robust_list resumed>) = 0 [pid 5802] rt_sigprocmask(SIG_SETMASK, [], [pid 5801] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5802] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5801] <... futex resumed>) = 0 [pid 5801] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5802] memfd_create("syzkaller", 0) = 3 [pid 5802] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5802] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5802] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5802] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5802] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5802] close(3) = 0 [pid 5802] mkdir("./file0", 0777) = 0 [pid 5802] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5802] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5802] chdir("./file0") = 0 [pid 5802] ioctl(4, LOOP_CLR_FD) = 0 [pid 5802] close(4) = 0 [ 194.503543][ T5802] loop0: detected capacity change from 0 to 4096 [ 194.523066][ T5802] ntfs: volume version 3.1. [pid 5802] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5801] <... futex resumed>) = 0 [pid 5802] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5801] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5802] <... openat resumed>) = 4 [pid 5801] <... futex resumed>) = 0 [pid 5802] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5801] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5802] <... futex resumed>) = 0 [pid 5802] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5801] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5801] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5801] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5802] <... futex resumed>) = 0 [pid 5802] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5801] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5801] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5801] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5801] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5801] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5801] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5803 attached => {parent_tid=[733]}, 88) = 733 [pid 5803] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5801] rt_sigprocmask(SIG_SETMASK, [], [pid 5803] <... rseq resumed>) = 0 [pid 5801] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5803] set_robust_list(0x7eff0a3299a0, 24 [pid 5801] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5803] <... set_robust_list resumed>) = 0 [pid 5801] <... futex resumed>) = 0 [pid 5803] rt_sigprocmask(SIG_SETMASK, [], [pid 5801] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5803] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5803] creat("./file1", 000) = 5 [pid 5802] <... write resumed>) = 1048064 [pid 5803] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5802] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5803] <... futex resumed>) = 1 [pid 5802] <... futex resumed>) = 0 [pid 5801] <... futex resumed>) = 0 [pid 5803] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5801] close(3) = 0 [pid 5801] close(4) = 0 [pid 5801] close(5) = 0 [pid 5801] close(6) = -1 EBADF (Bad file descriptor) [pid 5802] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5801] close(7) = -1 EBADF (Bad file descriptor) [pid 5801] close(8) = -1 EBADF (Bad file descriptor) [pid 5801] close(9) = -1 EBADF (Bad file descriptor) [pid 5801] close(10) = -1 EBADF (Bad file descriptor) [pid 5801] close(11) = -1 EBADF (Bad file descriptor) [pid 5801] close(12) = -1 EBADF (Bad file descriptor) [pid 5801] close(13) = -1 EBADF (Bad file descriptor) [pid 5801] close(14) = -1 EBADF (Bad file descriptor) [pid 5801] close(15) = -1 EBADF (Bad file descriptor) [pid 5801] close(16) = -1 EBADF (Bad file descriptor) [pid 5801] close(17) = -1 EBADF (Bad file descriptor) [pid 5801] close(18) = -1 EBADF (Bad file descriptor) [pid 5801] close(19) = -1 EBADF (Bad file descriptor) [pid 5801] close(20) = -1 EBADF (Bad file descriptor) [pid 5801] close(21) = -1 EBADF (Bad file descriptor) [pid 5801] close(22) = -1 EBADF (Bad file descriptor) [pid 5801] close(23) = -1 EBADF (Bad file descriptor) [pid 5801] close(24) = -1 EBADF (Bad file descriptor) [pid 5801] close(25) = -1 EBADF (Bad file descriptor) [pid 5801] close(26) = -1 EBADF (Bad file descriptor) [pid 5801] close(27) = -1 EBADF (Bad file descriptor) [pid 5801] close(28) = -1 EBADF (Bad file descriptor) [pid 5801] close(29) = -1 EBADF (Bad file descriptor) [pid 5801] exit_group(0) = ? [pid 5803] <... futex resumed>) = ? [pid 5802] <... futex resumed>) = ? [pid 5803] +++ exited with 0 +++ [pid 5802] +++ exited with 0 +++ [pid 5801] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=731, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./243", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./243", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./243/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./243/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./243/cgroup.cpu") = 0 [pid 5063] umount2("./243/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./243/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./243/binderfs") = 0 [pid 5063] umount2("./243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./243/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./243/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./243/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./243/file0") = 0 [pid 5063] umount2("./243/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./243/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./243/cgroup") = 0 [pid 5063] umount2("./243/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./243/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./243/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./243") = 0 [pid 5063] mkdir("./244", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5804 attached [pid 5804] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 734 [pid 5804] chdir("./244") = 0 [pid 5804] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5804] setpgid(0, 0) = 0 [pid 5804] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5804] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5804] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5804] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5804] write(3, "1000", 4) = 4 [pid 5804] close(3) = 0 [pid 5804] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5804] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5804] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5804] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5804] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5804] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5804] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5804] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5805 attached [pid 5805] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5804] <... clone3 resumed> => {parent_tid=[735]}, 88) = 735 [pid 5805] set_robust_list(0x7eff0a34a9a0, 24 [pid 5804] rt_sigprocmask(SIG_SETMASK, [], [pid 5805] <... set_robust_list resumed>) = 0 [pid 5804] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5805] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5804] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5805] memfd_create("syzkaller", 0 [pid 5804] <... futex resumed>) = 0 [pid 5804] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5805] <... memfd_create resumed>) = 3 [pid 5805] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5805] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5805] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5805] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5805] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5805] close(3) = 0 [pid 5805] mkdir("./file0", 0777) = 0 [pid 5805] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5805] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5805] chdir("./file0") = 0 [pid 5805] ioctl(4, LOOP_CLR_FD) = 0 [pid 5805] close(4) = 0 [pid 5805] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5804] <... futex resumed>) = 0 [pid 5805] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5804] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5805] <... futex resumed>) = 0 [pid 5804] <... futex resumed>) = 1 [pid 5805] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 195.035369][ T5805] loop0: detected capacity change from 0 to 4096 [ 195.052073][ T5805] ntfs: volume version 3.1. [pid 5804] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5805] <... openat resumed>) = 4 [pid 5805] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5805] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5804] <... futex resumed>) = 0 [pid 5804] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5805] <... futex resumed>) = 0 [pid 5804] <... futex resumed>) = 1 [pid 5805] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5804] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5804] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5804] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5804] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5804] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5804] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5806 attached [pid 5806] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5804] <... clone3 resumed> => {parent_tid=[736]}, 88) = 736 [pid 5806] <... rseq resumed>) = 0 [pid 5804] rt_sigprocmask(SIG_SETMASK, [], [pid 5806] set_robust_list(0x7eff0a3299a0, 24 [pid 5804] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5806] <... set_robust_list resumed>) = 0 [pid 5804] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5806] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5804] <... futex resumed>) = 0 [pid 5806] creat("./file1", 000 [pid 5804] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5806] <... creat resumed>) = 5 [pid 5806] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5805] <... write resumed>) = 1048064 [pid 5806] <... futex resumed>) = 1 [pid 5805] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5804] <... futex resumed>) = 0 [pid 5805] <... futex resumed>) = 0 [pid 5804] close(3 [pid 5806] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5804] <... close resumed>) = 0 [pid 5805] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5804] close(4) = 0 [pid 5804] close(5) = 0 [pid 5804] close(6) = -1 EBADF (Bad file descriptor) [pid 5804] close(7) = -1 EBADF (Bad file descriptor) [pid 5804] close(8) = -1 EBADF (Bad file descriptor) [pid 5804] close(9) = -1 EBADF (Bad file descriptor) [pid 5804] close(10) = -1 EBADF (Bad file descriptor) [pid 5804] close(11) = -1 EBADF (Bad file descriptor) [pid 5804] close(12) = -1 EBADF (Bad file descriptor) [pid 5804] close(13) = -1 EBADF (Bad file descriptor) [pid 5804] close(14) = -1 EBADF (Bad file descriptor) [pid 5804] close(15) = -1 EBADF (Bad file descriptor) [pid 5804] close(16) = -1 EBADF (Bad file descriptor) [pid 5804] close(17) = -1 EBADF (Bad file descriptor) [pid 5804] close(18) = -1 EBADF (Bad file descriptor) [pid 5804] close(19) = -1 EBADF (Bad file descriptor) [pid 5804] close(20) = -1 EBADF (Bad file descriptor) [pid 5804] close(21) = -1 EBADF (Bad file descriptor) [pid 5804] close(22) = -1 EBADF (Bad file descriptor) [pid 5804] close(23) = -1 EBADF (Bad file descriptor) [pid 5804] close(24) = -1 EBADF (Bad file descriptor) [pid 5804] close(25) = -1 EBADF (Bad file descriptor) [pid 5804] close(26) = -1 EBADF (Bad file descriptor) [pid 5804] close(27) = -1 EBADF (Bad file descriptor) [pid 5804] close(28) = -1 EBADF (Bad file descriptor) [pid 5804] close(29) = -1 EBADF (Bad file descriptor) [pid 5804] exit_group(0 [pid 5805] <... futex resumed>) = ? [pid 5804] <... exit_group resumed>) = ? [pid 5806] <... futex resumed>) = ? [pid 5805] +++ exited with 0 +++ [pid 5806] +++ exited with 0 +++ [pid 5804] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=734, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./244", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./244", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./244/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./244/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./244/cgroup.cpu") = 0 [pid 5063] umount2("./244/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./244/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./244/binderfs") = 0 [pid 5063] umount2("./244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./244/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./244/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./244/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./244/file0") = 0 [pid 5063] umount2("./244/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./244/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./244/cgroup") = 0 [pid 5063] umount2("./244/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./244/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./244/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./244") = 0 [pid 5063] mkdir("./245", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5807 attached [pid 5807] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 737 [pid 5807] chdir("./245") = 0 [pid 5807] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5807] setpgid(0, 0) = 0 [pid 5807] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5807] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5807] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5807] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5807] write(3, "1000", 4) = 4 [pid 5807] close(3) = 0 [pid 5807] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5807] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5807] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5807] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5807] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5807] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5807] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5807] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5808 attached [pid 5808] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5807] <... clone3 resumed> => {parent_tid=[738]}, 88) = 738 [pid 5808] <... rseq resumed>) = 0 [pid 5807] rt_sigprocmask(SIG_SETMASK, [], [pid 5808] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5808] rt_sigprocmask(SIG_SETMASK, [], [pid 5807] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5807] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5808] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5807] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5808] memfd_create("syzkaller", 0) = 3 [pid 5808] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5808] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5808] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5808] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5808] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5808] close(3) = 0 [pid 5808] mkdir("./file0", 0777) = 0 [pid 5808] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5808] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5808] chdir("./file0") = 0 [pid 5808] ioctl(4, LOOP_CLR_FD) = 0 [ 195.601695][ T5808] loop0: detected capacity change from 0 to 4096 [ 195.620439][ T5808] ntfs: volume version 3.1. [pid 5808] close(4) = 0 [pid 5808] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5807] <... futex resumed>) = 0 [pid 5808] <... futex resumed>) = 1 [pid 5807] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5808] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5807] <... futex resumed>) = 0 [pid 5808] <... openat resumed>) = 4 [pid 5807] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5808] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5807] <... futex resumed>) = 0 [pid 5808] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5807] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5807] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5807] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5807] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5807] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5807] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5807] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5809 attached [pid 5809] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5807] <... clone3 resumed> => {parent_tid=[739]}, 88) = 739 [pid 5807] rt_sigprocmask(SIG_SETMASK, [], [pid 5809] set_robust_list(0x7eff0a3299a0, 24 [pid 5807] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5809] <... set_robust_list resumed>) = 0 [pid 5807] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5809] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5809] creat("./file1", 000 [pid 5807] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5809] <... creat resumed>) = 5 [pid 5809] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5808] <... write resumed>) = 1048064 [pid 5807] <... futex resumed>) = 0 [pid 5809] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5808] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5808] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5807] close(3) = 0 [pid 5807] close(4) = 0 [pid 5807] close(5) = 0 [pid 5807] close(6) = -1 EBADF (Bad file descriptor) [pid 5807] close(7) = -1 EBADF (Bad file descriptor) [pid 5807] close(8) = -1 EBADF (Bad file descriptor) [pid 5807] close(9) = -1 EBADF (Bad file descriptor) [pid 5807] close(10) = -1 EBADF (Bad file descriptor) [pid 5807] close(11) = -1 EBADF (Bad file descriptor) [pid 5807] close(12) = -1 EBADF (Bad file descriptor) [pid 5807] close(13) = -1 EBADF (Bad file descriptor) [pid 5807] close(14) = -1 EBADF (Bad file descriptor) [pid 5807] close(15) = -1 EBADF (Bad file descriptor) [pid 5807] close(16) = -1 EBADF (Bad file descriptor) [pid 5807] close(17) = -1 EBADF (Bad file descriptor) [pid 5807] close(18) = -1 EBADF (Bad file descriptor) [pid 5807] close(19) = -1 EBADF (Bad file descriptor) [pid 5807] close(20) = -1 EBADF (Bad file descriptor) [pid 5807] close(21) = -1 EBADF (Bad file descriptor) [pid 5807] close(22) = -1 EBADF (Bad file descriptor) [pid 5807] close(23) = -1 EBADF (Bad file descriptor) [pid 5807] close(24) = -1 EBADF (Bad file descriptor) [pid 5807] close(25) = -1 EBADF (Bad file descriptor) [pid 5807] close(26) = -1 EBADF (Bad file descriptor) [pid 5807] close(27) = -1 EBADF (Bad file descriptor) [pid 5807] close(28) = -1 EBADF (Bad file descriptor) [pid 5807] close(29) = -1 EBADF (Bad file descriptor) [pid 5807] exit_group(0 [pid 5809] <... futex resumed>) = ? [pid 5808] <... futex resumed>) = ? [pid 5807] <... exit_group resumed>) = ? [pid 5809] +++ exited with 0 +++ [pid 5808] +++ exited with 0 +++ [pid 5807] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=737, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./245", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./245", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./245/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./245/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./245/cgroup.cpu") = 0 [pid 5063] umount2("./245/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./245/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./245/binderfs") = 0 [pid 5063] umount2("./245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./245/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./245/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./245/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./245/file0") = 0 [pid 5063] umount2("./245/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./245/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./245/cgroup") = 0 [pid 5063] umount2("./245/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./245/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./245/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./245") = 0 [pid 5063] mkdir("./246", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5810 attached , child_tidptr=0x5555560b8690) = 740 [pid 5810] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5810] chdir("./246") = 0 [pid 5810] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5810] setpgid(0, 0) = 0 [pid 5810] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5810] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5810] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5810] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5810] write(3, "1000", 4) = 4 [pid 5810] close(3) = 0 [pid 5810] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5810] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5810] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5810] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5810] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5810] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5810] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5810] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5811 attached => {parent_tid=[741]}, 88) = 741 [pid 5811] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5810] rt_sigprocmask(SIG_SETMASK, [], [pid 5811] set_robust_list(0x7eff0a34a9a0, 24 [pid 5810] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5810] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5811] <... set_robust_list resumed>) = 0 [pid 5810] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5811] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5811] memfd_create("syzkaller", 0) = 3 [pid 5811] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5811] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5811] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5811] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5811] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5811] close(3) = 0 [pid 5811] mkdir("./file0", 0777) = 0 [ 196.179959][ T5811] loop0: detected capacity change from 0 to 4096 [ 196.197548][ T5811] __ntfs_warning: 170 callbacks suppressed [ 196.197557][ T5811] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 196.224094][ T5811] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 196.234520][ T5811] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 196.250859][ T5811] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 196.259563][ T5811] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 196.279502][ T5811] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 196.288207][ T5811] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 196.308375][ T5811] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5811] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5811] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5811] chdir("./file0") = 0 [pid 5811] ioctl(4, LOOP_CLR_FD) = 0 [pid 5811] close(4) = 0 [ 196.317171][ T5811] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 196.337451][ T5811] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 196.350443][ T5811] ntfs: volume version 3.1. [pid 5811] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5810] <... futex resumed>) = 0 [pid 5811] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5810] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5811] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5810] <... futex resumed>) = 0 [pid 5811] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5810] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5811] <... openat resumed>) = 4 [pid 5811] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5811] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5810] <... futex resumed>) = 0 [pid 5810] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5811] <... futex resumed>) = 0 [pid 5810] <... futex resumed>) = 1 [pid 5811] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5810] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5810] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5810] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5810] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5810] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5810] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5812 attached => {parent_tid=[742]}, 88) = 742 [pid 5812] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5810] rt_sigprocmask(SIG_SETMASK, [], [pid 5812] <... rseq resumed>) = 0 [pid 5810] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5812] set_robust_list(0x7eff0a3299a0, 24 [pid 5810] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5812] <... set_robust_list resumed>) = 0 [pid 5810] <... futex resumed>) = 0 [pid 5812] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5810] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5812] creat("./file1", 000) = 5 [pid 5811] <... write resumed>) = 1048064 [pid 5812] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5810] <... futex resumed>) = 0 [pid 5812] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5811] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5811] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5810] close(3) = 0 [pid 5810] close(4) = 0 [pid 5810] close(5) = 0 [pid 5810] close(6) = -1 EBADF (Bad file descriptor) [pid 5810] close(7) = -1 EBADF (Bad file descriptor) [pid 5810] close(8) = -1 EBADF (Bad file descriptor) [pid 5810] close(9) = -1 EBADF (Bad file descriptor) [pid 5810] close(10) = -1 EBADF (Bad file descriptor) [pid 5810] close(11) = -1 EBADF (Bad file descriptor) [pid 5810] close(12) = -1 EBADF (Bad file descriptor) [pid 5810] close(13) = -1 EBADF (Bad file descriptor) [pid 5810] close(14) = -1 EBADF (Bad file descriptor) [pid 5810] close(15) = -1 EBADF (Bad file descriptor) [pid 5810] close(16) = -1 EBADF (Bad file descriptor) [pid 5810] close(17) = -1 EBADF (Bad file descriptor) [pid 5810] close(18) = -1 EBADF (Bad file descriptor) [pid 5810] close(19) = -1 EBADF (Bad file descriptor) [pid 5810] close(20) = -1 EBADF (Bad file descriptor) [pid 5810] close(21) = -1 EBADF (Bad file descriptor) [pid 5810] close(22) = -1 EBADF (Bad file descriptor) [pid 5810] close(23) = -1 EBADF (Bad file descriptor) [pid 5810] close(24) = -1 EBADF (Bad file descriptor) [pid 5810] close(25) = -1 EBADF (Bad file descriptor) [pid 5810] close(26) = -1 EBADF (Bad file descriptor) [pid 5810] close(27) = -1 EBADF (Bad file descriptor) [pid 5810] close(28) = -1 EBADF (Bad file descriptor) [pid 5810] close(29) = -1 EBADF (Bad file descriptor) [pid 5810] exit_group(0 [pid 5812] <... futex resumed>) = ? [pid 5811] <... futex resumed>) = ? [pid 5812] +++ exited with 0 +++ [pid 5811] +++ exited with 0 +++ [pid 5810] <... exit_group resumed>) = ? [pid 5810] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=740, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] umount2("./246", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./246", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./246/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./246/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./246/cgroup.cpu") = 0 [pid 5063] umount2("./246/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./246/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./246/binderfs") = 0 [pid 5063] umount2("./246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./246/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./246/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./246/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./246/file0") = 0 [pid 5063] umount2("./246/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./246/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./246/cgroup") = 0 [pid 5063] umount2("./246/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./246/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./246/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./246") = 0 [pid 5063] mkdir("./247", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5813 attached , child_tidptr=0x5555560b8690) = 743 [pid 5813] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5813] chdir("./247") = 0 [pid 5813] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5813] setpgid(0, 0) = 0 [pid 5813] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5813] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5813] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5813] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5813] write(3, "1000", 4) = 4 [pid 5813] close(3) = 0 [pid 5813] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5813] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5813] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5813] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5813] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5813] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5813] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5813] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5814 attached => {parent_tid=[744]}, 88) = 744 [pid 5814] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5813] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5814] <... rseq resumed>) = 0 [pid 5813] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5813] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5814] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5814] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5814] memfd_create("syzkaller", 0) = 3 [pid 5814] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5814] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5814] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5814] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5814] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5814] close(3) = 0 [pid 5814] mkdir("./file0", 0777) = 0 [pid 5814] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5814] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5814] chdir("./file0") = 0 [pid 5814] ioctl(4, LOOP_CLR_FD) = 0 [pid 5814] close(4) = 0 [pid 5814] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5813] <... futex resumed>) = 0 [pid 5814] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5813] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5814] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5813] <... futex resumed>) = 0 [ 196.986539][ T5814] loop0: detected capacity change from 0 to 4096 [ 197.017107][ T5814] ntfs: volume version 3.1. [pid 5813] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5814] <... openat resumed>) = 4 [pid 5814] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5813] <... futex resumed>) = 0 [pid 5814] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5813] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5814] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5813] <... futex resumed>) = 0 [pid 5814] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5813] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5813] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5813] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5813] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5813] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5813] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5815 attached => {parent_tid=[745]}, 88) = 745 [pid 5815] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5813] rt_sigprocmask(SIG_SETMASK, [], [pid 5815] <... rseq resumed>) = 0 [pid 5813] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5815] set_robust_list(0x7eff0a3299a0, 24 [pid 5813] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5815] <... set_robust_list resumed>) = 0 [pid 5813] <... futex resumed>) = 0 [pid 5815] rt_sigprocmask(SIG_SETMASK, [], [pid 5813] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5815] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5815] creat("./file1", 000) = 5 [pid 5814] <... write resumed>) = 1048064 [pid 5815] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5814] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5815] <... futex resumed>) = 1 [pid 5813] <... futex resumed>) = 0 [pid 5815] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5814] <... futex resumed>) = 0 [pid 5813] close(3) = 0 [pid 5814] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5813] close(4) = 0 [pid 5813] close(5) = 0 [pid 5813] close(6) = -1 EBADF (Bad file descriptor) [pid 5813] close(7) = -1 EBADF (Bad file descriptor) [pid 5813] close(8) = -1 EBADF (Bad file descriptor) [pid 5813] close(9) = -1 EBADF (Bad file descriptor) [pid 5813] close(10) = -1 EBADF (Bad file descriptor) [pid 5813] close(11) = -1 EBADF (Bad file descriptor) [pid 5813] close(12) = -1 EBADF (Bad file descriptor) [pid 5813] close(13) = -1 EBADF (Bad file descriptor) [pid 5813] close(14) = -1 EBADF (Bad file descriptor) [pid 5813] close(15) = -1 EBADF (Bad file descriptor) [pid 5813] close(16) = -1 EBADF (Bad file descriptor) [pid 5813] close(17) = -1 EBADF (Bad file descriptor) [pid 5813] close(18) = -1 EBADF (Bad file descriptor) [pid 5813] close(19) = -1 EBADF (Bad file descriptor) [pid 5813] close(20) = -1 EBADF (Bad file descriptor) [pid 5813] close(21) = -1 EBADF (Bad file descriptor) [pid 5813] close(22) = -1 EBADF (Bad file descriptor) [pid 5813] close(23) = -1 EBADF (Bad file descriptor) [pid 5813] close(24) = -1 EBADF (Bad file descriptor) [pid 5813] close(25) = -1 EBADF (Bad file descriptor) [pid 5813] close(26) = -1 EBADF (Bad file descriptor) [pid 5813] close(27) = -1 EBADF (Bad file descriptor) [pid 5813] close(28) = -1 EBADF (Bad file descriptor) [pid 5813] close(29) = -1 EBADF (Bad file descriptor) [pid 5813] exit_group(0 [pid 5814] <... futex resumed>) = ? [pid 5813] <... exit_group resumed>) = ? [pid 5815] <... futex resumed>) = ? [pid 5814] +++ exited with 0 +++ [pid 5815] +++ exited with 0 +++ [pid 5813] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=743, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./247", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./247", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./247/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./247/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./247/cgroup.cpu") = 0 [pid 5063] umount2("./247/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./247/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./247/binderfs") = 0 [pid 5063] umount2("./247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./247/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./247/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./247/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./247/file0") = 0 [pid 5063] umount2("./247/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./247/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./247/cgroup") = 0 [pid 5063] umount2("./247/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./247/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./247/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./247") = 0 [pid 5063] mkdir("./248", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5816 attached , child_tidptr=0x5555560b8690) = 746 [pid 5816] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5816] chdir("./248") = 0 [pid 5816] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5816] setpgid(0, 0) = 0 [pid 5816] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5816] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5816] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5816] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5816] write(3, "1000", 4) = 4 [pid 5816] close(3) = 0 [pid 5816] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5816] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5816] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5816] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5816] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5816] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5816] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5816] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5817 attached => {parent_tid=[747]}, 88) = 747 [pid 5817] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5816] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5817] <... rseq resumed>) = 0 [pid 5816] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5817] set_robust_list(0x7eff0a34a9a0, 24 [pid 5816] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5817] <... set_robust_list resumed>) = 0 [pid 5817] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5817] memfd_create("syzkaller", 0) = 3 [pid 5817] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5817] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5817] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5817] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5817] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5817] close(3) = 0 [pid 5817] mkdir("./file0", 0777) = 0 [pid 5817] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5817] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5817] chdir("./file0") = 0 [pid 5817] ioctl(4, LOOP_CLR_FD) = 0 [pid 5817] close(4) = 0 [ 197.616340][ T5817] loop0: detected capacity change from 0 to 4096 [ 197.636466][ T5817] ntfs: volume version 3.1. [pid 5817] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5816] <... futex resumed>) = 0 [pid 5817] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5816] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5817] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5816] <... futex resumed>) = 0 [pid 5817] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5816] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5817] <... openat resumed>) = 4 [pid 5817] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5817] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5816] <... futex resumed>) = 0 [pid 5816] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5816] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5817] <... futex resumed>) = 0 [pid 5817] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5816] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5816] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5816] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5816] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5816] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5816] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5816] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5818 attached => {parent_tid=[748]}, 88) = 748 [pid 5818] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5816] rt_sigprocmask(SIG_SETMASK, [], [pid 5818] <... rseq resumed>) = 0 [pid 5816] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5818] set_robust_list(0x7eff0a3299a0, 24 [pid 5816] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5818] <... set_robust_list resumed>) = 0 [pid 5816] <... futex resumed>) = 0 [pid 5818] rt_sigprocmask(SIG_SETMASK, [], [pid 5816] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5818] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5818] creat("./file1", 000) = 5 [pid 5818] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5817] <... write resumed>) = 1048064 [pid 5818] <... futex resumed>) = 1 [pid 5816] <... futex resumed>) = 0 [pid 5817] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5816] close(3 [pid 5818] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5817] <... futex resumed>) = 0 [pid 5816] <... close resumed>) = 0 [pid 5817] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5816] close(4) = 0 [pid 5816] close(5) = 0 [pid 5816] close(6) = -1 EBADF (Bad file descriptor) [pid 5816] close(7) = -1 EBADF (Bad file descriptor) [pid 5816] close(8) = -1 EBADF (Bad file descriptor) [pid 5816] close(9) = -1 EBADF (Bad file descriptor) [pid 5816] close(10) = -1 EBADF (Bad file descriptor) [pid 5816] close(11) = -1 EBADF (Bad file descriptor) [pid 5816] close(12) = -1 EBADF (Bad file descriptor) [pid 5816] close(13) = -1 EBADF (Bad file descriptor) [pid 5816] close(14) = -1 EBADF (Bad file descriptor) [pid 5816] close(15) = -1 EBADF (Bad file descriptor) [pid 5816] close(16) = -1 EBADF (Bad file descriptor) [pid 5816] close(17) = -1 EBADF (Bad file descriptor) [pid 5816] close(18) = -1 EBADF (Bad file descriptor) [pid 5816] close(19) = -1 EBADF (Bad file descriptor) [pid 5816] close(20) = -1 EBADF (Bad file descriptor) [pid 5816] close(21) = -1 EBADF (Bad file descriptor) [pid 5816] close(22) = -1 EBADF (Bad file descriptor) [pid 5816] close(23) = -1 EBADF (Bad file descriptor) [pid 5816] close(24) = -1 EBADF (Bad file descriptor) [pid 5816] close(25) = -1 EBADF (Bad file descriptor) [pid 5816] close(26) = -1 EBADF (Bad file descriptor) [pid 5816] close(27) = -1 EBADF (Bad file descriptor) [pid 5816] close(28) = -1 EBADF (Bad file descriptor) [pid 5816] close(29) = -1 EBADF (Bad file descriptor) [pid 5816] exit_group(0) = ? [pid 5818] <... futex resumed>) = ? [pid 5817] <... futex resumed>) = ? [pid 5817] +++ exited with 0 +++ [pid 5818] +++ exited with 0 +++ [pid 5816] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=746, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./248", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./248", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./248/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./248/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./248/cgroup.cpu") = 0 [pid 5063] umount2("./248/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./248/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./248/binderfs") = 0 [pid 5063] umount2("./248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./248/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./248/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./248/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./248/file0") = 0 [pid 5063] umount2("./248/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./248/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./248/cgroup") = 0 [pid 5063] umount2("./248/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./248/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./248/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./248") = 0 [pid 5063] mkdir("./249", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5819 attached , child_tidptr=0x5555560b8690) = 749 [pid 5819] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5819] chdir("./249") = 0 [pid 5819] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5819] setpgid(0, 0) = 0 [pid 5819] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5819] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5819] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5819] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5819] write(3, "1000", 4) = 4 [pid 5819] close(3) = 0 [pid 5819] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5819] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5819] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5819] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5819] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5819] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5819] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5819] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5820 attached => {parent_tid=[750]}, 88) = 750 [pid 5820] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5819] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5819] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5819] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5820] <... rseq resumed>) = 0 [pid 5820] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5820] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5820] memfd_create("syzkaller", 0) = 3 [pid 5820] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5820] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5820] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5820] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5820] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5820] close(3) = 0 [pid 5820] mkdir("./file0", 0777) = 0 [pid 5820] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5820] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5820] chdir("./file0") = 0 [pid 5820] ioctl(4, LOOP_CLR_FD) = 0 [pid 5820] close(4) = 0 [pid 5820] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5820] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5819] <... futex resumed>) = 0 [pid 5819] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5820] <... futex resumed>) = 0 [pid 5819] <... futex resumed>) = 1 [pid 5820] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5819] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5820] <... openat resumed>) = 4 [pid 5820] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5819] <... futex resumed>) = 0 [pid 5820] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5819] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5820] <... futex resumed>) = 0 [pid 5819] <... futex resumed>) = 1 [pid 5819] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 198.156507][ T5820] loop0: detected capacity change from 0 to 4096 [ 198.186850][ T5820] ntfs: volume version 3.1. [pid 5820] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5819] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5819] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5819] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5819] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5819] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5819] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5821 attached => {parent_tid=[751]}, 88) = 751 [pid 5819] rt_sigprocmask(SIG_SETMASK, [], [pid 5821] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5821] set_robust_list(0x7eff0a3299a0, 24 [pid 5819] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5821] <... set_robust_list resumed>) = 0 [pid 5819] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5821] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5819] <... futex resumed>) = 0 [pid 5821] creat("./file1", 000 [pid 5819] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5821] <... creat resumed>) = 5 [pid 5820] <... write resumed>) = 1048064 [pid 5821] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5820] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5821] <... futex resumed>) = 1 [pid 5819] <... futex resumed>) = 0 [pid 5820] <... futex resumed>) = 0 [pid 5821] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5819] close(3) = 0 [pid 5819] close(4) = 0 [pid 5819] close(5 [pid 5820] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5819] <... close resumed>) = 0 [pid 5819] close(6) = -1 EBADF (Bad file descriptor) [pid 5819] close(7) = -1 EBADF (Bad file descriptor) [pid 5819] close(8) = -1 EBADF (Bad file descriptor) [pid 5819] close(9) = -1 EBADF (Bad file descriptor) [pid 5819] close(10) = -1 EBADF (Bad file descriptor) [pid 5819] close(11) = -1 EBADF (Bad file descriptor) [pid 5819] close(12) = -1 EBADF (Bad file descriptor) [pid 5819] close(13) = -1 EBADF (Bad file descriptor) [pid 5819] close(14) = -1 EBADF (Bad file descriptor) [pid 5819] close(15) = -1 EBADF (Bad file descriptor) [pid 5819] close(16) = -1 EBADF (Bad file descriptor) [pid 5819] close(17) = -1 EBADF (Bad file descriptor) [pid 5819] close(18) = -1 EBADF (Bad file descriptor) [pid 5819] close(19) = -1 EBADF (Bad file descriptor) [pid 5819] close(20) = -1 EBADF (Bad file descriptor) [pid 5819] close(21) = -1 EBADF (Bad file descriptor) [pid 5819] close(22) = -1 EBADF (Bad file descriptor) [pid 5819] close(23) = -1 EBADF (Bad file descriptor) [pid 5819] close(24) = -1 EBADF (Bad file descriptor) [pid 5819] close(25) = -1 EBADF (Bad file descriptor) [pid 5819] close(26) = -1 EBADF (Bad file descriptor) [pid 5819] close(27) = -1 EBADF (Bad file descriptor) [pid 5819] close(28) = -1 EBADF (Bad file descriptor) [pid 5819] close(29) = -1 EBADF (Bad file descriptor) [pid 5819] exit_group(0) = ? [pid 5820] <... futex resumed>) = ? [pid 5821] <... futex resumed>) = ? [pid 5821] +++ exited with 0 +++ [pid 5820] +++ exited with 0 +++ [pid 5819] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=749, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./249", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./249", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./249/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./249/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./249/cgroup.cpu") = 0 [pid 5063] umount2("./249/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./249/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./249/binderfs") = 0 [pid 5063] umount2("./249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./249/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./249/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./249/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./249/file0") = 0 [pid 5063] umount2("./249/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./249/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./249/cgroup") = 0 [pid 5063] umount2("./249/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./249/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./249/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./249") = 0 [pid 5063] mkdir("./250", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 752 ./strace-static-x86_64: Process 5822 attached [pid 5822] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5822] chdir("./250") = 0 [pid 5822] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5822] setpgid(0, 0) = 0 [pid 5822] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5822] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5822] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5822] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5822] write(3, "1000", 4) = 4 [pid 5822] close(3) = 0 [pid 5822] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5822] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5822] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5822] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5822] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5822] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5822] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5822] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5823 attached [pid 5823] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5822] <... clone3 resumed> => {parent_tid=[753]}, 88) = 753 [pid 5823] <... rseq resumed>) = 0 [pid 5822] rt_sigprocmask(SIG_SETMASK, [], [pid 5823] set_robust_list(0x7eff0a34a9a0, 24 [pid 5822] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5823] <... set_robust_list resumed>) = 0 [pid 5823] rt_sigprocmask(SIG_SETMASK, [], [pid 5822] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5823] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5822] <... futex resumed>) = 0 [pid 5822] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5823] memfd_create("syzkaller", 0) = 3 [pid 5823] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5823] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5823] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5823] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5823] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5823] close(3) = 0 [pid 5823] mkdir("./file0", 0777) = 0 [pid 5823] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5823] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5823] chdir("./file0") = 0 [pid 5823] ioctl(4, LOOP_CLR_FD) = 0 [pid 5823] close(4) = 0 [pid 5823] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5822] <... futex resumed>) = 0 [pid 5823] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5822] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5822] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5823] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 198.733114][ T5823] loop0: detected capacity change from 0 to 4096 [ 198.763851][ T5823] ntfs: volume version 3.1. [pid 5823] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5823] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5822] <... futex resumed>) = 0 [pid 5822] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5822] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5823] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5822] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5822] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5822] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5822] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5822] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5822] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5824 attached [pid 5824] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5822] <... clone3 resumed> => {parent_tid=[754]}, 88) = 754 [pid 5824] <... rseq resumed>) = 0 [pid 5822] rt_sigprocmask(SIG_SETMASK, [], [pid 5824] set_robust_list(0x7eff0a3299a0, 24 [pid 5822] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5824] <... set_robust_list resumed>) = 0 [pid 5822] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5824] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5822] <... futex resumed>) = 0 [pid 5822] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5824] creat("./file1", 000) = 5 [pid 5824] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5823] <... write resumed>) = 1048064 [pid 5824] <... futex resumed>) = 1 [pid 5823] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5822] <... futex resumed>) = 0 [pid 5823] <... futex resumed>) = 0 [pid 5824] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5822] close(3) = 0 [pid 5823] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5822] close(4) = 0 [pid 5822] close(5) = 0 [pid 5822] close(6) = -1 EBADF (Bad file descriptor) [pid 5822] close(7) = -1 EBADF (Bad file descriptor) [pid 5822] close(8) = -1 EBADF (Bad file descriptor) [pid 5822] close(9) = -1 EBADF (Bad file descriptor) [pid 5822] close(10) = -1 EBADF (Bad file descriptor) [pid 5822] close(11) = -1 EBADF (Bad file descriptor) [pid 5822] close(12) = -1 EBADF (Bad file descriptor) [pid 5822] close(13) = -1 EBADF (Bad file descriptor) [pid 5822] close(14) = -1 EBADF (Bad file descriptor) [pid 5822] close(15) = -1 EBADF (Bad file descriptor) [pid 5822] close(16) = -1 EBADF (Bad file descriptor) [pid 5822] close(17) = -1 EBADF (Bad file descriptor) [pid 5822] close(18) = -1 EBADF (Bad file descriptor) [pid 5822] close(19) = -1 EBADF (Bad file descriptor) [pid 5822] close(20) = -1 EBADF (Bad file descriptor) [pid 5822] close(21) = -1 EBADF (Bad file descriptor) [pid 5822] close(22) = -1 EBADF (Bad file descriptor) [pid 5822] close(23) = -1 EBADF (Bad file descriptor) [pid 5822] close(24) = -1 EBADF (Bad file descriptor) [pid 5822] close(25) = -1 EBADF (Bad file descriptor) [pid 5822] close(26) = -1 EBADF (Bad file descriptor) [pid 5822] close(27) = -1 EBADF (Bad file descriptor) [pid 5822] close(28) = -1 EBADF (Bad file descriptor) [pid 5822] close(29) = -1 EBADF (Bad file descriptor) [pid 5822] exit_group(0) = ? [pid 5824] <... futex resumed>) = ? [pid 5823] <... futex resumed>) = ? [pid 5824] +++ exited with 0 +++ [pid 5823] +++ exited with 0 +++ [pid 5822] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=752, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./250", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./250", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./250/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./250/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./250/cgroup.cpu") = 0 [pid 5063] umount2("./250/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./250/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./250/binderfs") = 0 [pid 5063] umount2("./250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./250/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./250/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./250/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./250/file0") = 0 [pid 5063] umount2("./250/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./250/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./250/cgroup") = 0 [pid 5063] umount2("./250/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./250/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./250/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./250") = 0 [pid 5063] mkdir("./251", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5825 attached , child_tidptr=0x5555560b8690) = 755 [pid 5825] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5825] chdir("./251") = 0 [pid 5825] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5825] setpgid(0, 0) = 0 [pid 5825] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5825] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5825] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5825] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5825] write(3, "1000", 4) = 4 [pid 5825] close(3) = 0 [pid 5825] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5825] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5825] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5825] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5825] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5825] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5825] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5825] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5826 attached [pid 5826] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5825] <... clone3 resumed> => {parent_tid=[756]}, 88) = 756 [pid 5826] <... rseq resumed>) = 0 [pid 5825] rt_sigprocmask(SIG_SETMASK, [], [pid 5826] set_robust_list(0x7eff0a34a9a0, 24 [pid 5825] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5826] <... set_robust_list resumed>) = 0 [pid 5825] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5826] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5825] <... futex resumed>) = 0 [pid 5826] memfd_create("syzkaller", 0 [pid 5825] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5826] <... memfd_create resumed>) = 3 [pid 5826] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5826] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5826] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5826] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5826] close(3) = 0 [pid 5826] mkdir("./file0", 0777) = 0 [pid 5826] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5826] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5826] chdir("./file0") = 0 [pid 5826] ioctl(4, LOOP_CLR_FD) = 0 [pid 5826] close(4) = 0 [pid 5826] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5825] <... futex resumed>) = 0 [pid 5826] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5825] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5826] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5826] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5825] <... futex resumed>) = 0 [ 199.332424][ T5826] loop0: detected capacity change from 0 to 4096 [ 199.362816][ T5826] ntfs: volume version 3.1. [pid 5826] <... openat resumed>) = 4 [pid 5825] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5826] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5825] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5826] <... futex resumed>) = 0 [pid 5826] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5825] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5825] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5826] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5826] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5825] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5825] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5825] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5825] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5825] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5825] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5827 attached => {parent_tid=[757]}, 88) = 757 [pid 5827] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5825] rt_sigprocmask(SIG_SETMASK, [], [pid 5827] set_robust_list(0x7eff0a3299a0, 24 [pid 5825] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5827] <... set_robust_list resumed>) = 0 [pid 5825] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5827] rt_sigprocmask(SIG_SETMASK, [], [pid 5825] <... futex resumed>) = 0 [pid 5827] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5825] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5827] creat("./file1", 000) = 5 [pid 5827] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5826] <... write resumed>) = 1048064 [pid 5827] <... futex resumed>) = 1 [pid 5825] <... futex resumed>) = 0 [pid 5826] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5825] close(3 [pid 5826] <... futex resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5826] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5827] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5825] close(4) = 0 [pid 5825] close(5) = 0 [pid 5825] close(6) = -1 EBADF (Bad file descriptor) [pid 5825] close(7) = -1 EBADF (Bad file descriptor) [pid 5825] close(8) = -1 EBADF (Bad file descriptor) [pid 5825] close(9) = -1 EBADF (Bad file descriptor) [pid 5825] close(10) = -1 EBADF (Bad file descriptor) [pid 5825] close(11) = -1 EBADF (Bad file descriptor) [pid 5825] close(12) = -1 EBADF (Bad file descriptor) [pid 5825] close(13) = -1 EBADF (Bad file descriptor) [pid 5825] close(14) = -1 EBADF (Bad file descriptor) [pid 5825] close(15) = -1 EBADF (Bad file descriptor) [pid 5825] close(16) = -1 EBADF (Bad file descriptor) [pid 5825] close(17) = -1 EBADF (Bad file descriptor) [pid 5825] close(18) = -1 EBADF (Bad file descriptor) [pid 5825] close(19) = -1 EBADF (Bad file descriptor) [pid 5825] close(20) = -1 EBADF (Bad file descriptor) [pid 5825] close(21) = -1 EBADF (Bad file descriptor) [pid 5825] close(22) = -1 EBADF (Bad file descriptor) [pid 5825] close(23) = -1 EBADF (Bad file descriptor) [pid 5825] close(24) = -1 EBADF (Bad file descriptor) [pid 5825] close(25) = -1 EBADF (Bad file descriptor) [pid 5825] close(26) = -1 EBADF (Bad file descriptor) [pid 5825] close(27) = -1 EBADF (Bad file descriptor) [pid 5825] close(28) = -1 EBADF (Bad file descriptor) [pid 5825] close(29) = -1 EBADF (Bad file descriptor) [pid 5825] exit_group(0) = ? [pid 5827] <... futex resumed>) = ? [pid 5826] <... futex resumed>) = ? [pid 5827] +++ exited with 0 +++ [pid 5826] +++ exited with 0 +++ [pid 5825] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=755, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./251", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./251", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./251/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./251/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./251/cgroup.cpu") = 0 [pid 5063] umount2("./251/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./251/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./251/binderfs") = 0 [pid 5063] umount2("./251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./251/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./251/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./251/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./251/file0") = 0 [pid 5063] umount2("./251/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./251/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./251/cgroup") = 0 [pid 5063] umount2("./251/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./251/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./251/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./251") = 0 [pid 5063] mkdir("./252", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5828 attached [pid 5828] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 758 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5828] chdir("./252") = 0 [pid 5828] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] setpgid(0, 0) = 0 [pid 5828] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5828] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5828] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5828] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5828] write(3, "1000", 4) = 4 [pid 5828] close(3) = 0 [pid 5828] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5828] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5828] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5828] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5828] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5828] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5828] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5828] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5829 attached => {parent_tid=[759]}, 88) = 759 [pid 5829] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5828] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5828] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5828] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5829] <... rseq resumed>) = 0 [pid 5829] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5829] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5829] memfd_create("syzkaller", 0) = 3 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5829] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5829] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5829] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5829] close(3) = 0 [pid 5829] mkdir("./file0", 0777) = 0 [pid 5829] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5829] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5829] chdir("./file0") = 0 [pid 5829] ioctl(4, LOOP_CLR_FD) = 0 [pid 5829] close(4) = 0 [pid 5829] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5829] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5828] <... futex resumed>) = 0 [pid 5828] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] <... futex resumed>) = 0 [pid 5828] <... futex resumed>) = 1 [pid 5829] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5828] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5829] <... openat resumed>) = 4 [pid 5829] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5828] <... futex resumed>) = 0 [pid 5829] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5828] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5828] <... futex resumed>) = 0 [pid 5829] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 199.856590][ T5829] loop0: detected capacity change from 0 to 4096 [ 199.879786][ T5829] ntfs: volume version 3.1. [pid 5828] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5828] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5828] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5828] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5828] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5828] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5830 attached => {parent_tid=[760]}, 88) = 760 [pid 5830] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5828] rt_sigprocmask(SIG_SETMASK, [], [pid 5830] <... rseq resumed>) = 0 [pid 5828] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5830] set_robust_list(0x7eff0a3299a0, 24 [pid 5828] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5830] <... set_robust_list resumed>) = 0 [pid 5828] <... futex resumed>) = 0 [pid 5830] rt_sigprocmask(SIG_SETMASK, [], [pid 5828] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5830] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5830] creat("./file1", 000) = 5 [pid 5830] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5829] <... write resumed>) = 1048064 [pid 5830] <... futex resumed>) = 1 [pid 5828] <... futex resumed>) = 0 [pid 5830] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5829] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5828] close(3 [pid 5829] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5828] <... close resumed>) = 0 [pid 5828] close(4) = 0 [pid 5828] close(5) = 0 [pid 5828] close(6) = -1 EBADF (Bad file descriptor) [pid 5828] close(7) = -1 EBADF (Bad file descriptor) [pid 5828] close(8) = -1 EBADF (Bad file descriptor) [pid 5828] close(9) = -1 EBADF (Bad file descriptor) [pid 5828] close(10) = -1 EBADF (Bad file descriptor) [pid 5828] close(11) = -1 EBADF (Bad file descriptor) [pid 5828] close(12) = -1 EBADF (Bad file descriptor) [pid 5828] close(13) = -1 EBADF (Bad file descriptor) [pid 5828] close(14) = -1 EBADF (Bad file descriptor) [pid 5828] close(15) = -1 EBADF (Bad file descriptor) [pid 5828] close(16) = -1 EBADF (Bad file descriptor) [pid 5828] close(17) = -1 EBADF (Bad file descriptor) [pid 5828] close(18) = -1 EBADF (Bad file descriptor) [pid 5828] close(19) = -1 EBADF (Bad file descriptor) [pid 5828] close(20) = -1 EBADF (Bad file descriptor) [pid 5828] close(21) = -1 EBADF (Bad file descriptor) [pid 5828] close(22) = -1 EBADF (Bad file descriptor) [pid 5828] close(23) = -1 EBADF (Bad file descriptor) [pid 5828] close(24) = -1 EBADF (Bad file descriptor) [pid 5828] close(25) = -1 EBADF (Bad file descriptor) [pid 5828] close(26) = -1 EBADF (Bad file descriptor) [pid 5828] close(27) = -1 EBADF (Bad file descriptor) [pid 5828] close(28) = -1 EBADF (Bad file descriptor) [pid 5828] close(29) = -1 EBADF (Bad file descriptor) [pid 5828] exit_group(0) = ? [pid 5830] <... futex resumed>) = ? [pid 5830] +++ exited with 0 +++ [pid 5829] <... futex resumed>) = ? [pid 5829] +++ exited with 0 +++ [pid 5828] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=758, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./252", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./252", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./252/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./252/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./252/cgroup.cpu") = 0 [pid 5063] umount2("./252/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./252/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./252/binderfs") = 0 [pid 5063] umount2("./252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./252/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./252/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./252/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./252/file0") = 0 [pid 5063] umount2("./252/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./252/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./252/cgroup") = 0 [pid 5063] umount2("./252/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./252/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./252/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./252") = 0 [pid 5063] mkdir("./253", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5831 attached , child_tidptr=0x5555560b8690) = 761 [pid 5831] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5831] chdir("./253") = 0 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5831] setpgid(0, 0) = 0 [pid 5831] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5831] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5831] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5831] write(3, "1000", 4) = 4 [pid 5831] close(3) = 0 [pid 5831] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5831] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5831] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5831] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5831] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5831] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5831] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5831] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5832 attached [pid 5832] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5831] <... clone3 resumed> => {parent_tid=[762]}, 88) = 762 [pid 5832] <... rseq resumed>) = 0 [pid 5831] rt_sigprocmask(SIG_SETMASK, [], [pid 5832] set_robust_list(0x7eff0a34a9a0, 24 [pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5832] <... set_robust_list resumed>) = 0 [pid 5832] rt_sigprocmask(SIG_SETMASK, [], [pid 5831] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5831] <... futex resumed>) = 0 [pid 5831] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5832] memfd_create("syzkaller", 0) = 3 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5832] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5832] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5832] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5832] close(3) = 0 [pid 5832] mkdir("./file0", 0777) = 0 [pid 5832] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5832] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5832] chdir("./file0") = 0 [pid 5832] ioctl(4, LOOP_CLR_FD) = 0 [pid 5832] close(4) = 0 [pid 5832] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5831] <... futex resumed>) = 0 [pid 5832] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5831] <... futex resumed>) = 0 [pid 5831] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 200.313119][ T5832] loop0: detected capacity change from 0 to 4096 [ 200.338319][ T5832] ntfs: volume version 3.1. [pid 5832] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5832] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5831] <... futex resumed>) = 0 [pid 5832] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5831] <... futex resumed>) = 0 [pid 5832] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5831] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5831] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5831] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5831] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5831] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5831] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5833 attached => {parent_tid=[763]}, 88) = 763 [pid 5833] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5831] rt_sigprocmask(SIG_SETMASK, [], [pid 5833] <... rseq resumed>) = 0 [pid 5831] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5831] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5831] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5833] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5833] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5833] creat("./file1", 000) = 5 [pid 5832] <... write resumed>) = 1048064 [pid 5833] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5832] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5831] <... futex resumed>) = 0 [pid 5833] <... futex resumed>) = 1 [pid 5832] <... futex resumed>) = 0 [pid 5831] close(3 [pid 5833] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5832] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5831] <... close resumed>) = 0 [pid 5831] close(4) = 0 [pid 5831] close(5) = 0 [pid 5831] close(6) = -1 EBADF (Bad file descriptor) [pid 5831] close(7) = -1 EBADF (Bad file descriptor) [pid 5831] close(8) = -1 EBADF (Bad file descriptor) [pid 5831] close(9) = -1 EBADF (Bad file descriptor) [pid 5831] close(10) = -1 EBADF (Bad file descriptor) [pid 5831] close(11) = -1 EBADF (Bad file descriptor) [pid 5831] close(12) = -1 EBADF (Bad file descriptor) [pid 5831] close(13) = -1 EBADF (Bad file descriptor) [pid 5831] close(14) = -1 EBADF (Bad file descriptor) [pid 5831] close(15) = -1 EBADF (Bad file descriptor) [pid 5831] close(16) = -1 EBADF (Bad file descriptor) [pid 5831] close(17) = -1 EBADF (Bad file descriptor) [pid 5831] close(18) = -1 EBADF (Bad file descriptor) [pid 5831] close(19) = -1 EBADF (Bad file descriptor) [pid 5831] close(20) = -1 EBADF (Bad file descriptor) [pid 5831] close(21) = -1 EBADF (Bad file descriptor) [pid 5831] close(22) = -1 EBADF (Bad file descriptor) [pid 5831] close(23) = -1 EBADF (Bad file descriptor) [pid 5831] close(24) = -1 EBADF (Bad file descriptor) [pid 5831] close(25) = -1 EBADF (Bad file descriptor) [pid 5831] close(26) = -1 EBADF (Bad file descriptor) [pid 5831] close(27) = -1 EBADF (Bad file descriptor) [pid 5831] close(28) = -1 EBADF (Bad file descriptor) [pid 5831] close(29) = -1 EBADF (Bad file descriptor) [pid 5831] exit_group(0 [pid 5832] <... futex resumed>) = ? [pid 5833] <... futex resumed>) = ? [pid 5831] <... exit_group resumed>) = ? [pid 5832] +++ exited with 0 +++ [pid 5833] +++ exited with 0 +++ [pid 5831] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=761, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./253", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./253", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./253/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./253/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./253/cgroup.cpu") = 0 [pid 5063] umount2("./253/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./253/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./253/binderfs") = 0 [pid 5063] umount2("./253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./253/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./253/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./253/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./253/file0") = 0 [pid 5063] umount2("./253/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./253/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./253/cgroup") = 0 [pid 5063] umount2("./253/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./253/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./253/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./253") = 0 [pid 5063] mkdir("./254", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5834 attached , child_tidptr=0x5555560b8690) = 764 [pid 5834] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5834] chdir("./254") = 0 [pid 5834] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5834] setpgid(0, 0) = 0 [pid 5834] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5834] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5834] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5834] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5834] write(3, "1000", 4) = 4 [pid 5834] close(3) = 0 [pid 5834] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5834] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5834] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5834] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5834] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5834] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5835 attached => {parent_tid=[765]}, 88) = 765 [pid 5835] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5834] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5834] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5834] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5835] <... rseq resumed>) = 0 [pid 5835] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5835] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5835] memfd_create("syzkaller", 0) = 3 [pid 5835] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5835] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5835] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5835] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5835] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5835] close(3) = 0 [pid 5835] mkdir("./file0", 0777) = 0 [pid 5835] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5835] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5835] chdir("./file0") = 0 [pid 5835] ioctl(4, LOOP_CLR_FD) = 0 [pid 5835] close(4) = 0 [pid 5835] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5835] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] <... futex resumed>) = 0 [ 200.906323][ T5835] loop0: detected capacity change from 0 to 4096 [ 200.937100][ T5835] ntfs: volume version 3.1. [pid 5834] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5835] <... futex resumed>) = 0 [pid 5834] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5835] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5835] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5834] <... futex resumed>) = 0 [pid 5835] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5834] <... futex resumed>) = 0 [pid 5835] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5834] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5834] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5834] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5834] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5834] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5834] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5836 attached => {parent_tid=[766]}, 88) = 766 [pid 5836] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5834] rt_sigprocmask(SIG_SETMASK, [], [pid 5836] <... rseq resumed>) = 0 [pid 5836] set_robust_list(0x7eff0a3299a0, 24 [pid 5834] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5836] <... set_robust_list resumed>) = 0 [pid 5834] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5836] rt_sigprocmask(SIG_SETMASK, [], [pid 5834] <... futex resumed>) = 0 [pid 5836] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5834] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5836] creat("./file1", 000) = 5 [pid 5835] <... write resumed>) = 1048064 [pid 5836] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5835] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5836] <... futex resumed>) = 1 [pid 5835] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] <... futex resumed>) = 0 [pid 5836] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5834] close(3) = 0 [pid 5834] close(4) = 0 [pid 5834] close(5) = 0 [pid 5834] close(6) = -1 EBADF (Bad file descriptor) [pid 5834] close(7) = -1 EBADF (Bad file descriptor) [pid 5834] close(8) = -1 EBADF (Bad file descriptor) [pid 5834] close(9) = -1 EBADF (Bad file descriptor) [pid 5834] close(10) = -1 EBADF (Bad file descriptor) [pid 5834] close(11) = -1 EBADF (Bad file descriptor) [pid 5834] close(12) = -1 EBADF (Bad file descriptor) [pid 5834] close(13) = -1 EBADF (Bad file descriptor) [pid 5834] close(14) = -1 EBADF (Bad file descriptor) [pid 5834] close(15) = -1 EBADF (Bad file descriptor) [pid 5834] close(16) = -1 EBADF (Bad file descriptor) [pid 5834] close(17) = -1 EBADF (Bad file descriptor) [pid 5834] close(18) = -1 EBADF (Bad file descriptor) [pid 5834] close(19) = -1 EBADF (Bad file descriptor) [pid 5834] close(20) = -1 EBADF (Bad file descriptor) [pid 5834] close(21) = -1 EBADF (Bad file descriptor) [pid 5834] close(22) = -1 EBADF (Bad file descriptor) [pid 5834] close(23) = -1 EBADF (Bad file descriptor) [pid 5834] close(24) = -1 EBADF (Bad file descriptor) [pid 5834] close(25) = -1 EBADF (Bad file descriptor) [pid 5834] close(26) = -1 EBADF (Bad file descriptor) [pid 5834] close(27) = -1 EBADF (Bad file descriptor) [pid 5834] close(28) = -1 EBADF (Bad file descriptor) [pid 5834] close(29) = -1 EBADF (Bad file descriptor) [pid 5834] exit_group(0) = ? [pid 5836] <... futex resumed>) = ? [pid 5835] <... futex resumed>) = ? [pid 5836] +++ exited with 0 +++ [pid 5835] +++ exited with 0 +++ [pid 5834] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=764, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./254", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./254", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./254/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./254/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./254/cgroup.cpu") = 0 [pid 5063] umount2("./254/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./254/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./254/binderfs") = 0 [pid 5063] umount2("./254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./254/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./254/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./254/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./254/file0") = 0 [pid 5063] umount2("./254/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./254/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./254/cgroup") = 0 [pid 5063] umount2("./254/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./254/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./254/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./254") = 0 [pid 5063] mkdir("./255", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5837 attached , child_tidptr=0x5555560b8690) = 767 [pid 5837] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5837] chdir("./255") = 0 [pid 5837] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5837] setpgid(0, 0) = 0 [pid 5837] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5837] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5837] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5837] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5837] write(3, "1000", 4) = 4 [pid 5837] close(3) = 0 [pid 5837] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5837] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5837] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5837] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5837] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5837] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5838 attached => {parent_tid=[768]}, 88) = 768 [pid 5838] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5837] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5837] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5837] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5838] <... rseq resumed>) = 0 [pid 5838] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5838] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5838] memfd_create("syzkaller", 0) = 3 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5838] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5838] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5838] close(3) = 0 [pid 5838] mkdir("./file0", 0777) = 0 [ 201.486605][ T5838] loop0: detected capacity change from 0 to 4096 [ 201.497013][ T5838] __ntfs_warning: 170 callbacks suppressed [ 201.497021][ T5838] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 201.524056][ T5838] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 201.533786][ T5838] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 201.550097][ T5838] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 201.558848][ T5838] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 201.578934][ T5838] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 201.587731][ T5838] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 201.607871][ T5838] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 201.616588][ T5838] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [pid 5838] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5838] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5838] chdir("./file0") = 0 [pid 5838] ioctl(4, LOOP_CLR_FD) = 0 [pid 5838] close(4) = 0 [pid 5838] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5838] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] <... futex resumed>) = 0 [pid 5837] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5838] <... futex resumed>) = 0 [pid 5837] <... futex resumed>) = 1 [pid 5838] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5837] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5838] <... openat resumed>) = 4 [pid 5838] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5838] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] <... futex resumed>) = 0 [ 201.636606][ T5838] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 201.647344][ T5838] ntfs: volume version 3.1. [pid 5837] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5838] <... futex resumed>) = 0 [pid 5838] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5837] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5837] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5837] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5837] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5837] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5837] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5839 attached [pid 5839] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5839] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5839] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5839] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] <... clone3 resumed> => {parent_tid=[769]}, 88) = 769 [pid 5837] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5837] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5839] <... futex resumed>) = 0 [pid 5837] <... futex resumed>) = 1 [pid 5839] creat("./file1", 000 [pid 5837] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5839] <... creat resumed>) = 5 [pid 5838] <... write resumed>) = 1048064 [pid 5839] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5838] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5837] <... futex resumed>) = 0 [pid 5839] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5838] <... futex resumed>) = 0 [pid 5837] close(3 [pid 5838] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5837] <... close resumed>) = 0 [pid 5837] close(4) = 0 [pid 5837] close(5) = 0 [pid 5837] close(6) = -1 EBADF (Bad file descriptor) [pid 5837] close(7) = -1 EBADF (Bad file descriptor) [pid 5837] close(8) = -1 EBADF (Bad file descriptor) [pid 5837] close(9) = -1 EBADF (Bad file descriptor) [pid 5837] close(10) = -1 EBADF (Bad file descriptor) [pid 5837] close(11) = -1 EBADF (Bad file descriptor) [pid 5837] close(12) = -1 EBADF (Bad file descriptor) [pid 5837] close(13) = -1 EBADF (Bad file descriptor) [pid 5837] close(14) = -1 EBADF (Bad file descriptor) [pid 5837] close(15) = -1 EBADF (Bad file descriptor) [pid 5837] close(16) = -1 EBADF (Bad file descriptor) [pid 5837] close(17) = -1 EBADF (Bad file descriptor) [pid 5837] close(18) = -1 EBADF (Bad file descriptor) [pid 5837] close(19) = -1 EBADF (Bad file descriptor) [pid 5837] close(20) = -1 EBADF (Bad file descriptor) [pid 5837] close(21) = -1 EBADF (Bad file descriptor) [pid 5837] close(22) = -1 EBADF (Bad file descriptor) [pid 5837] close(23) = -1 EBADF (Bad file descriptor) [pid 5837] close(24) = -1 EBADF (Bad file descriptor) [pid 5837] close(25) = -1 EBADF (Bad file descriptor) [pid 5837] close(26) = -1 EBADF (Bad file descriptor) [pid 5837] close(27) = -1 EBADF (Bad file descriptor) [pid 5837] close(28) = -1 EBADF (Bad file descriptor) [pid 5837] close(29) = -1 EBADF (Bad file descriptor) [pid 5837] exit_group(0) = ? [pid 5839] <... futex resumed>) = ? [pid 5838] <... futex resumed>) = ? [pid 5839] +++ exited with 0 +++ [pid 5838] +++ exited with 0 +++ [pid 5837] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=767, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./255", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./255", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./255/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./255/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./255/cgroup.cpu") = 0 [pid 5063] umount2("./255/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./255/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./255/binderfs") = 0 [pid 5063] umount2("./255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./255/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./255/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./255/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./255/file0") = 0 [pid 5063] umount2("./255/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./255/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./255/cgroup") = 0 [pid 5063] umount2("./255/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./255/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./255/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./255") = 0 [pid 5063] mkdir("./256", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5840 attached , child_tidptr=0x5555560b8690) = 770 [pid 5840] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5840] chdir("./256") = 0 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5840] setpgid(0, 0) = 0 [pid 5840] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5840] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5840] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5840] write(3, "1000", 4) = 4 [pid 5840] close(3) = 0 [pid 5840] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5840] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5840] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5840] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5840] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5841 attached [pid 5841] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5840] <... clone3 resumed> => {parent_tid=[771]}, 88) = 771 [pid 5841] set_robust_list(0x7eff0a34a9a0, 24 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5841] <... set_robust_list resumed>) = 0 [pid 5841] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5841] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5840] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] memfd_create("syzkaller", 0 [pid 5840] <... futex resumed>) = 0 [pid 5840] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5841] <... memfd_create resumed>) = 3 [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5841] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5841] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5841] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5841] close(3) = 0 [pid 5841] mkdir("./file0", 0777) = 0 [pid 5841] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5841] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5841] chdir("./file0") = 0 [pid 5841] ioctl(4, LOOP_CLR_FD) = 0 [pid 5841] close(4) = 0 [pid 5841] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5840] <... futex resumed>) = 0 [pid 5841] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5840] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5841] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5840] <... futex resumed>) = 0 [pid 5840] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5841] <... openat resumed>) = 4 [pid 5841] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5840] <... futex resumed>) = 0 [pid 5841] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [ 202.208434][ T5841] loop0: detected capacity change from 0 to 4096 [ 202.238417][ T5841] ntfs: volume version 3.1. [pid 5840] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5841] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5840] <... futex resumed>) = 0 [pid 5840] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5840] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5840] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5840] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5840] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5840] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5842 attached => {parent_tid=[772]}, 88) = 772 [pid 5842] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5840] rt_sigprocmask(SIG_SETMASK, [], [pid 5842] <... rseq resumed>) = 0 [pid 5840] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] set_robust_list(0x7eff0a3299a0, 24 [pid 5840] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5842] rt_sigprocmask(SIG_SETMASK, [], [pid 5840] <... futex resumed>) = 0 [pid 5842] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5842] creat("./file1", 000 [pid 5840] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5842] <... creat resumed>) = 5 [pid 5841] <... write resumed>) = 1048064 [pid 5842] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5841] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5842] <... futex resumed>) = 1 [pid 5841] <... futex resumed>) = 0 [pid 5842] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5841] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5840] <... futex resumed>) = 0 [pid 5840] close(3) = 0 [pid 5840] close(4) = 0 [pid 5840] close(5) = 0 [pid 5840] close(6) = -1 EBADF (Bad file descriptor) [pid 5840] close(7) = -1 EBADF (Bad file descriptor) [pid 5840] close(8) = -1 EBADF (Bad file descriptor) [pid 5840] close(9) = -1 EBADF (Bad file descriptor) [pid 5840] close(10) = -1 EBADF (Bad file descriptor) [pid 5840] close(11) = -1 EBADF (Bad file descriptor) [pid 5840] close(12) = -1 EBADF (Bad file descriptor) [pid 5840] close(13) = -1 EBADF (Bad file descriptor) [pid 5840] close(14) = -1 EBADF (Bad file descriptor) [pid 5840] close(15) = -1 EBADF (Bad file descriptor) [pid 5840] close(16) = -1 EBADF (Bad file descriptor) [pid 5840] close(17) = -1 EBADF (Bad file descriptor) [pid 5840] close(18) = -1 EBADF (Bad file descriptor) [pid 5840] close(19) = -1 EBADF (Bad file descriptor) [pid 5840] close(20) = -1 EBADF (Bad file descriptor) [pid 5840] close(21) = -1 EBADF (Bad file descriptor) [pid 5840] close(22) = -1 EBADF (Bad file descriptor) [pid 5840] close(23) = -1 EBADF (Bad file descriptor) [pid 5840] close(24) = -1 EBADF (Bad file descriptor) [pid 5840] close(25) = -1 EBADF (Bad file descriptor) [pid 5840] close(26) = -1 EBADF (Bad file descriptor) [pid 5840] close(27) = -1 EBADF (Bad file descriptor) [pid 5840] close(28) = -1 EBADF (Bad file descriptor) [pid 5840] close(29) = -1 EBADF (Bad file descriptor) [pid 5840] exit_group(0) = ? [pid 5842] <... futex resumed>) = ? [pid 5841] <... futex resumed>) = ? [pid 5842] +++ exited with 0 +++ [pid 5841] +++ exited with 0 +++ [pid 5840] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=770, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./256", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./256", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./256/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./256/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./256/cgroup.cpu") = 0 [pid 5063] umount2("./256/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./256/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./256/binderfs") = 0 [pid 5063] umount2("./256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./256/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./256/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./256/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./256/file0") = 0 [pid 5063] umount2("./256/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./256/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./256/cgroup") = 0 [pid 5063] umount2("./256/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./256/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./256/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./256") = 0 [pid 5063] mkdir("./257", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5843 attached , child_tidptr=0x5555560b8690) = 773 [pid 5843] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5843] chdir("./257") = 0 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5843] setpgid(0, 0) = 0 [pid 5843] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5843] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5843] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5843] write(3, "1000", 4) = 4 [pid 5843] close(3) = 0 [pid 5843] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5843] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5843] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5843] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5844 attached => {parent_tid=[774]}, 88) = 774 [pid 5844] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5843] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5844] <... rseq resumed>) = 0 [pid 5844] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5844] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5844] memfd_create("syzkaller", 0) = 3 [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5844] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5844] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5844] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5844] close(3) = 0 [pid 5844] mkdir("./file0", 0777) = 0 [pid 5844] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5844] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5844] chdir("./file0") = 0 [pid 5844] ioctl(4, LOOP_CLR_FD) = 0 [pid 5844] close(4) = 0 [pid 5844] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5843] <... futex resumed>) = 0 [pid 5844] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5843] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5843] <... futex resumed>) = 0 [pid 5844] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5843] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5844] <... openat resumed>) = 4 [pid 5844] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5844] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5843] <... futex resumed>) = 0 [pid 5843] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] <... futex resumed>) = 0 [pid 5843] <... futex resumed>) = 1 [pid 5844] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 202.744498][ T5844] loop0: detected capacity change from 0 to 4096 [ 202.775084][ T5844] ntfs: volume version 3.1. [pid 5843] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5843] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5843] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5843] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5843] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5843] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5845 attached [pid 5845] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5843] <... clone3 resumed> => {parent_tid=[775]}, 88) = 775 [pid 5845] <... rseq resumed>) = 0 [pid 5843] rt_sigprocmask(SIG_SETMASK, [], [pid 5845] set_robust_list(0x7eff0a3299a0, 24 [pid 5843] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5843] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] rt_sigprocmask(SIG_SETMASK, [], [pid 5843] <... futex resumed>) = 0 [pid 5845] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5843] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5845] creat("./file1", 000) = 5 [pid 5844] <... write resumed>) = 1048064 [pid 5845] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5844] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5845] <... futex resumed>) = 1 [pid 5845] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5844] <... futex resumed>) = 0 [pid 5844] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5843] <... futex resumed>) = 0 [pid 5843] close(3) = 0 [pid 5843] close(4) = 0 [pid 5843] close(5) = 0 [pid 5843] close(6) = -1 EBADF (Bad file descriptor) [pid 5843] close(7) = -1 EBADF (Bad file descriptor) [pid 5843] close(8) = -1 EBADF (Bad file descriptor) [pid 5843] close(9) = -1 EBADF (Bad file descriptor) [pid 5843] close(10) = -1 EBADF (Bad file descriptor) [pid 5843] close(11) = -1 EBADF (Bad file descriptor) [pid 5843] close(12) = -1 EBADF (Bad file descriptor) [pid 5843] close(13) = -1 EBADF (Bad file descriptor) [pid 5843] close(14) = -1 EBADF (Bad file descriptor) [pid 5843] close(15) = -1 EBADF (Bad file descriptor) [pid 5843] close(16) = -1 EBADF (Bad file descriptor) [pid 5843] close(17) = -1 EBADF (Bad file descriptor) [pid 5843] close(18) = -1 EBADF (Bad file descriptor) [pid 5843] close(19) = -1 EBADF (Bad file descriptor) [pid 5843] close(20) = -1 EBADF (Bad file descriptor) [pid 5843] close(21) = -1 EBADF (Bad file descriptor) [pid 5843] close(22) = -1 EBADF (Bad file descriptor) [pid 5843] close(23) = -1 EBADF (Bad file descriptor) [pid 5843] close(24) = -1 EBADF (Bad file descriptor) [pid 5843] close(25) = -1 EBADF (Bad file descriptor) [pid 5843] close(26) = -1 EBADF (Bad file descriptor) [pid 5843] close(27) = -1 EBADF (Bad file descriptor) [pid 5843] close(28) = -1 EBADF (Bad file descriptor) [pid 5843] close(29) = -1 EBADF (Bad file descriptor) [pid 5843] exit_group(0) = ? [pid 5844] <... futex resumed>) = ? [pid 5845] <... futex resumed>) = ? [pid 5844] +++ exited with 0 +++ [pid 5845] +++ exited with 0 +++ [pid 5843] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=773, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./257", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./257", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./257/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./257/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./257/cgroup.cpu") = 0 [pid 5063] umount2("./257/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./257/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./257/binderfs") = 0 [pid 5063] umount2("./257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./257/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./257/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./257/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./257/file0") = 0 [pid 5063] umount2("./257/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./257/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./257/cgroup") = 0 [pid 5063] umount2("./257/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./257/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./257/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./257") = 0 [pid 5063] mkdir("./258", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5846 attached , child_tidptr=0x5555560b8690) = 776 [pid 5846] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5846] chdir("./258") = 0 [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5846] setpgid(0, 0) = 0 [pid 5846] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5846] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5846] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5846] write(3, "1000", 4) = 4 [pid 5846] close(3) = 0 [pid 5846] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5846] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5846] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5846] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5846] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5846] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5846] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5846] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5847 attached [pid 5847] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5846] <... clone3 resumed> => {parent_tid=[777]}, 88) = 777 [pid 5847] <... rseq resumed>) = 0 [pid 5847] set_robust_list(0x7eff0a34a9a0, 24 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], [pid 5847] <... set_robust_list resumed>) = 0 [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5847] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5846] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5846] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5847] memfd_create("syzkaller", 0) = 3 [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5847] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5847] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5847] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5847] close(3) = 0 [pid 5847] mkdir("./file0", 0777) = 0 [pid 5847] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5847] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5847] chdir("./file0") = 0 [pid 5847] ioctl(4, LOOP_CLR_FD) = 0 [pid 5847] close(4) = 0 [pid 5847] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5846] <... futex resumed>) = 0 [pid 5847] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5846] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5847] <... openat resumed>) = 4 [pid 5847] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5847] <... futex resumed>) = 0 [pid 5846] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5847] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5846] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5847] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5846] <... futex resumed>) = 0 [pid 5847] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 203.340096][ T5847] loop0: detected capacity change from 0 to 4096 [ 203.361820][ T5847] ntfs: volume version 3.1. [pid 5846] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5846] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5846] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5846] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5846] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5846] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5848 attached [pid 5848] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5846] <... clone3 resumed> => {parent_tid=[778]}, 88) = 778 [pid 5848] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5848] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5846] rt_sigprocmask(SIG_SETMASK, [], [pid 5848] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5846] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5846] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5848] <... futex resumed>) = 0 [pid 5846] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5848] creat("./file1", 000) = 5 [pid 5847] <... write resumed>) = 1048064 [pid 5848] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5847] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5846] <... futex resumed>) = 0 [pid 5847] <... futex resumed>) = 0 [pid 5846] close(3 [pid 5847] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5848] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5846] <... close resumed>) = 0 [pid 5846] close(4) = 0 [pid 5846] close(5) = 0 [pid 5846] close(6) = -1 EBADF (Bad file descriptor) [pid 5846] close(7) = -1 EBADF (Bad file descriptor) [pid 5846] close(8) = -1 EBADF (Bad file descriptor) [pid 5846] close(9) = -1 EBADF (Bad file descriptor) [pid 5846] close(10) = -1 EBADF (Bad file descriptor) [pid 5846] close(11) = -1 EBADF (Bad file descriptor) [pid 5846] close(12) = -1 EBADF (Bad file descriptor) [pid 5846] close(13) = -1 EBADF (Bad file descriptor) [pid 5846] close(14) = -1 EBADF (Bad file descriptor) [pid 5846] close(15) = -1 EBADF (Bad file descriptor) [pid 5846] close(16) = -1 EBADF (Bad file descriptor) [pid 5846] close(17) = -1 EBADF (Bad file descriptor) [pid 5846] close(18) = -1 EBADF (Bad file descriptor) [pid 5846] close(19) = -1 EBADF (Bad file descriptor) [pid 5846] close(20) = -1 EBADF (Bad file descriptor) [pid 5846] close(21) = -1 EBADF (Bad file descriptor) [pid 5846] close(22) = -1 EBADF (Bad file descriptor) [pid 5846] close(23) = -1 EBADF (Bad file descriptor) [pid 5846] close(24) = -1 EBADF (Bad file descriptor) [pid 5846] close(25) = -1 EBADF (Bad file descriptor) [pid 5846] close(26) = -1 EBADF (Bad file descriptor) [pid 5846] close(27) = -1 EBADF (Bad file descriptor) [pid 5846] close(28) = -1 EBADF (Bad file descriptor) [pid 5846] close(29) = -1 EBADF (Bad file descriptor) [pid 5846] exit_group(0 [pid 5848] <... futex resumed>) = ? [pid 5847] <... futex resumed>) = ? [pid 5846] <... exit_group resumed>) = ? [pid 5848] +++ exited with 0 +++ [pid 5847] +++ exited with 0 +++ [pid 5846] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=776, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./258", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./258", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./258/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./258/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./258/cgroup.cpu") = 0 [pid 5063] umount2("./258/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./258/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./258/binderfs") = 0 [pid 5063] umount2("./258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./258/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./258/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./258/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./258/file0") = 0 [pid 5063] umount2("./258/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./258/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./258/cgroup") = 0 [pid 5063] umount2("./258/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./258/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./258/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./258") = 0 [pid 5063] mkdir("./259", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5849 attached , child_tidptr=0x5555560b8690) = 779 [pid 5849] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5849] chdir("./259") = 0 [pid 5849] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5849] setpgid(0, 0) = 0 [pid 5849] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5849] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5849] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5849] write(3, "1000", 4) = 4 [pid 5849] close(3) = 0 [pid 5849] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5849] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5849] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5849] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5849] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5849] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5849] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5849] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5850 attached => {parent_tid=[780]}, 88) = 780 [pid 5850] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], [pid 5850] set_robust_list(0x7eff0a34a9a0, 24 [pid 5849] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5850] <... set_robust_list resumed>) = 0 [pid 5850] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5849] <... futex resumed>) = 0 [pid 5849] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5850] memfd_create("syzkaller", 0) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5850] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5850] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5850] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5850] close(3) = 0 [pid 5850] mkdir("./file0", 0777) = 0 [pid 5850] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5850] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5850] chdir("./file0") = 0 [pid 5850] ioctl(4, LOOP_CLR_FD) = 0 [pid 5850] close(4) = 0 [pid 5850] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5849] <... futex resumed>) = 0 [pid 5850] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5849] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5849] <... futex resumed>) = 0 [pid 5850] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5849] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5850] <... openat resumed>) = 4 [pid 5850] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5849] <... futex resumed>) = 0 [pid 5849] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5850] <... futex resumed>) = 1 [ 203.856613][ T5850] loop0: detected capacity change from 0 to 4096 [ 203.887346][ T5850] ntfs: volume version 3.1. [pid 5849] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5850] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5849] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5849] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5849] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5849] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5849] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5849] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5851 attached => {parent_tid=[781]}, 88) = 781 [pid 5851] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5849] rt_sigprocmask(SIG_SETMASK, [], [pid 5851] set_robust_list(0x7eff0a3299a0, 24 [pid 5849] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5849] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] rt_sigprocmask(SIG_SETMASK, [], [pid 5849] <... futex resumed>) = 0 [pid 5851] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5849] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5851] creat("./file1", 000) = 5 [pid 5850] <... write resumed>) = 1048064 [pid 5850] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5851] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5850] <... futex resumed>) = 0 [pid 5851] <... futex resumed>) = 1 [pid 5850] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5849] <... futex resumed>) = 0 [pid 5851] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5849] close(3) = 0 [pid 5849] close(4) = 0 [pid 5849] close(5) = 0 [pid 5849] close(6) = -1 EBADF (Bad file descriptor) [pid 5849] close(7) = -1 EBADF (Bad file descriptor) [pid 5849] close(8) = -1 EBADF (Bad file descriptor) [pid 5849] close(9) = -1 EBADF (Bad file descriptor) [pid 5849] close(10) = -1 EBADF (Bad file descriptor) [pid 5849] close(11) = -1 EBADF (Bad file descriptor) [pid 5849] close(12) = -1 EBADF (Bad file descriptor) [pid 5849] close(13) = -1 EBADF (Bad file descriptor) [pid 5849] close(14) = -1 EBADF (Bad file descriptor) [pid 5849] close(15) = -1 EBADF (Bad file descriptor) [pid 5849] close(16) = -1 EBADF (Bad file descriptor) [pid 5849] close(17) = -1 EBADF (Bad file descriptor) [pid 5849] close(18) = -1 EBADF (Bad file descriptor) [pid 5849] close(19) = -1 EBADF (Bad file descriptor) [pid 5849] close(20) = -1 EBADF (Bad file descriptor) [pid 5849] close(21) = -1 EBADF (Bad file descriptor) [pid 5849] close(22) = -1 EBADF (Bad file descriptor) [pid 5849] close(23) = -1 EBADF (Bad file descriptor) [pid 5849] close(24) = -1 EBADF (Bad file descriptor) [pid 5849] close(25) = -1 EBADF (Bad file descriptor) [pid 5849] close(26) = -1 EBADF (Bad file descriptor) [pid 5849] close(27) = -1 EBADF (Bad file descriptor) [pid 5849] close(28) = -1 EBADF (Bad file descriptor) [pid 5849] close(29) = -1 EBADF (Bad file descriptor) [pid 5849] exit_group(0) = ? [pid 5851] <... futex resumed>) = ? [pid 5850] <... futex resumed>) = ? [pid 5851] +++ exited with 0 +++ [pid 5850] +++ exited with 0 +++ [pid 5849] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=779, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./259", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./259", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./259/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./259/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./259/cgroup.cpu") = 0 [pid 5063] umount2("./259/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./259/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./259/binderfs") = 0 [pid 5063] umount2("./259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./259/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./259/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./259/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./259/file0") = 0 [pid 5063] umount2("./259/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./259/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./259/cgroup") = 0 [pid 5063] umount2("./259/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./259/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./259/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./259") = 0 [pid 5063] mkdir("./260", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5852 attached [pid 5852] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 782 [pid 5852] <... set_robust_list resumed>) = 0 [pid 5852] chdir("./260") = 0 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5852] setpgid(0, 0) = 0 [pid 5852] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5852] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5852] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5852] write(3, "1000", 4) = 4 [pid 5852] close(3) = 0 [pid 5852] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5852] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5852] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5852] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5852] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5852] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5853 attached => {parent_tid=[783]}, 88) = 783 [pid 5853] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5852] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5853] <... rseq resumed>) = 0 [pid 5852] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] set_robust_list(0x7eff0a34a9a0, 24 [pid 5852] <... futex resumed>) = 0 [pid 5852] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5853] <... set_robust_list resumed>) = 0 [pid 5853] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5853] memfd_create("syzkaller", 0) = 3 [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5853] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5853] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5853] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5853] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5853] close(3) = 0 [pid 5853] mkdir("./file0", 0777) = 0 [pid 5853] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5853] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5853] chdir("./file0") = 0 [pid 5853] ioctl(4, LOOP_CLR_FD) = 0 [pid 5853] close(4) = 0 [pid 5853] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5852] <... futex resumed>) = 0 [pid 5853] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5852] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5853] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5852] <... futex resumed>) = 0 [ 204.478233][ T5853] loop0: detected capacity change from 0 to 4096 [ 204.499775][ T5853] ntfs: volume version 3.1. [pid 5852] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5853] <... openat resumed>) = 4 [pid 5853] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5852] <... futex resumed>) = 0 [pid 5853] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5852] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5853] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5853] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5852] <... futex resumed>) = 0 [pid 5852] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5852] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5852] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5852] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5852] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5852] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5854 attached [pid 5854] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5852] <... clone3 resumed> => {parent_tid=[784]}, 88) = 784 [pid 5854] <... rseq resumed>) = 0 [pid 5852] rt_sigprocmask(SIG_SETMASK, [], [pid 5854] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5852] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] rt_sigprocmask(SIG_SETMASK, [], [pid 5852] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5854] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5854] creat("./file1", 000 [pid 5852] <... futex resumed>) = 0 [pid 5852] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5854] <... creat resumed>) = 5 [pid 5853] <... write resumed>) = 1048064 [pid 5854] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5854] <... futex resumed>) = 0 [pid 5853] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5852] close(3 [pid 5854] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5853] <... futex resumed>) = 0 [pid 5852] <... close resumed>) = 0 [pid 5853] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5852] close(4) = 0 [pid 5852] close(5) = 0 [pid 5852] close(6) = -1 EBADF (Bad file descriptor) [pid 5852] close(7) = -1 EBADF (Bad file descriptor) [pid 5852] close(8) = -1 EBADF (Bad file descriptor) [pid 5852] close(9) = -1 EBADF (Bad file descriptor) [pid 5852] close(10) = -1 EBADF (Bad file descriptor) [pid 5852] close(11) = -1 EBADF (Bad file descriptor) [pid 5852] close(12) = -1 EBADF (Bad file descriptor) [pid 5852] close(13) = -1 EBADF (Bad file descriptor) [pid 5852] close(14) = -1 EBADF (Bad file descriptor) [pid 5852] close(15) = -1 EBADF (Bad file descriptor) [pid 5852] close(16) = -1 EBADF (Bad file descriptor) [pid 5852] close(17) = -1 EBADF (Bad file descriptor) [pid 5852] close(18) = -1 EBADF (Bad file descriptor) [pid 5852] close(19) = -1 EBADF (Bad file descriptor) [pid 5852] close(20) = -1 EBADF (Bad file descriptor) [pid 5852] close(21) = -1 EBADF (Bad file descriptor) [pid 5852] close(22) = -1 EBADF (Bad file descriptor) [pid 5852] close(23) = -1 EBADF (Bad file descriptor) [pid 5852] close(24) = -1 EBADF (Bad file descriptor) [pid 5852] close(25) = -1 EBADF (Bad file descriptor) [pid 5852] close(26) = -1 EBADF (Bad file descriptor) [pid 5852] close(27) = -1 EBADF (Bad file descriptor) [pid 5852] close(28) = -1 EBADF (Bad file descriptor) [pid 5852] close(29) = -1 EBADF (Bad file descriptor) [pid 5852] exit_group(0) = ? [pid 5854] <... futex resumed>) = ? [pid 5853] <... futex resumed>) = ? [pid 5854] +++ exited with 0 +++ [pid 5853] +++ exited with 0 +++ [pid 5852] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=782, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./260", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./260", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./260/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./260/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./260/cgroup.cpu") = 0 [pid 5063] umount2("./260/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./260/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./260/binderfs") = 0 [pid 5063] umount2("./260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./260/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./260/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./260/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./260/file0") = 0 [pid 5063] umount2("./260/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./260/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./260/cgroup") = 0 [pid 5063] umount2("./260/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./260/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./260/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./260") = 0 [pid 5063] mkdir("./261", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5855 attached [pid 5855] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 785 [pid 5855] chdir("./261") = 0 [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5855] setpgid(0, 0) = 0 [pid 5855] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5855] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5855] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5855] write(3, "1000", 4) = 4 [pid 5855] close(3) = 0 [pid 5855] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5855] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5855] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5855] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5855] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5855] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5855] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5855] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5856 attached => {parent_tid=[786]}, 88) = 786 [pid 5856] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5855] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5855] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5855] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5856] <... rseq resumed>) = 0 [pid 5856] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5856] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5856] memfd_create("syzkaller", 0) = 3 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5856] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5856] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5856] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5856] close(3) = 0 [pid 5856] mkdir("./file0", 0777) = 0 [pid 5856] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5856] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5856] chdir("./file0") = 0 [pid 5856] ioctl(4, LOOP_CLR_FD) = 0 [pid 5856] close(4) = 0 [pid 5856] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5855] <... futex resumed>) = 0 [pid 5855] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5855] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5856] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5856] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5856] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5855] <... futex resumed>) = 0 [pid 5855] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5856] <... futex resumed>) = 0 [pid 5855] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 204.968711][ T5856] loop0: detected capacity change from 0 to 4096 [ 204.993499][ T5856] ntfs: volume version 3.1. [pid 5856] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5855] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5855] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5855] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5855] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5855] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5855] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5857 attached [pid 5857] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5857] set_robust_list(0x7eff0a3299a0, 24 [pid 5855] <... clone3 resumed> => {parent_tid=[787]}, 88) = 787 [pid 5857] <... set_robust_list resumed>) = 0 [pid 5857] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5855] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5855] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5857] creat("./file1", 000 [pid 5855] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5857] <... creat resumed>) = 5 [pid 5857] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5855] <... futex resumed>) = 0 [pid 5857] <... futex resumed>) = 1 [pid 5857] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5856] <... write resumed>) = 1048064 [pid 5856] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5856] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5855] close(3) = 0 [pid 5855] close(4) = 0 [pid 5855] close(5) = 0 [pid 5855] close(6) = -1 EBADF (Bad file descriptor) [pid 5855] close(7) = -1 EBADF (Bad file descriptor) [pid 5855] close(8) = -1 EBADF (Bad file descriptor) [pid 5855] close(9) = -1 EBADF (Bad file descriptor) [pid 5855] close(10) = -1 EBADF (Bad file descriptor) [pid 5855] close(11) = -1 EBADF (Bad file descriptor) [pid 5855] close(12) = -1 EBADF (Bad file descriptor) [pid 5855] close(13) = -1 EBADF (Bad file descriptor) [pid 5855] close(14) = -1 EBADF (Bad file descriptor) [pid 5855] close(15) = -1 EBADF (Bad file descriptor) [pid 5855] close(16) = -1 EBADF (Bad file descriptor) [pid 5855] close(17) = -1 EBADF (Bad file descriptor) [pid 5855] close(18) = -1 EBADF (Bad file descriptor) [pid 5855] close(19) = -1 EBADF (Bad file descriptor) [pid 5855] close(20) = -1 EBADF (Bad file descriptor) [pid 5855] close(21) = -1 EBADF (Bad file descriptor) [pid 5855] close(22) = -1 EBADF (Bad file descriptor) [pid 5855] close(23) = -1 EBADF (Bad file descriptor) [pid 5855] close(24) = -1 EBADF (Bad file descriptor) [pid 5855] close(25) = -1 EBADF (Bad file descriptor) [pid 5855] close(26) = -1 EBADF (Bad file descriptor) [pid 5855] close(27) = -1 EBADF (Bad file descriptor) [pid 5855] close(28) = -1 EBADF (Bad file descriptor) [pid 5855] close(29) = -1 EBADF (Bad file descriptor) [pid 5855] exit_group(0 [pid 5856] <... futex resumed>) = ? [pid 5855] <... exit_group resumed>) = ? [pid 5857] <... futex resumed>) = ? [pid 5856] +++ exited with 0 +++ [pid 5857] +++ exited with 0 +++ [pid 5855] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=785, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./261", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./261", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./261/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./261/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./261/cgroup.cpu") = 0 [pid 5063] umount2("./261/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./261/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./261/binderfs") = 0 [pid 5063] umount2("./261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./261/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./261/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./261/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./261/file0") = 0 [pid 5063] umount2("./261/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./261/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./261/cgroup") = 0 [pid 5063] umount2("./261/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./261/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./261/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./261") = 0 [pid 5063] mkdir("./262", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5858 attached , child_tidptr=0x5555560b8690) = 788 [pid 5858] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5858] chdir("./262") = 0 [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5858] setpgid(0, 0) = 0 [pid 5858] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5858] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5858] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5858] write(3, "1000", 4) = 4 [pid 5858] close(3) = 0 [pid 5858] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5858] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5858] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5858] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5858] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5858] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5858] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5858] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5859 attached => {parent_tid=[789]}, 88) = 789 [pid 5859] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5859] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5859] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5859] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5858] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5858] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5859] <... futex resumed>) = 0 [pid 5859] memfd_create("syzkaller", 0 [pid 5858] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5859] <... memfd_create resumed>) = 3 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5859] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5859] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5859] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5859] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5859] close(3) = 0 [pid 5859] mkdir("./file0", 0777) = 0 [pid 5859] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5859] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5859] chdir("./file0") = 0 [pid 5859] ioctl(4, LOOP_CLR_FD) = 0 [pid 5859] close(4) = 0 [pid 5859] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5858] <... futex resumed>) = 0 [ 205.500795][ T5859] loop0: detected capacity change from 0 to 4096 [ 205.525825][ T5859] ntfs: volume version 3.1. [pid 5858] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5859] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5858] <... futex resumed>) = 0 [pid 5858] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5859] <... openat resumed>) = 4 [pid 5859] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5859] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5858] <... futex resumed>) = 0 [pid 5858] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5858] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5859] <... futex resumed>) = 0 [pid 5859] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5858] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5858] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5858] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5858] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5858] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5858] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5860 attached [pid 5860] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5858] <... clone3 resumed> => {parent_tid=[790]}, 88) = 790 [pid 5860] <... rseq resumed>) = 0 [pid 5858] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5860] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5858] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5860] rt_sigprocmask(SIG_SETMASK, [], [pid 5858] <... futex resumed>) = 0 [pid 5860] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5858] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5860] creat("./file1", 000) = 5 [pid 5859] <... write resumed>) = 1048064 [pid 5860] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5859] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5860] <... futex resumed>) = 1 [pid 5858] <... futex resumed>) = 0 [pid 5860] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5859] <... futex resumed>) = 0 [pid 5859] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5858] close(3) = 0 [pid 5858] close(4) = 0 [pid 5858] close(5) = 0 [pid 5858] close(6) = -1 EBADF (Bad file descriptor) [pid 5858] close(7) = -1 EBADF (Bad file descriptor) [pid 5858] close(8) = -1 EBADF (Bad file descriptor) [pid 5858] close(9) = -1 EBADF (Bad file descriptor) [pid 5858] close(10) = -1 EBADF (Bad file descriptor) [pid 5858] close(11) = -1 EBADF (Bad file descriptor) [pid 5858] close(12) = -1 EBADF (Bad file descriptor) [pid 5858] close(13) = -1 EBADF (Bad file descriptor) [pid 5858] close(14) = -1 EBADF (Bad file descriptor) [pid 5858] close(15) = -1 EBADF (Bad file descriptor) [pid 5858] close(16) = -1 EBADF (Bad file descriptor) [pid 5858] close(17) = -1 EBADF (Bad file descriptor) [pid 5858] close(18) = -1 EBADF (Bad file descriptor) [pid 5858] close(19) = -1 EBADF (Bad file descriptor) [pid 5858] close(20) = -1 EBADF (Bad file descriptor) [pid 5858] close(21) = -1 EBADF (Bad file descriptor) [pid 5858] close(22) = -1 EBADF (Bad file descriptor) [pid 5858] close(23) = -1 EBADF (Bad file descriptor) [pid 5858] close(24) = -1 EBADF (Bad file descriptor) [pid 5858] close(25) = -1 EBADF (Bad file descriptor) [pid 5858] close(26) = -1 EBADF (Bad file descriptor) [pid 5858] close(27) = -1 EBADF (Bad file descriptor) [pid 5858] close(28) = -1 EBADF (Bad file descriptor) [pid 5858] close(29) = -1 EBADF (Bad file descriptor) [pid 5858] exit_group(0 [pid 5860] <... futex resumed>) = ? [pid 5859] <... futex resumed>) = ? [pid 5858] <... exit_group resumed>) = ? [pid 5860] +++ exited with 0 +++ [pid 5859] +++ exited with 0 +++ [pid 5858] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=788, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./262", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./262", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./262/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./262/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./262/cgroup.cpu") = 0 [pid 5063] umount2("./262/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./262/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./262/binderfs") = 0 [pid 5063] umount2("./262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./262/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./262/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./262/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./262/file0") = 0 [pid 5063] umount2("./262/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./262/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./262/cgroup") = 0 [pid 5063] umount2("./262/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./262/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./262/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./262") = 0 [pid 5063] mkdir("./263", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 791 ./strace-static-x86_64: Process 5861 attached [pid 5861] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5861] chdir("./263") = 0 [pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5861] setpgid(0, 0) = 0 [pid 5861] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5861] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5861] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5861] write(3, "1000", 4) = 4 [pid 5861] close(3) = 0 [pid 5861] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5861] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5861] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5861] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5861] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5861] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5861] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5861] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5862 attached [pid 5862] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5861] <... clone3 resumed> => {parent_tid=[792]}, 88) = 792 [pid 5862] set_robust_list(0x7eff0a34a9a0, 24 [pid 5861] rt_sigprocmask(SIG_SETMASK, [], [pid 5862] <... set_robust_list resumed>) = 0 [pid 5862] rt_sigprocmask(SIG_SETMASK, [], [pid 5861] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5862] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5861] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5861] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5862] memfd_create("syzkaller", 0) = 3 [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5862] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5862] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5862] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5862] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5862] close(3) = 0 [pid 5862] mkdir("./file0", 0777) = 0 [pid 5862] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5862] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5862] chdir("./file0") = 0 [pid 5862] ioctl(4, LOOP_CLR_FD) = 0 [pid 5862] close(4) = 0 [pid 5862] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5862] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5861] <... futex resumed>) = 0 [pid 5861] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5862] <... futex resumed>) = 0 [pid 5861] <... futex resumed>) = 1 [pid 5862] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5861] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5862] <... openat resumed>) = 4 [pid 5862] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5861] <... futex resumed>) = 0 [pid 5862] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5861] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5862] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5861] <... futex resumed>) = 0 [pid 5862] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 206.116415][ T5862] loop0: detected capacity change from 0 to 4096 [ 206.140967][ T5862] ntfs: volume version 3.1. [pid 5861] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5861] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5861] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5861] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5861] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5861] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5863 attached [pid 5863] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5861] <... clone3 resumed> => {parent_tid=[793]}, 88) = 793 [pid 5863] <... rseq resumed>) = 0 [pid 5861] rt_sigprocmask(SIG_SETMASK, [], [pid 5863] set_robust_list(0x7eff0a3299a0, 24 [pid 5861] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5861] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5863] <... set_robust_list resumed>) = 0 [pid 5862] <... write resumed>) = 1048064 [pid 5861] <... futex resumed>) = 0 [pid 5863] rt_sigprocmask(SIG_SETMASK, [], [pid 5862] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5861] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5863] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5862] <... futex resumed>) = 0 [pid 5863] creat("./file1", 000 [pid 5862] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5863] <... creat resumed>) = 5 [pid 5863] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5861] <... futex resumed>) = 0 [pid 5863] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5861] close(3) = 0 [pid 5861] close(4) = 0 [pid 5861] close(5) = 0 [pid 5861] close(6) = -1 EBADF (Bad file descriptor) [pid 5861] close(7) = -1 EBADF (Bad file descriptor) [pid 5861] close(8) = -1 EBADF (Bad file descriptor) [pid 5861] close(9) = -1 EBADF (Bad file descriptor) [pid 5861] close(10) = -1 EBADF (Bad file descriptor) [pid 5861] close(11) = -1 EBADF (Bad file descriptor) [pid 5861] close(12) = -1 EBADF (Bad file descriptor) [pid 5861] close(13) = -1 EBADF (Bad file descriptor) [pid 5861] close(14) = -1 EBADF (Bad file descriptor) [pid 5861] close(15) = -1 EBADF (Bad file descriptor) [pid 5861] close(16) = -1 EBADF (Bad file descriptor) [pid 5861] close(17) = -1 EBADF (Bad file descriptor) [pid 5861] close(18) = -1 EBADF (Bad file descriptor) [pid 5861] close(19) = -1 EBADF (Bad file descriptor) [pid 5861] close(20) = -1 EBADF (Bad file descriptor) [pid 5861] close(21) = -1 EBADF (Bad file descriptor) [pid 5861] close(22) = -1 EBADF (Bad file descriptor) [pid 5861] close(23) = -1 EBADF (Bad file descriptor) [pid 5861] close(24) = -1 EBADF (Bad file descriptor) [pid 5861] close(25) = -1 EBADF (Bad file descriptor) [pid 5861] close(26) = -1 EBADF (Bad file descriptor) [pid 5861] close(27) = -1 EBADF (Bad file descriptor) [pid 5861] close(28) = -1 EBADF (Bad file descriptor) [pid 5861] close(29) = -1 EBADF (Bad file descriptor) [pid 5861] exit_group(0 [pid 5863] <... futex resumed>) = ? [pid 5862] <... futex resumed>) = ? [pid 5861] <... exit_group resumed>) = ? [pid 5863] +++ exited with 0 +++ [pid 5862] +++ exited with 0 +++ [pid 5861] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=791, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./263", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./263", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./263/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./263/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./263/cgroup.cpu") = 0 [pid 5063] umount2("./263/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./263/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./263/binderfs") = 0 [pid 5063] umount2("./263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./263/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./263/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./263/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./263/file0") = 0 [pid 5063] umount2("./263/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./263/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./263/cgroup") = 0 [pid 5063] umount2("./263/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./263/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./263/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./263") = 0 [pid 5063] mkdir("./264", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5864 attached [pid 5864] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 794 [pid 5864] <... set_robust_list resumed>) = 0 [pid 5864] chdir("./264") = 0 [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5864] setpgid(0, 0) = 0 [pid 5864] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5864] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5864] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5864] write(3, "1000", 4) = 4 [pid 5864] close(3) = 0 [pid 5864] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5864] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5864] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5864] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5864] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5864] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5864] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5864] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5865 attached => {parent_tid=[795]}, 88) = 795 [pid 5865] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5864] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5864] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5864] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5865] <... rseq resumed>) = 0 [pid 5865] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5865] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5865] memfd_create("syzkaller", 0) = 3 [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5865] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5865] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5865] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5865] close(3) = 0 [pid 5865] mkdir("./file0", 0777) = 0 [ 206.623173][ T5865] loop0: detected capacity change from 0 to 4096 [ 206.647825][ T5865] __ntfs_warning: 170 callbacks suppressed [ 206.647837][ T5865] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 206.674605][ T5865] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 206.684240][ T5865] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 206.700017][ T5865] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 206.709207][ T5865] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 206.729144][ T5865] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 206.737852][ T5865] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 206.757979][ T5865] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5865] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5865] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5865] chdir("./file0") = 0 [pid 5865] ioctl(4, LOOP_CLR_FD) = 0 [pid 5865] close(4) = 0 [pid 5865] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5864] <... futex resumed>) = 0 [pid 5865] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5864] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5865] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5864] <... futex resumed>) = 0 [pid 5865] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5864] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5865] <... openat resumed>) = 4 [pid 5865] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5864] <... futex resumed>) = 0 [pid 5865] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5864] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 206.766704][ T5865] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 206.786696][ T5865] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 206.797391][ T5865] ntfs: volume version 3.1. [pid 5864] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5864] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5864] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5864] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5864] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5864] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5866 attached [pid 5866] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5864] <... clone3 resumed> => {parent_tid=[796]}, 88) = 796 [pid 5866] <... rseq resumed>) = 0 [pid 5866] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5866] rt_sigprocmask(SIG_SETMASK, [], [pid 5864] rt_sigprocmask(SIG_SETMASK, [], [pid 5866] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5864] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5866] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5864] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5866] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5864] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5866] creat("./file1", 000) = 5 [pid 5866] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5865] <... write resumed>) = 1048064 [pid 5866] <... futex resumed>) = 1 [pid 5865] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5864] <... futex resumed>) = 0 [pid 5866] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5864] close(3) = 0 [pid 5865] <... futex resumed>) = 0 [pid 5864] close(4 [pid 5865] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5864] <... close resumed>) = 0 [pid 5864] close(5) = 0 [pid 5864] close(6) = -1 EBADF (Bad file descriptor) [pid 5864] close(7) = -1 EBADF (Bad file descriptor) [pid 5864] close(8) = -1 EBADF (Bad file descriptor) [pid 5864] close(9) = -1 EBADF (Bad file descriptor) [pid 5864] close(10) = -1 EBADF (Bad file descriptor) [pid 5864] close(11) = -1 EBADF (Bad file descriptor) [pid 5864] close(12) = -1 EBADF (Bad file descriptor) [pid 5864] close(13) = -1 EBADF (Bad file descriptor) [pid 5864] close(14) = -1 EBADF (Bad file descriptor) [pid 5864] close(15) = -1 EBADF (Bad file descriptor) [pid 5864] close(16) = -1 EBADF (Bad file descriptor) [pid 5864] close(17) = -1 EBADF (Bad file descriptor) [pid 5864] close(18) = -1 EBADF (Bad file descriptor) [pid 5864] close(19) = -1 EBADF (Bad file descriptor) [pid 5864] close(20) = -1 EBADF (Bad file descriptor) [pid 5864] close(21) = -1 EBADF (Bad file descriptor) [pid 5864] close(22) = -1 EBADF (Bad file descriptor) [pid 5864] close(23) = -1 EBADF (Bad file descriptor) [pid 5864] close(24) = -1 EBADF (Bad file descriptor) [pid 5864] close(25) = -1 EBADF (Bad file descriptor) [pid 5864] close(26) = -1 EBADF (Bad file descriptor) [pid 5864] close(27) = -1 EBADF (Bad file descriptor) [pid 5864] close(28) = -1 EBADF (Bad file descriptor) [pid 5864] close(29) = -1 EBADF (Bad file descriptor) [pid 5864] exit_group(0) = ? [pid 5866] <... futex resumed>) = ? [pid 5865] <... futex resumed>) = ? [pid 5865] +++ exited with 0 +++ [pid 5866] +++ exited with 0 +++ [pid 5864] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=794, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./264", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./264", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./264/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./264/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./264/cgroup.cpu") = 0 [pid 5063] umount2("./264/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./264/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./264/binderfs") = 0 [pid 5063] umount2("./264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./264/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./264/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./264/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./264/file0") = 0 [pid 5063] umount2("./264/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./264/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./264/cgroup") = 0 [pid 5063] umount2("./264/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./264/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./264/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./264") = 0 [pid 5063] mkdir("./265", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5867 attached , child_tidptr=0x5555560b8690) = 797 [pid 5867] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5867] chdir("./265") = 0 [pid 5867] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5867] setpgid(0, 0) = 0 [pid 5867] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5867] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5867] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5867] write(3, "1000", 4) = 4 [pid 5867] close(3) = 0 [pid 5867] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5867] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5867] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5867] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5867] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5867] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5867] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5867] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5868 attached => {parent_tid=[798]}, 88) = 798 [pid 5868] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5867] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5867] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5867] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5868] <... rseq resumed>) = 0 [pid 5868] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5868] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5868] memfd_create("syzkaller", 0) = 3 [pid 5868] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5868] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5868] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5868] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5868] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5868] close(3) = 0 [pid 5868] mkdir("./file0", 0777) = 0 [pid 5868] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5868] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5868] chdir("./file0") = 0 [pid 5868] ioctl(4, LOOP_CLR_FD) = 0 [pid 5868] close(4) = 0 [pid 5868] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5868] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5867] <... futex resumed>) = 0 [pid 5867] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5868] <... futex resumed>) = 0 [pid 5867] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 207.342183][ T5868] loop0: detected capacity change from 0 to 4096 [ 207.366293][ T5868] ntfs: volume version 3.1. [pid 5868] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5868] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5867] <... futex resumed>) = 0 [pid 5868] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5867] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5868] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5867] <... futex resumed>) = 0 [pid 5868] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5867] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5867] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5867] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5867] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5867] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5867] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5869 attached [pid 5869] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5869] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5869] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5867] <... clone3 resumed> => {parent_tid=[799]}, 88) = 799 [pid 5869] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5867] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5867] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5869] <... futex resumed>) = 0 [pid 5869] creat("./file1", 000 [pid 5867] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5869] <... creat resumed>) = 5 [pid 5868] <... write resumed>) = 1048064 [pid 5869] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5868] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5869] <... futex resumed>) = 1 [pid 5867] <... futex resumed>) = 0 [pid 5869] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5868] <... futex resumed>) = 0 [pid 5867] close(3 [pid 5868] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5867] <... close resumed>) = 0 [pid 5867] close(4) = 0 [pid 5867] close(5) = 0 [pid 5867] close(6) = -1 EBADF (Bad file descriptor) [pid 5867] close(7) = -1 EBADF (Bad file descriptor) [pid 5867] close(8) = -1 EBADF (Bad file descriptor) [pid 5867] close(9) = -1 EBADF (Bad file descriptor) [pid 5867] close(10) = -1 EBADF (Bad file descriptor) [pid 5867] close(11) = -1 EBADF (Bad file descriptor) [pid 5867] close(12) = -1 EBADF (Bad file descriptor) [pid 5867] close(13) = -1 EBADF (Bad file descriptor) [pid 5867] close(14) = -1 EBADF (Bad file descriptor) [pid 5867] close(15) = -1 EBADF (Bad file descriptor) [pid 5867] close(16) = -1 EBADF (Bad file descriptor) [pid 5867] close(17) = -1 EBADF (Bad file descriptor) [pid 5867] close(18) = -1 EBADF (Bad file descriptor) [pid 5867] close(19) = -1 EBADF (Bad file descriptor) [pid 5867] close(20) = -1 EBADF (Bad file descriptor) [pid 5867] close(21) = -1 EBADF (Bad file descriptor) [pid 5867] close(22) = -1 EBADF (Bad file descriptor) [pid 5867] close(23) = -1 EBADF (Bad file descriptor) [pid 5867] close(24) = -1 EBADF (Bad file descriptor) [pid 5867] close(25) = -1 EBADF (Bad file descriptor) [pid 5867] close(26) = -1 EBADF (Bad file descriptor) [pid 5867] close(27) = -1 EBADF (Bad file descriptor) [pid 5867] close(28) = -1 EBADF (Bad file descriptor) [pid 5867] close(29) = -1 EBADF (Bad file descriptor) [pid 5867] exit_group(0) = ? [pid 5869] <... futex resumed>) = ? [pid 5868] <... futex resumed>) = ? [pid 5869] +++ exited with 0 +++ [pid 5868] +++ exited with 0 +++ [pid 5867] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=797, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./265", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./265", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./265/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./265/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./265/cgroup.cpu") = 0 [pid 5063] umount2("./265/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./265/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./265/binderfs") = 0 [pid 5063] umount2("./265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./265/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./265/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./265/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./265/file0") = 0 [pid 5063] umount2("./265/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./265/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./265/cgroup") = 0 [pid 5063] umount2("./265/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./265/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./265/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./265") = 0 [pid 5063] mkdir("./266", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5870 attached , child_tidptr=0x5555560b8690) = 800 [pid 5870] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5870] chdir("./266") = 0 [pid 5870] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5870] setpgid(0, 0) = 0 [pid 5870] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5870] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5870] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5870] write(3, "1000", 4) = 4 [pid 5870] close(3) = 0 [pid 5870] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5870] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5870] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5870] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5870] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5870] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5870] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5870] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5871 attached => {parent_tid=[801]}, 88) = 801 [pid 5871] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5870] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5870] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5870] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5871] <... rseq resumed>) = 0 [pid 5871] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5871] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5871] memfd_create("syzkaller", 0) = 3 [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5871] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5871] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5871] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5871] close(3) = 0 [pid 5871] mkdir("./file0", 0777) = 0 [pid 5871] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5871] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5871] chdir("./file0") = 0 [pid 5871] ioctl(4, LOOP_CLR_FD) = 0 [pid 5871] close(4) = 0 [ 207.953056][ T5871] loop0: detected capacity change from 0 to 4096 [ 207.967587][ T5871] ntfs: volume version 3.1. [pid 5871] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5870] <... futex resumed>) = 0 [pid 5871] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5870] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5871] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5870] <... futex resumed>) = 0 [pid 5871] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5870] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5871] <... openat resumed>) = 4 [pid 5871] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5870] <... futex resumed>) = 0 [pid 5871] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5870] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5871] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5870] <... futex resumed>) = 0 [pid 5871] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5870] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5870] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5870] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5870] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5870] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5870] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5872 attached [pid 5872] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5870] <... clone3 resumed> => {parent_tid=[802]}, 88) = 802 [pid 5872] set_robust_list(0x7eff0a3299a0, 24 [pid 5870] rt_sigprocmask(SIG_SETMASK, [], [pid 5872] <... set_robust_list resumed>) = 0 [pid 5872] rt_sigprocmask(SIG_SETMASK, [], [pid 5870] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5872] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5870] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5872] creat("./file1", 000 [pid 5870] <... futex resumed>) = 0 [pid 5870] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5872] <... creat resumed>) = 5 [pid 5871] <... write resumed>) = 1048064 [pid 5872] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5870] <... futex resumed>) = 0 [pid 5872] <... futex resumed>) = 1 [pid 5872] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5871] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5870] close(3 [pid 5871] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5870] <... close resumed>) = 0 [pid 5870] close(4) = 0 [pid 5870] close(5) = 0 [pid 5870] close(6) = -1 EBADF (Bad file descriptor) [pid 5870] close(7) = -1 EBADF (Bad file descriptor) [pid 5870] close(8) = -1 EBADF (Bad file descriptor) [pid 5870] close(9) = -1 EBADF (Bad file descriptor) [pid 5870] close(10) = -1 EBADF (Bad file descriptor) [pid 5870] close(11) = -1 EBADF (Bad file descriptor) [pid 5870] close(12) = -1 EBADF (Bad file descriptor) [pid 5870] close(13) = -1 EBADF (Bad file descriptor) [pid 5870] close(14) = -1 EBADF (Bad file descriptor) [pid 5870] close(15) = -1 EBADF (Bad file descriptor) [pid 5870] close(16) = -1 EBADF (Bad file descriptor) [pid 5870] close(17) = -1 EBADF (Bad file descriptor) [pid 5870] close(18) = -1 EBADF (Bad file descriptor) [pid 5870] close(19) = -1 EBADF (Bad file descriptor) [pid 5870] close(20) = -1 EBADF (Bad file descriptor) [pid 5870] close(21) = -1 EBADF (Bad file descriptor) [pid 5870] close(22) = -1 EBADF (Bad file descriptor) [pid 5870] close(23) = -1 EBADF (Bad file descriptor) [pid 5870] close(24) = -1 EBADF (Bad file descriptor) [pid 5870] close(25) = -1 EBADF (Bad file descriptor) [pid 5870] close(26) = -1 EBADF (Bad file descriptor) [pid 5870] close(27) = -1 EBADF (Bad file descriptor) [pid 5870] close(28) = -1 EBADF (Bad file descriptor) [pid 5870] close(29) = -1 EBADF (Bad file descriptor) [pid 5870] exit_group(0) = ? [pid 5872] <... futex resumed>) = ? [pid 5871] <... futex resumed>) = ? [pid 5872] +++ exited with 0 +++ [pid 5871] +++ exited with 0 +++ [pid 5870] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=800, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./266", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./266", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./266/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./266/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./266/cgroup.cpu") = 0 [pid 5063] umount2("./266/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./266/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./266/binderfs") = 0 [pid 5063] umount2("./266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./266/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./266/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./266/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./266/file0") = 0 [pid 5063] umount2("./266/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./266/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./266/cgroup") = 0 [pid 5063] umount2("./266/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./266/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./266/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./266") = 0 [pid 5063] mkdir("./267", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5873 attached [pid 5873] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 803 [pid 5873] <... set_robust_list resumed>) = 0 [pid 5873] chdir("./267") = 0 [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5873] setpgid(0, 0) = 0 [pid 5873] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5873] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5873] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5873] write(3, "1000", 4) = 4 [pid 5873] close(3) = 0 [pid 5873] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5873] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5873] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5873] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5873] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5873] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5873] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5873] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5874 attached => {parent_tid=[804]}, 88) = 804 [pid 5874] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5873] rt_sigprocmask(SIG_SETMASK, [], [pid 5874] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5874] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5874] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5873] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5873] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5873] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5874] <... futex resumed>) = 0 [pid 5874] memfd_create("syzkaller", 0) = 3 [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5874] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5874] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5874] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5874] close(3) = 0 [pid 5874] mkdir("./file0", 0777) = 0 [pid 5874] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5874] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5874] chdir("./file0") = 0 [pid 5874] ioctl(4, LOOP_CLR_FD) = 0 [ 208.481455][ T5874] loop0: detected capacity change from 0 to 4096 [ 208.497122][ T5874] ntfs: volume version 3.1. [pid 5874] close(4) = 0 [pid 5874] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5874] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5873] <... futex resumed>) = 0 [pid 5873] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5874] <... futex resumed>) = 0 [pid 5873] <... futex resumed>) = 1 [pid 5874] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5873] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5874] <... openat resumed>) = 4 [pid 5874] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5873] <... futex resumed>) = 0 [pid 5874] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5873] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5874] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5873] <... futex resumed>) = 0 [pid 5874] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5873] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5873] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5873] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5873] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5873] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5873] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5875 attached => {parent_tid=[805]}, 88) = 805 [pid 5875] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5873] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5875] <... rseq resumed>) = 0 [pid 5873] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5875] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5873] <... futex resumed>) = 0 [pid 5875] rt_sigprocmask(SIG_SETMASK, [], [pid 5873] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5875] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5875] creat("./file1", 000) = 5 [pid 5874] <... write resumed>) = 1048064 [pid 5875] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5873] <... futex resumed>) = 0 [pid 5875] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5874] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5874] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5873] close(3) = 0 [pid 5873] close(4) = 0 [pid 5873] close(5) = 0 [pid 5873] close(6) = -1 EBADF (Bad file descriptor) [pid 5873] close(7) = -1 EBADF (Bad file descriptor) [pid 5873] close(8) = -1 EBADF (Bad file descriptor) [pid 5873] close(9) = -1 EBADF (Bad file descriptor) [pid 5873] close(10) = -1 EBADF (Bad file descriptor) [pid 5873] close(11) = -1 EBADF (Bad file descriptor) [pid 5873] close(12) = -1 EBADF (Bad file descriptor) [pid 5873] close(13) = -1 EBADF (Bad file descriptor) [pid 5873] close(14) = -1 EBADF (Bad file descriptor) [pid 5873] close(15) = -1 EBADF (Bad file descriptor) [pid 5873] close(16) = -1 EBADF (Bad file descriptor) [pid 5873] close(17) = -1 EBADF (Bad file descriptor) [pid 5873] close(18) = -1 EBADF (Bad file descriptor) [pid 5873] close(19) = -1 EBADF (Bad file descriptor) [pid 5873] close(20) = -1 EBADF (Bad file descriptor) [pid 5873] close(21) = -1 EBADF (Bad file descriptor) [pid 5873] close(22) = -1 EBADF (Bad file descriptor) [pid 5873] close(23) = -1 EBADF (Bad file descriptor) [pid 5873] close(24) = -1 EBADF (Bad file descriptor) [pid 5873] close(25) = -1 EBADF (Bad file descriptor) [pid 5873] close(26) = -1 EBADF (Bad file descriptor) [pid 5873] close(27) = -1 EBADF (Bad file descriptor) [pid 5873] close(28) = -1 EBADF (Bad file descriptor) [pid 5873] close(29) = -1 EBADF (Bad file descriptor) [pid 5873] exit_group(0 [pid 5874] <... futex resumed>) = ? [pid 5873] <... exit_group resumed>) = ? [pid 5875] <... futex resumed>) = ? [pid 5874] +++ exited with 0 +++ [pid 5875] +++ exited with 0 +++ [pid 5873] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=803, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./267", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./267", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./267/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./267/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./267/cgroup.cpu") = 0 [pid 5063] umount2("./267/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./267/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./267/binderfs") = 0 [pid 5063] umount2("./267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./267/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./267/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./267/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./267/file0") = 0 [pid 5063] umount2("./267/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./267/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./267/cgroup") = 0 [pid 5063] umount2("./267/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./267/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./267/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./267") = 0 [pid 5063] mkdir("./268", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5876 attached [pid 5876] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 806 [pid 5876] <... set_robust_list resumed>) = 0 [pid 5876] chdir("./268") = 0 [pid 5876] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5876] setpgid(0, 0) = 0 [pid 5876] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5876] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5876] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5876] write(3, "1000", 4) = 4 [pid 5876] close(3) = 0 [pid 5876] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5876] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5876] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5876] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5876] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5876] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5876] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5877 attached => {parent_tid=[807]}, 88) = 807 [pid 5877] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5876] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5876] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5876] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5877] <... rseq resumed>) = 0 [pid 5877] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5877] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5877] memfd_create("syzkaller", 0) = 3 [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5877] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5877] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5877] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5877] close(3) = 0 [pid 5877] mkdir("./file0", 0777) = 0 [pid 5877] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5877] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5877] chdir("./file0") = 0 [pid 5877] ioctl(4, LOOP_CLR_FD) = 0 [pid 5877] close(4) = 0 [pid 5877] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5877] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5876] <... futex resumed>) = 0 [pid 5876] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5877] <... futex resumed>) = 0 [ 209.097359][ T5877] loop0: detected capacity change from 0 to 4096 [ 209.135085][ T5877] ntfs: volume version 3.1. [pid 5876] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5877] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5877] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5876] <... futex resumed>) = 0 [pid 5877] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5876] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5877] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5876] <... futex resumed>) = 0 [pid 5877] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5876] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5876] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5876] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5876] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5876] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5876] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5878 attached [pid 5878] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5876] <... clone3 resumed> => {parent_tid=[808]}, 88) = 808 [pid 5878] <... rseq resumed>) = 0 [pid 5876] rt_sigprocmask(SIG_SETMASK, [], [pid 5878] set_robust_list(0x7eff0a3299a0, 24 [pid 5877] <... write resumed>) = 1048064 [pid 5876] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5878] <... set_robust_list resumed>) = 0 [pid 5877] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5876] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5878] rt_sigprocmask(SIG_SETMASK, [], [pid 5877] <... futex resumed>) = 0 [pid 5876] <... futex resumed>) = 0 [pid 5878] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5877] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5876] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5878] creat("./file1", 000) = 5 [pid 5878] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5876] <... futex resumed>) = 0 [pid 5878] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5876] close(3) = 0 [pid 5876] close(4) = 0 [pid 5876] close(5) = 0 [pid 5876] close(6) = -1 EBADF (Bad file descriptor) [pid 5876] close(7) = -1 EBADF (Bad file descriptor) [pid 5876] close(8) = -1 EBADF (Bad file descriptor) [pid 5876] close(9) = -1 EBADF (Bad file descriptor) [pid 5876] close(10) = -1 EBADF (Bad file descriptor) [pid 5876] close(11) = -1 EBADF (Bad file descriptor) [pid 5876] close(12) = -1 EBADF (Bad file descriptor) [pid 5876] close(13) = -1 EBADF (Bad file descriptor) [pid 5876] close(14) = -1 EBADF (Bad file descriptor) [pid 5876] close(15) = -1 EBADF (Bad file descriptor) [pid 5876] close(16) = -1 EBADF (Bad file descriptor) [pid 5876] close(17) = -1 EBADF (Bad file descriptor) [pid 5876] close(18) = -1 EBADF (Bad file descriptor) [pid 5876] close(19) = -1 EBADF (Bad file descriptor) [pid 5876] close(20) = -1 EBADF (Bad file descriptor) [pid 5876] close(21) = -1 EBADF (Bad file descriptor) [pid 5876] close(22) = -1 EBADF (Bad file descriptor) [pid 5876] close(23) = -1 EBADF (Bad file descriptor) [pid 5876] close(24) = -1 EBADF (Bad file descriptor) [pid 5876] close(25) = -1 EBADF (Bad file descriptor) [pid 5876] close(26) = -1 EBADF (Bad file descriptor) [pid 5876] close(27) = -1 EBADF (Bad file descriptor) [pid 5876] close(28) = -1 EBADF (Bad file descriptor) [pid 5876] close(29) = -1 EBADF (Bad file descriptor) [pid 5876] exit_group(0) = ? [pid 5878] <... futex resumed>) = ? [pid 5877] <... futex resumed>) = ? [pid 5877] +++ exited with 0 +++ [pid 5878] +++ exited with 0 +++ [pid 5876] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=806, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./268", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./268", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./268/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./268/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./268/cgroup.cpu") = 0 [pid 5063] umount2("./268/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./268/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./268/binderfs") = 0 [pid 5063] umount2("./268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./268/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./268/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./268/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./268/file0") = 0 [pid 5063] umount2("./268/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./268/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./268/cgroup") = 0 [pid 5063] umount2("./268/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./268/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./268/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./268") = 0 [pid 5063] mkdir("./269", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 809 ./strace-static-x86_64: Process 5879 attached [pid 5879] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5879] chdir("./269") = 0 [pid 5879] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5879] setpgid(0, 0) = 0 [pid 5879] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5879] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5879] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5879] write(3, "1000", 4) = 4 [pid 5879] close(3) = 0 [pid 5879] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5879] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5879] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5879] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5879] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5879] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5879] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5879] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5880 attached => {parent_tid=[810]}, 88) = 810 [pid 5880] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5879] rt_sigprocmask(SIG_SETMASK, [], [pid 5880] <... rseq resumed>) = 0 [pid 5879] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5880] set_robust_list(0x7eff0a34a9a0, 24 [pid 5879] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5880] <... set_robust_list resumed>) = 0 [pid 5879] <... futex resumed>) = 0 [pid 5880] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5879] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5880] memfd_create("syzkaller", 0) = 3 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5880] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5880] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5880] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5880] close(3) = 0 [pid 5880] mkdir("./file0", 0777) = 0 [pid 5880] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5880] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5880] chdir("./file0") = 0 [pid 5880] ioctl(4, LOOP_CLR_FD) = 0 [pid 5880] close(4) = 0 [pid 5880] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5879] <... futex resumed>) = 0 [pid 5880] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5879] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5880] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5879] <... futex resumed>) = 0 [pid 5879] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5880] <... openat resumed>) = 4 [ 209.651152][ T5880] loop0: detected capacity change from 0 to 4096 [ 209.666940][ T5880] ntfs: volume version 3.1. [pid 5880] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5879] <... futex resumed>) = 0 [pid 5880] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5879] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5880] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5879] <... futex resumed>) = 0 [pid 5880] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5879] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5879] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5879] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5879] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5879] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5879] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5879] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5881 attached => {parent_tid=[811]}, 88) = 811 [pid 5881] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5880] <... write resumed>) = 1048064 [pid 5879] rt_sigprocmask(SIG_SETMASK, [], [pid 5881] set_robust_list(0x7eff0a3299a0, 24 [pid 5880] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5879] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5881] <... set_robust_list resumed>) = 0 [pid 5880] <... futex resumed>) = 0 [pid 5881] rt_sigprocmask(SIG_SETMASK, [], [pid 5880] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5879] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5881] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5881] creat("./file1", 000 [pid 5879] <... futex resumed>) = 0 [pid 5879] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5881] <... creat resumed>) = 5 [pid 5881] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5881] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5879] <... futex resumed>) = 0 [pid 5879] close(3) = 0 [pid 5879] close(4) = 0 [pid 5879] close(5) = 0 [pid 5879] close(6) = -1 EBADF (Bad file descriptor) [pid 5879] close(7) = -1 EBADF (Bad file descriptor) [pid 5879] close(8) = -1 EBADF (Bad file descriptor) [pid 5879] close(9) = -1 EBADF (Bad file descriptor) [pid 5879] close(10) = -1 EBADF (Bad file descriptor) [pid 5879] close(11) = -1 EBADF (Bad file descriptor) [pid 5879] close(12) = -1 EBADF (Bad file descriptor) [pid 5879] close(13) = -1 EBADF (Bad file descriptor) [pid 5879] close(14) = -1 EBADF (Bad file descriptor) [pid 5879] close(15) = -1 EBADF (Bad file descriptor) [pid 5879] close(16) = -1 EBADF (Bad file descriptor) [pid 5879] close(17) = -1 EBADF (Bad file descriptor) [pid 5879] close(18) = -1 EBADF (Bad file descriptor) [pid 5879] close(19) = -1 EBADF (Bad file descriptor) [pid 5879] close(20) = -1 EBADF (Bad file descriptor) [pid 5879] close(21) = -1 EBADF (Bad file descriptor) [pid 5879] close(22) = -1 EBADF (Bad file descriptor) [pid 5879] close(23) = -1 EBADF (Bad file descriptor) [pid 5879] close(24) = -1 EBADF (Bad file descriptor) [pid 5879] close(25) = -1 EBADF (Bad file descriptor) [pid 5879] close(26) = -1 EBADF (Bad file descriptor) [pid 5879] close(27) = -1 EBADF (Bad file descriptor) [pid 5879] close(28) = -1 EBADF (Bad file descriptor) [pid 5879] close(29) = -1 EBADF (Bad file descriptor) [pid 5879] exit_group(0) = ? [pid 5881] <... futex resumed>) = ? [pid 5880] <... futex resumed>) = ? [pid 5881] +++ exited with 0 +++ [pid 5880] +++ exited with 0 +++ [pid 5879] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=809, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./269", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./269", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./269/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./269/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./269/cgroup.cpu") = 0 [pid 5063] umount2("./269/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./269/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./269/binderfs") = 0 [pid 5063] umount2("./269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./269/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./269/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./269/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./269/file0") = 0 [pid 5063] umount2("./269/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./269/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./269/cgroup") = 0 [pid 5063] umount2("./269/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./269/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./269/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./269") = 0 [pid 5063] mkdir("./270", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5882 attached , child_tidptr=0x5555560b8690) = 812 [pid 5882] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5882] chdir("./270") = 0 [pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5882] setpgid(0, 0) = 0 [pid 5882] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5882] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5882] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5882] write(3, "1000", 4) = 4 [pid 5882] close(3) = 0 [pid 5882] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5882] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5882] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5882] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5882] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5882] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5882] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5882] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5883 attached => {parent_tid=[813]}, 88) = 813 [pid 5883] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5882] rt_sigprocmask(SIG_SETMASK, [], [pid 5883] <... rseq resumed>) = 0 [pid 5882] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5883] set_robust_list(0x7eff0a34a9a0, 24 [pid 5882] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5883] <... set_robust_list resumed>) = 0 [pid 5883] rt_sigprocmask(SIG_SETMASK, [], [pid 5882] <... futex resumed>) = 0 [pid 5883] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5882] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5883] memfd_create("syzkaller", 0) = 3 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5883] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5883] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5883] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5883] close(3) = 0 [pid 5883] mkdir("./file0", 0777) = 0 [pid 5883] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5883] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5883] chdir("./file0") = 0 [pid 5883] ioctl(4, LOOP_CLR_FD) = 0 [pid 5883] close(4) = 0 [pid 5883] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5882] <... futex resumed>) = 0 [pid 5883] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5882] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5883] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5882] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5883] <... openat resumed>) = 4 [ 210.258701][ T5883] loop0: detected capacity change from 0 to 4096 [ 210.278674][ T5883] ntfs: volume version 3.1. [pid 5883] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5882] <... futex resumed>) = 0 [pid 5883] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5882] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5883] <... futex resumed>) = 0 [pid 5882] <... futex resumed>) = 1 [pid 5883] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5882] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5882] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5882] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5882] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5882] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5882] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5884 attached [pid 5884] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5884] set_robust_list(0x7eff0a3299a0, 24 [pid 5882] <... clone3 resumed> => {parent_tid=[814]}, 88) = 814 [pid 5884] <... set_robust_list resumed>) = 0 [pid 5882] rt_sigprocmask(SIG_SETMASK, [], [pid 5884] rt_sigprocmask(SIG_SETMASK, [], [pid 5882] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5884] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5882] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5884] creat("./file1", 000 [pid 5882] <... futex resumed>) = 0 [pid 5882] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5883] <... write resumed>) = 1048064 [pid 5883] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5883] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5884] <... creat resumed>) = 5 [pid 5884] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5884] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5882] <... futex resumed>) = 0 [pid 5882] close(3) = 0 [pid 5882] close(4) = 0 [pid 5882] close(5) = 0 [pid 5882] close(6) = -1 EBADF (Bad file descriptor) [pid 5882] close(7) = -1 EBADF (Bad file descriptor) [pid 5882] close(8) = -1 EBADF (Bad file descriptor) [pid 5882] close(9) = -1 EBADF (Bad file descriptor) [pid 5882] close(10) = -1 EBADF (Bad file descriptor) [pid 5882] close(11) = -1 EBADF (Bad file descriptor) [pid 5882] close(12) = -1 EBADF (Bad file descriptor) [pid 5882] close(13) = -1 EBADF (Bad file descriptor) [pid 5882] close(14) = -1 EBADF (Bad file descriptor) [pid 5882] close(15) = -1 EBADF (Bad file descriptor) [pid 5882] close(16) = -1 EBADF (Bad file descriptor) [pid 5882] close(17) = -1 EBADF (Bad file descriptor) [pid 5882] close(18) = -1 EBADF (Bad file descriptor) [pid 5882] close(19) = -1 EBADF (Bad file descriptor) [pid 5882] close(20) = -1 EBADF (Bad file descriptor) [pid 5882] close(21) = -1 EBADF (Bad file descriptor) [pid 5882] close(22) = -1 EBADF (Bad file descriptor) [pid 5882] close(23) = -1 EBADF (Bad file descriptor) [pid 5882] close(24) = -1 EBADF (Bad file descriptor) [pid 5882] close(25) = -1 EBADF (Bad file descriptor) [pid 5882] close(26) = -1 EBADF (Bad file descriptor) [pid 5882] close(27) = -1 EBADF (Bad file descriptor) [pid 5882] close(28) = -1 EBADF (Bad file descriptor) [pid 5882] close(29) = -1 EBADF (Bad file descriptor) [pid 5882] exit_group(0) = ? [pid 5884] <... futex resumed>) = ? [pid 5883] <... futex resumed>) = ? [pid 5884] +++ exited with 0 +++ [pid 5883] +++ exited with 0 +++ [pid 5882] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=812, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./270", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./270", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./270/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./270/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./270/cgroup.cpu") = 0 [pid 5063] umount2("./270/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./270/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./270/binderfs") = 0 [pid 5063] umount2("./270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./270/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./270/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./270/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./270/file0") = 0 [pid 5063] umount2("./270/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./270/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./270/cgroup") = 0 [pid 5063] umount2("./270/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./270/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./270/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./270") = 0 [pid 5063] mkdir("./271", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5885 attached , child_tidptr=0x5555560b8690) = 815 [pid 5885] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5885] chdir("./271") = 0 [pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5885] setpgid(0, 0) = 0 [pid 5885] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5885] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5885] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5885] write(3, "1000", 4) = 4 [pid 5885] close(3) = 0 [pid 5885] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5885] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5885] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5885] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5885] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5885] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5885] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5885] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5886 attached => {parent_tid=[816]}, 88) = 816 [pid 5886] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5885] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5885] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5886] set_robust_list(0x7eff0a34a9a0, 24 [pid 5885] <... futex resumed>) = 0 [pid 5886] <... set_robust_list resumed>) = 0 [pid 5885] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5886] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5886] memfd_create("syzkaller", 0) = 3 [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5886] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5886] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5886] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5886] close(3) = 0 [pid 5886] mkdir("./file0", 0777) = 0 [pid 5886] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5886] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5886] chdir("./file0") = 0 [pid 5886] ioctl(4, LOOP_CLR_FD) = 0 [pid 5886] close(4) = 0 [pid 5886] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5886] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5885] <... futex resumed>) = 0 [pid 5885] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5885] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5886] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5886] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5886] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5886] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5885] <... futex resumed>) = 0 [pid 5885] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5886] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5885] <... futex resumed>) = 0 [ 210.905058][ T5886] loop0: detected capacity change from 0 to 4096 [ 210.921248][ T5886] ntfs: volume version 3.1. [pid 5886] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5885] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5885] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5885] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5885] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5885] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5885] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5887 attached [pid 5887] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5885] <... clone3 resumed> => {parent_tid=[817]}, 88) = 817 [pid 5887] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5887] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5887] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5885] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5885] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5887] <... futex resumed>) = 0 [pid 5887] creat("./file1", 000 [pid 5885] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5887] <... creat resumed>) = 5 [pid 5886] <... write resumed>) = 1048064 [pid 5887] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5886] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5887] <... futex resumed>) = 1 [pid 5885] <... futex resumed>) = 0 [pid 5887] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5886] <... futex resumed>) = 0 [pid 5885] close(3 [pid 5886] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5885] <... close resumed>) = 0 [pid 5885] close(4) = 0 [pid 5885] close(5) = 0 [pid 5885] close(6) = -1 EBADF (Bad file descriptor) [pid 5885] close(7) = -1 EBADF (Bad file descriptor) [pid 5885] close(8) = -1 EBADF (Bad file descriptor) [pid 5885] close(9) = -1 EBADF (Bad file descriptor) [pid 5885] close(10) = -1 EBADF (Bad file descriptor) [pid 5885] close(11) = -1 EBADF (Bad file descriptor) [pid 5885] close(12) = -1 EBADF (Bad file descriptor) [pid 5885] close(13) = -1 EBADF (Bad file descriptor) [pid 5885] close(14) = -1 EBADF (Bad file descriptor) [pid 5885] close(15) = -1 EBADF (Bad file descriptor) [pid 5885] close(16) = -1 EBADF (Bad file descriptor) [pid 5885] close(17) = -1 EBADF (Bad file descriptor) [pid 5885] close(18) = -1 EBADF (Bad file descriptor) [pid 5885] close(19) = -1 EBADF (Bad file descriptor) [pid 5885] close(20) = -1 EBADF (Bad file descriptor) [pid 5885] close(21) = -1 EBADF (Bad file descriptor) [pid 5885] close(22) = -1 EBADF (Bad file descriptor) [pid 5885] close(23) = -1 EBADF (Bad file descriptor) [pid 5885] close(24) = -1 EBADF (Bad file descriptor) [pid 5885] close(25) = -1 EBADF (Bad file descriptor) [pid 5885] close(26) = -1 EBADF (Bad file descriptor) [pid 5885] close(27) = -1 EBADF (Bad file descriptor) [pid 5885] close(28) = -1 EBADF (Bad file descriptor) [pid 5885] close(29) = -1 EBADF (Bad file descriptor) [pid 5885] exit_group(0 [pid 5886] <... futex resumed>) = ? [pid 5885] <... exit_group resumed>) = ? [pid 5887] <... futex resumed>) = ? [pid 5886] +++ exited with 0 +++ [pid 5887] +++ exited with 0 +++ [pid 5885] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=815, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./271", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./271", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./271/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./271/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./271/cgroup.cpu") = 0 [pid 5063] umount2("./271/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./271/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./271/binderfs") = 0 [pid 5063] umount2("./271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./271/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./271/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./271/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./271/file0") = 0 [pid 5063] umount2("./271/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./271/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./271/cgroup") = 0 [pid 5063] umount2("./271/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./271/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./271/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./271") = 0 [pid 5063] mkdir("./272", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5888 attached [pid 5888] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 818 [pid 5888] <... set_robust_list resumed>) = 0 [pid 5888] chdir("./272") = 0 [pid 5888] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5888] setpgid(0, 0) = 0 [pid 5888] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5888] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5888] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5888] write(3, "1000", 4) = 4 [pid 5888] close(3) = 0 [pid 5888] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5888] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5888] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5888] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5888] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5888] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5888] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5889 attached [pid 5889] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5889] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5889] rt_sigprocmask(SIG_SETMASK, [], [pid 5888] <... clone3 resumed> => {parent_tid=[819]}, 88) = 819 [pid 5889] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5889] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5888] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5888] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5889] <... futex resumed>) = 0 [pid 5888] <... futex resumed>) = 1 [pid 5888] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5889] memfd_create("syzkaller", 0) = 3 [pid 5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5889] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5889] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5889] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5889] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5889] close(3) = 0 [pid 5889] mkdir("./file0", 0777) = 0 [pid 5889] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5889] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5889] chdir("./file0") = 0 [pid 5889] ioctl(4, LOOP_CLR_FD) = 0 [pid 5889] close(4) = 0 [pid 5889] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5888] <... futex resumed>) = 0 [pid 5889] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5888] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5889] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5888] <... futex resumed>) = 0 [pid 5889] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5888] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5889] <... openat resumed>) = 4 [pid 5889] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5888] <... futex resumed>) = 0 [ 211.482354][ T5889] loop0: detected capacity change from 0 to 4096 [ 211.497403][ T5889] ntfs: volume version 3.1. [pid 5889] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5888] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5889] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5888] <... futex resumed>) = 0 [pid 5889] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5888] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5888] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5888] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5888] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5888] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5888] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5890 attached [pid 5890] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5888] <... clone3 resumed> => {parent_tid=[820]}, 88) = 820 [pid 5888] rt_sigprocmask(SIG_SETMASK, [], [pid 5890] set_robust_list(0x7eff0a3299a0, 24 [pid 5888] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5890] <... set_robust_list resumed>) = 0 [pid 5890] rt_sigprocmask(SIG_SETMASK, [], [pid 5888] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5890] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5888] <... futex resumed>) = 0 [pid 5890] creat("./file1", 000 [pid 5888] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5890] <... creat resumed>) = 5 [pid 5890] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5888] <... futex resumed>) = 0 [pid 5890] <... futex resumed>) = 1 [pid 5890] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5889] <... write resumed>) = 1048064 [pid 5889] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5888] close(3 [pid 5889] <... futex resumed>) = 0 [pid 5888] <... close resumed>) = 0 [pid 5889] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5888] close(4) = 0 [pid 5888] close(5) = 0 [pid 5888] close(6) = -1 EBADF (Bad file descriptor) [pid 5888] close(7) = -1 EBADF (Bad file descriptor) [pid 5888] close(8) = -1 EBADF (Bad file descriptor) [pid 5888] close(9) = -1 EBADF (Bad file descriptor) [pid 5888] close(10) = -1 EBADF (Bad file descriptor) [pid 5888] close(11) = -1 EBADF (Bad file descriptor) [pid 5888] close(12) = -1 EBADF (Bad file descriptor) [pid 5888] close(13) = -1 EBADF (Bad file descriptor) [pid 5888] close(14) = -1 EBADF (Bad file descriptor) [pid 5888] close(15) = -1 EBADF (Bad file descriptor) [pid 5888] close(16) = -1 EBADF (Bad file descriptor) [pid 5888] close(17) = -1 EBADF (Bad file descriptor) [pid 5888] close(18) = -1 EBADF (Bad file descriptor) [pid 5888] close(19) = -1 EBADF (Bad file descriptor) [pid 5888] close(20) = -1 EBADF (Bad file descriptor) [pid 5888] close(21) = -1 EBADF (Bad file descriptor) [pid 5888] close(22) = -1 EBADF (Bad file descriptor) [pid 5888] close(23) = -1 EBADF (Bad file descriptor) [pid 5888] close(24) = -1 EBADF (Bad file descriptor) [pid 5888] close(25) = -1 EBADF (Bad file descriptor) [pid 5888] close(26) = -1 EBADF (Bad file descriptor) [pid 5888] close(27) = -1 EBADF (Bad file descriptor) [pid 5888] close(28) = -1 EBADF (Bad file descriptor) [pid 5888] close(29) = -1 EBADF (Bad file descriptor) [pid 5888] exit_group(0 [pid 5890] <... futex resumed>) = ? [pid 5889] <... futex resumed>) = ? [pid 5888] <... exit_group resumed>) = ? [pid 5890] +++ exited with 0 +++ [pid 5889] +++ exited with 0 +++ [pid 5888] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=818, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./272", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./272", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./272/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./272/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./272/cgroup.cpu") = 0 [pid 5063] umount2("./272/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./272/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./272/binderfs") = 0 [pid 5063] umount2("./272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./272/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./272/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./272/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./272/file0") = 0 [pid 5063] umount2("./272/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./272/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./272/cgroup") = 0 [pid 5063] umount2("./272/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./272/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./272/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./272") = 0 [pid 5063] mkdir("./273", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5891 attached , child_tidptr=0x5555560b8690) = 821 [pid 5891] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5891] chdir("./273") = 0 [pid 5891] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5891] setpgid(0, 0) = 0 [pid 5891] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5891] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5891] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5891] write(3, "1000", 4) = 4 [pid 5891] close(3) = 0 [pid 5891] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5891] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5891] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5891] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5891] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5891] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5891] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5891] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5892 attached [pid 5892] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5891] <... clone3 resumed> => {parent_tid=[822]}, 88) = 822 [pid 5892] <... rseq resumed>) = 0 [pid 5891] rt_sigprocmask(SIG_SETMASK, [], [pid 5892] set_robust_list(0x7eff0a34a9a0, 24 [pid 5891] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5892] <... set_robust_list resumed>) = 0 [pid 5891] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5892] rt_sigprocmask(SIG_SETMASK, [], [pid 5891] <... futex resumed>) = 0 [pid 5892] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5891] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5892] memfd_create("syzkaller", 0) = 3 [pid 5892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5892] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5892] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5892] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5892] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5892] close(3) = 0 [pid 5892] mkdir("./file0", 0777) = 0 [ 212.133485][ T5892] loop0: detected capacity change from 0 to 4096 [ 212.146858][ T5892] __ntfs_warning: 170 callbacks suppressed [ 212.146866][ T5892] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 212.173785][ T5892] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 212.183492][ T5892] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 212.202677][ T5892] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 212.211708][ T5892] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 212.231793][ T5892] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 212.240526][ T5892] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 212.260664][ T5892] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5892] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5892] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5892] chdir("./file0") = 0 [pid 5892] ioctl(4, LOOP_CLR_FD) = 0 [pid 5892] close(4) = 0 [ 212.269377][ T5892] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 212.289345][ T5892] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 212.300486][ T5892] ntfs: volume version 3.1. [pid 5892] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5892] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5891] <... futex resumed>) = 0 [pid 5891] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5892] <... futex resumed>) = 0 [pid 5891] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5892] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5892] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5892] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5891] <... futex resumed>) = 0 [pid 5891] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5892] <... futex resumed>) = 0 [pid 5891] <... futex resumed>) = 1 [pid 5892] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5891] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5891] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5891] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5891] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5891] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5891] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5891] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5893 attached [pid 5893] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5893] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5893] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5893] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5891] <... clone3 resumed> => {parent_tid=[823]}, 88) = 823 [pid 5891] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5891] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5891] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5893] <... futex resumed>) = 0 [pid 5893] creat("./file1", 000) = 5 [pid 5892] <... write resumed>) = 1048064 [pid 5893] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5892] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5893] <... futex resumed>) = 1 [pid 5891] <... futex resumed>) = 0 [pid 5893] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5892] <... futex resumed>) = 0 [pid 5891] close(3) = 0 [pid 5891] close(4 [pid 5892] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5891] <... close resumed>) = 0 [pid 5891] close(5) = 0 [pid 5891] close(6) = -1 EBADF (Bad file descriptor) [pid 5891] close(7) = -1 EBADF (Bad file descriptor) [pid 5891] close(8) = -1 EBADF (Bad file descriptor) [pid 5891] close(9) = -1 EBADF (Bad file descriptor) [pid 5891] close(10) = -1 EBADF (Bad file descriptor) [pid 5891] close(11) = -1 EBADF (Bad file descriptor) [pid 5891] close(12) = -1 EBADF (Bad file descriptor) [pid 5891] close(13) = -1 EBADF (Bad file descriptor) [pid 5891] close(14) = -1 EBADF (Bad file descriptor) [pid 5891] close(15) = -1 EBADF (Bad file descriptor) [pid 5891] close(16) = -1 EBADF (Bad file descriptor) [pid 5891] close(17) = -1 EBADF (Bad file descriptor) [pid 5891] close(18) = -1 EBADF (Bad file descriptor) [pid 5891] close(19) = -1 EBADF (Bad file descriptor) [pid 5891] close(20) = -1 EBADF (Bad file descriptor) [pid 5891] close(21) = -1 EBADF (Bad file descriptor) [pid 5891] close(22) = -1 EBADF (Bad file descriptor) [pid 5891] close(23) = -1 EBADF (Bad file descriptor) [pid 5891] close(24) = -1 EBADF (Bad file descriptor) [pid 5891] close(25) = -1 EBADF (Bad file descriptor) [pid 5891] close(26) = -1 EBADF (Bad file descriptor) [pid 5891] close(27) = -1 EBADF (Bad file descriptor) [pid 5891] close(28) = -1 EBADF (Bad file descriptor) [pid 5891] close(29) = -1 EBADF (Bad file descriptor) [pid 5891] exit_group(0) = ? [pid 5893] <... futex resumed>) = ? [pid 5892] <... futex resumed>) = ? [pid 5893] +++ exited with 0 +++ [pid 5892] +++ exited with 0 +++ [pid 5891] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=821, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] umount2("./273", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./273", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./273/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./273/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./273/cgroup.cpu") = 0 [pid 5063] umount2("./273/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./273/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./273/binderfs") = 0 [pid 5063] umount2("./273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./273/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./273/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./273/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./273/file0") = 0 [pid 5063] umount2("./273/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./273/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./273/cgroup") = 0 [pid 5063] umount2("./273/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./273/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./273/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./273") = 0 [pid 5063] mkdir("./274", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5894 attached , child_tidptr=0x5555560b8690) = 824 [pid 5894] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5894] chdir("./274") = 0 [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5894] setpgid(0, 0) = 0 [pid 5894] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5894] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5894] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5894] write(3, "1000", 4) = 4 [pid 5894] close(3) = 0 [pid 5894] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5894] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5894] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5894] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5894] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5894] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5894] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5894] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5895 attached => {parent_tid=[825]}, 88) = 825 [pid 5895] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5894] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5894] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5895] <... rseq resumed>) = 0 [pid 5895] set_robust_list(0x7eff0a34a9a0, 24 [pid 5894] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5895] <... set_robust_list resumed>) = 0 [pid 5895] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5895] memfd_create("syzkaller", 0) = 3 [pid 5895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5895] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5895] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5895] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5895] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5895] close(3) = 0 [pid 5895] mkdir("./file0", 0777) = 0 [pid 5895] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5895] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5895] chdir("./file0") = 0 [pid 5895] ioctl(4, LOOP_CLR_FD) = 0 [pid 5895] close(4) = 0 [pid 5895] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5894] <... futex resumed>) = 0 [pid 5895] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5894] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5895] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5894] <... futex resumed>) = 0 [pid 5895] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5894] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5895] <... openat resumed>) = 4 [pid 5895] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5895] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5894] <... futex resumed>) = 0 [pid 5894] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5894] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5895] <... futex resumed>) = 0 [ 212.897008][ T5895] loop0: detected capacity change from 0 to 4096 [ 212.913296][ T5895] ntfs: volume version 3.1. [pid 5895] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5894] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5894] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5894] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5894] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5894] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5894] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5896 attached [pid 5896] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5894] <... clone3 resumed> => {parent_tid=[826]}, 88) = 826 [pid 5896] <... rseq resumed>) = 0 [pid 5894] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5896] set_robust_list(0x7eff0a3299a0, 24 [pid 5894] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5896] <... set_robust_list resumed>) = 0 [pid 5894] <... futex resumed>) = 0 [pid 5896] rt_sigprocmask(SIG_SETMASK, [], [pid 5894] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5896] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5896] creat("./file1", 000) = 5 [pid 5895] <... write resumed>) = 1048064 [pid 5896] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5895] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5896] <... futex resumed>) = 1 [pid 5895] <... futex resumed>) = 0 [pid 5896] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5895] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5894] <... futex resumed>) = 0 [pid 5894] close(3) = 0 [pid 5894] close(4) = 0 [pid 5894] close(5) = 0 [pid 5894] close(6) = -1 EBADF (Bad file descriptor) [pid 5894] close(7) = -1 EBADF (Bad file descriptor) [pid 5894] close(8) = -1 EBADF (Bad file descriptor) [pid 5894] close(9) = -1 EBADF (Bad file descriptor) [pid 5894] close(10) = -1 EBADF (Bad file descriptor) [pid 5894] close(11) = -1 EBADF (Bad file descriptor) [pid 5894] close(12) = -1 EBADF (Bad file descriptor) [pid 5894] close(13) = -1 EBADF (Bad file descriptor) [pid 5894] close(14) = -1 EBADF (Bad file descriptor) [pid 5894] close(15) = -1 EBADF (Bad file descriptor) [pid 5894] close(16) = -1 EBADF (Bad file descriptor) [pid 5894] close(17) = -1 EBADF (Bad file descriptor) [pid 5894] close(18) = -1 EBADF (Bad file descriptor) [pid 5894] close(19) = -1 EBADF (Bad file descriptor) [pid 5894] close(20) = -1 EBADF (Bad file descriptor) [pid 5894] close(21) = -1 EBADF (Bad file descriptor) [pid 5894] close(22) = -1 EBADF (Bad file descriptor) [pid 5894] close(23) = -1 EBADF (Bad file descriptor) [pid 5894] close(24) = -1 EBADF (Bad file descriptor) [pid 5894] close(25) = -1 EBADF (Bad file descriptor) [pid 5894] close(26) = -1 EBADF (Bad file descriptor) [pid 5894] close(27) = -1 EBADF (Bad file descriptor) [pid 5894] close(28) = -1 EBADF (Bad file descriptor) [pid 5894] close(29) = -1 EBADF (Bad file descriptor) [pid 5894] exit_group(0) = ? [pid 5895] <... futex resumed>) = ? [pid 5896] <... futex resumed>) = ? [pid 5896] +++ exited with 0 +++ [pid 5895] +++ exited with 0 +++ [pid 5894] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=824, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./274", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./274", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./274/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./274/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./274/cgroup.cpu") = 0 [pid 5063] umount2("./274/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./274/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./274/binderfs") = 0 [pid 5063] umount2("./274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./274/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./274/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./274/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./274/file0") = 0 [pid 5063] umount2("./274/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./274/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./274/cgroup") = 0 [pid 5063] umount2("./274/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./274/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./274/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./274") = 0 [pid 5063] mkdir("./275", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5897 attached , child_tidptr=0x5555560b8690) = 827 [pid 5897] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5897] chdir("./275") = 0 [pid 5897] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5897] setpgid(0, 0) = 0 [pid 5897] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5897] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5897] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5897] write(3, "1000", 4) = 4 [pid 5897] close(3) = 0 [pid 5897] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5897] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5897] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5897] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5897] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5897] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5897] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5897] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[828]}, 88) = 828 ./strace-static-x86_64: Process 5898 attached [pid 5897] rt_sigprocmask(SIG_SETMASK, [], [pid 5898] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5897] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5898] <... rseq resumed>) = 0 [pid 5897] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5898] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5897] <... futex resumed>) = 0 [pid 5898] rt_sigprocmask(SIG_SETMASK, [], [pid 5897] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5898] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5898] memfd_create("syzkaller", 0) = 3 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5898] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5898] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5898] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5898] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5898] close(3) = 0 [pid 5898] mkdir("./file0", 0777) = 0 [pid 5898] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5898] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5898] chdir("./file0") = 0 [pid 5898] ioctl(4, LOOP_CLR_FD) = 0 [pid 5898] close(4) = 0 [ 213.445278][ T5898] loop0: detected capacity change from 0 to 4096 [ 213.466127][ T5898] ntfs: volume version 3.1. [pid 5898] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5897] <... futex resumed>) = 0 [pid 5898] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5897] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5898] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5897] <... futex resumed>) = 0 [pid 5898] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5897] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5898] <... openat resumed>) = 4 [pid 5898] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5897] <... futex resumed>) = 0 [pid 5898] <... futex resumed>) = 1 [pid 5897] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5898] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5897] <... futex resumed>) = 0 [pid 5897] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5897] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5897] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5897] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5897] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5897] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5899 attached [pid 5899] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5897] <... clone3 resumed> => {parent_tid=[829]}, 88) = 829 [pid 5899] <... rseq resumed>) = 0 [pid 5897] rt_sigprocmask(SIG_SETMASK, [], [pid 5899] set_robust_list(0x7eff0a3299a0, 24 [pid 5897] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5899] <... set_robust_list resumed>) = 0 [pid 5897] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5899] rt_sigprocmask(SIG_SETMASK, [], [pid 5897] <... futex resumed>) = 0 [pid 5899] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5899] creat("./file1", 000 [pid 5897] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5899] <... creat resumed>) = 5 [pid 5898] <... write resumed>) = 1048064 [pid 5899] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5898] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5899] <... futex resumed>) = 1 [pid 5897] <... futex resumed>) = 0 [pid 5899] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5898] <... futex resumed>) = 0 [pid 5897] close(3 [pid 5898] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5897] <... close resumed>) = 0 [pid 5897] close(4) = 0 [pid 5897] close(5) = 0 [pid 5897] close(6) = -1 EBADF (Bad file descriptor) [pid 5897] close(7) = -1 EBADF (Bad file descriptor) [pid 5897] close(8) = -1 EBADF (Bad file descriptor) [pid 5897] close(9) = -1 EBADF (Bad file descriptor) [pid 5897] close(10) = -1 EBADF (Bad file descriptor) [pid 5897] close(11) = -1 EBADF (Bad file descriptor) [pid 5897] close(12) = -1 EBADF (Bad file descriptor) [pid 5897] close(13) = -1 EBADF (Bad file descriptor) [pid 5897] close(14) = -1 EBADF (Bad file descriptor) [pid 5897] close(15) = -1 EBADF (Bad file descriptor) [pid 5897] close(16) = -1 EBADF (Bad file descriptor) [pid 5897] close(17) = -1 EBADF (Bad file descriptor) [pid 5897] close(18) = -1 EBADF (Bad file descriptor) [pid 5897] close(19) = -1 EBADF (Bad file descriptor) [pid 5897] close(20) = -1 EBADF (Bad file descriptor) [pid 5897] close(21) = -1 EBADF (Bad file descriptor) [pid 5897] close(22) = -1 EBADF (Bad file descriptor) [pid 5897] close(23) = -1 EBADF (Bad file descriptor) [pid 5897] close(24) = -1 EBADF (Bad file descriptor) [pid 5897] close(25) = -1 EBADF (Bad file descriptor) [pid 5897] close(26) = -1 EBADF (Bad file descriptor) [pid 5897] close(27) = -1 EBADF (Bad file descriptor) [pid 5897] close(28) = -1 EBADF (Bad file descriptor) [pid 5897] close(29) = -1 EBADF (Bad file descriptor) [pid 5897] exit_group(0 [pid 5898] <... futex resumed>) = ? [pid 5897] <... exit_group resumed>) = ? [pid 5899] <... futex resumed>) = ? [pid 5898] +++ exited with 0 +++ [pid 5899] +++ exited with 0 +++ [pid 5897] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=827, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./275", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./275", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./275/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./275/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./275/cgroup.cpu") = 0 [pid 5063] umount2("./275/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./275/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./275/binderfs") = 0 [pid 5063] umount2("./275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./275/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./275/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./275/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./275/file0") = 0 [pid 5063] umount2("./275/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./275/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./275/cgroup") = 0 [pid 5063] umount2("./275/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./275/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./275/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./275") = 0 [pid 5063] mkdir("./276", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5900 attached , child_tidptr=0x5555560b8690) = 830 [pid 5900] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5900] chdir("./276") = 0 [pid 5900] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5900] setpgid(0, 0) = 0 [pid 5900] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5900] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5900] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5900] write(3, "1000", 4) = 4 [pid 5900] close(3) = 0 [pid 5900] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5900] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5900] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5900] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5900] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5900] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5900] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5900] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5901 attached => {parent_tid=[831]}, 88) = 831 [pid 5901] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5900] rt_sigprocmask(SIG_SETMASK, [], [pid 5901] <... rseq resumed>) = 0 [pid 5900] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5901] set_robust_list(0x7eff0a34a9a0, 24 [pid 5900] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5901] <... set_robust_list resumed>) = 0 [pid 5901] rt_sigprocmask(SIG_SETMASK, [], [pid 5900] <... futex resumed>) = 0 [pid 5901] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5900] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5901] memfd_create("syzkaller", 0) = 3 [pid 5901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5901] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5901] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5901] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5901] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5901] close(3) = 0 [pid 5901] mkdir("./file0", 0777) = 0 [pid 5901] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5901] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5901] chdir("./file0") = 0 [pid 5901] ioctl(4, LOOP_CLR_FD) = 0 [pid 5901] close(4) = 0 [pid 5901] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5900] <... futex resumed>) = 0 [pid 5901] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5900] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5901] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5900] <... futex resumed>) = 0 [pid 5901] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5900] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5901] <... openat resumed>) = 4 [ 213.988346][ T5901] loop0: detected capacity change from 0 to 4096 [ 214.010508][ T5901] ntfs: volume version 3.1. [pid 5901] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5900] <... futex resumed>) = 0 [pid 5901] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5900] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5901] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5901] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5900] <... futex resumed>) = 0 [pid 5900] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5900] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5900] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5900] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5900] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5900] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5902 attached [pid 5902] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5900] <... clone3 resumed> => {parent_tid=[832]}, 88) = 832 [pid 5900] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5902] <... rseq resumed>) = 0 [pid 5900] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5900] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5902] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5902] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5902] creat("./file1", 000) = 5 [pid 5901] <... write resumed>) = 1048064 [pid 5902] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5901] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5902] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5901] <... futex resumed>) = 0 [pid 5900] <... futex resumed>) = 0 [pid 5901] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5900] close(3) = 0 [pid 5900] close(4) = 0 [pid 5900] close(5) = 0 [pid 5900] close(6) = -1 EBADF (Bad file descriptor) [pid 5900] close(7) = -1 EBADF (Bad file descriptor) [pid 5900] close(8) = -1 EBADF (Bad file descriptor) [pid 5900] close(9) = -1 EBADF (Bad file descriptor) [pid 5900] close(10) = -1 EBADF (Bad file descriptor) [pid 5900] close(11) = -1 EBADF (Bad file descriptor) [pid 5900] close(12) = -1 EBADF (Bad file descriptor) [pid 5900] close(13) = -1 EBADF (Bad file descriptor) [pid 5900] close(14) = -1 EBADF (Bad file descriptor) [pid 5900] close(15) = -1 EBADF (Bad file descriptor) [pid 5900] close(16) = -1 EBADF (Bad file descriptor) [pid 5900] close(17) = -1 EBADF (Bad file descriptor) [pid 5900] close(18) = -1 EBADF (Bad file descriptor) [pid 5900] close(19) = -1 EBADF (Bad file descriptor) [pid 5900] close(20) = -1 EBADF (Bad file descriptor) [pid 5900] close(21) = -1 EBADF (Bad file descriptor) [pid 5900] close(22) = -1 EBADF (Bad file descriptor) [pid 5900] close(23) = -1 EBADF (Bad file descriptor) [pid 5900] close(24) = -1 EBADF (Bad file descriptor) [pid 5900] close(25) = -1 EBADF (Bad file descriptor) [pid 5900] close(26) = -1 EBADF (Bad file descriptor) [pid 5900] close(27) = -1 EBADF (Bad file descriptor) [pid 5900] close(28) = -1 EBADF (Bad file descriptor) [pid 5900] close(29) = -1 EBADF (Bad file descriptor) [pid 5900] exit_group(0 [pid 5901] <... futex resumed>) = ? [pid 5900] <... exit_group resumed>) = ? [pid 5902] <... futex resumed>) = ? [pid 5901] +++ exited with 0 +++ [pid 5902] +++ exited with 0 +++ [pid 5900] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=830, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./276", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./276", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./276/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./276/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./276/cgroup.cpu") = 0 [pid 5063] umount2("./276/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./276/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./276/binderfs") = 0 [pid 5063] umount2("./276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./276/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./276/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./276/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./276/file0") = 0 [pid 5063] umount2("./276/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./276/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./276/cgroup") = 0 [pid 5063] umount2("./276/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./276/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./276/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./276") = 0 [pid 5063] mkdir("./277", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5903 attached , child_tidptr=0x5555560b8690) = 833 [pid 5903] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5903] chdir("./277") = 0 [pid 5903] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5903] setpgid(0, 0) = 0 [pid 5903] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5903] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5903] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5903] write(3, "1000", 4) = 4 [pid 5903] close(3) = 0 [pid 5903] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5903] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5903] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5903] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5903] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5903] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5903] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5904 attached [pid 5904] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5904] set_robust_list(0x7eff0a34a9a0, 24 [pid 5903] <... clone3 resumed> => {parent_tid=[834]}, 88) = 834 [pid 5904] <... set_robust_list resumed>) = 0 [pid 5903] rt_sigprocmask(SIG_SETMASK, [], [pid 5904] rt_sigprocmask(SIG_SETMASK, [], [pid 5903] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5904] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5903] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5903] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5904] memfd_create("syzkaller", 0) = 3 [pid 5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5904] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5904] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5904] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5904] close(3) = 0 [pid 5904] mkdir("./file0", 0777) = 0 [pid 5904] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5904] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5904] chdir("./file0") = 0 [pid 5904] ioctl(4, LOOP_CLR_FD) = 0 [pid 5904] close(4) = 0 [ 214.517327][ T5904] loop0: detected capacity change from 0 to 4096 [ 214.546808][ T5904] ntfs: volume version 3.1. [pid 5904] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5904] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5903] <... futex resumed>) = 0 [pid 5904] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5903] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5904] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5903] <... futex resumed>) = 0 [pid 5903] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5904] <... openat resumed>) = 4 [pid 5904] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5904] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5903] <... futex resumed>) = 0 [pid 5903] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5903] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5904] <... futex resumed>) = 0 [pid 5904] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5903] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5903] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5903] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5903] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5903] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5903] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[835]}, 88) = 835 ./strace-static-x86_64: Process 5905 attached [pid 5905] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5905] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5905] rt_sigprocmask(SIG_SETMASK, [], [pid 5903] rt_sigprocmask(SIG_SETMASK, [], [pid 5905] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5903] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5905] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5903] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5905] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5905] creat("./file1", 000 [pid 5903] <... futex resumed>) = 0 [pid 5903] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5905] <... creat resumed>) = 5 [pid 5905] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5904] <... write resumed>) = 1048064 [pid 5903] <... futex resumed>) = 0 [pid 5904] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5905] <... futex resumed>) = 1 [pid 5904] <... futex resumed>) = 0 [pid 5905] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5903] close(3 [pid 5904] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5903] <... close resumed>) = 0 [pid 5903] close(4) = 0 [pid 5903] close(5) = 0 [pid 5903] close(6) = -1 EBADF (Bad file descriptor) [pid 5903] close(7) = -1 EBADF (Bad file descriptor) [pid 5903] close(8) = -1 EBADF (Bad file descriptor) [pid 5903] close(9) = -1 EBADF (Bad file descriptor) [pid 5903] close(10) = -1 EBADF (Bad file descriptor) [pid 5903] close(11) = -1 EBADF (Bad file descriptor) [pid 5903] close(12) = -1 EBADF (Bad file descriptor) [pid 5903] close(13) = -1 EBADF (Bad file descriptor) [pid 5903] close(14) = -1 EBADF (Bad file descriptor) [pid 5903] close(15) = -1 EBADF (Bad file descriptor) [pid 5903] close(16) = -1 EBADF (Bad file descriptor) [pid 5903] close(17) = -1 EBADF (Bad file descriptor) [pid 5903] close(18) = -1 EBADF (Bad file descriptor) [pid 5903] close(19) = -1 EBADF (Bad file descriptor) [pid 5903] close(20) = -1 EBADF (Bad file descriptor) [pid 5903] close(21) = -1 EBADF (Bad file descriptor) [pid 5903] close(22) = -1 EBADF (Bad file descriptor) [pid 5903] close(23) = -1 EBADF (Bad file descriptor) [pid 5903] close(24) = -1 EBADF (Bad file descriptor) [pid 5903] close(25) = -1 EBADF (Bad file descriptor) [pid 5903] close(26) = -1 EBADF (Bad file descriptor) [pid 5903] close(27) = -1 EBADF (Bad file descriptor) [pid 5903] close(28) = -1 EBADF (Bad file descriptor) [pid 5903] close(29) = -1 EBADF (Bad file descriptor) [pid 5903] exit_group(0) = ? [pid 5904] <... futex resumed>) = ? [pid 5905] <... futex resumed>) = ? [pid 5904] +++ exited with 0 +++ [pid 5905] +++ exited with 0 +++ [pid 5903] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=833, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./277", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./277", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./277/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./277/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./277/cgroup.cpu") = 0 [pid 5063] umount2("./277/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./277/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./277/binderfs") = 0 [pid 5063] umount2("./277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./277/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./277/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./277/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./277/file0") = 0 [pid 5063] umount2("./277/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./277/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./277/cgroup") = 0 [pid 5063] umount2("./277/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./277/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./277/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./277") = 0 [pid 5063] mkdir("./278", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5906 attached , child_tidptr=0x5555560b8690) = 836 [pid 5906] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5906] chdir("./278") = 0 [pid 5906] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5906] setpgid(0, 0) = 0 [pid 5906] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5906] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5906] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5906] write(3, "1000", 4) = 4 [pid 5906] close(3) = 0 [pid 5906] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5906] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5906] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5906] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5906] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5906] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5906] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5906] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5907 attached => {parent_tid=[837]}, 88) = 837 [pid 5907] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5906] rt_sigprocmask(SIG_SETMASK, [], [pid 5907] set_robust_list(0x7eff0a34a9a0, 24 [pid 5906] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5907] <... set_robust_list resumed>) = 0 [pid 5906] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5907] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5906] <... futex resumed>) = 0 [pid 5907] memfd_create("syzkaller", 0 [pid 5906] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5907] <... memfd_create resumed>) = 3 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5907] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5907] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5907] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5907] close(3) = 0 [pid 5907] mkdir("./file0", 0777) = 0 [pid 5907] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5907] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5907] chdir("./file0") = 0 [pid 5907] ioctl(4, LOOP_CLR_FD) = 0 [pid 5907] close(4) = 0 [pid 5907] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5906] <... futex resumed>) = 0 [pid 5906] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5907] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5906] <... futex resumed>) = 0 [pid 5906] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5907] <... openat resumed>) = 4 [pid 5907] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5907] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5906] <... futex resumed>) = 0 [pid 5906] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5907] <... futex resumed>) = 0 [pid 5906] <... futex resumed>) = 1 [pid 5907] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 215.071798][ T5907] loop0: detected capacity change from 0 to 4096 [ 215.093497][ T5907] ntfs: volume version 3.1. [pid 5906] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5906] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5906] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5906] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5906] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5906] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5908 attached => {parent_tid=[838]}, 88) = 838 [pid 5908] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5906] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5906] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5906] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5908] <... rseq resumed>) = 0 [pid 5908] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5908] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5908] creat("./file1", 000) = 5 [pid 5908] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5906] <... futex resumed>) = 0 [pid 5908] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5907] <... write resumed>) = 1048064 [pid 5907] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5907] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5906] close(3) = 0 [pid 5906] close(4) = 0 [pid 5906] close(5) = 0 [pid 5906] close(6) = -1 EBADF (Bad file descriptor) [pid 5906] close(7) = -1 EBADF (Bad file descriptor) [pid 5906] close(8) = -1 EBADF (Bad file descriptor) [pid 5906] close(9) = -1 EBADF (Bad file descriptor) [pid 5906] close(10) = -1 EBADF (Bad file descriptor) [pid 5906] close(11) = -1 EBADF (Bad file descriptor) [pid 5906] close(12) = -1 EBADF (Bad file descriptor) [pid 5906] close(13) = -1 EBADF (Bad file descriptor) [pid 5906] close(14) = -1 EBADF (Bad file descriptor) [pid 5906] close(15) = -1 EBADF (Bad file descriptor) [pid 5906] close(16) = -1 EBADF (Bad file descriptor) [pid 5906] close(17) = -1 EBADF (Bad file descriptor) [pid 5906] close(18) = -1 EBADF (Bad file descriptor) [pid 5906] close(19) = -1 EBADF (Bad file descriptor) [pid 5906] close(20) = -1 EBADF (Bad file descriptor) [pid 5906] close(21) = -1 EBADF (Bad file descriptor) [pid 5906] close(22) = -1 EBADF (Bad file descriptor) [pid 5906] close(23) = -1 EBADF (Bad file descriptor) [pid 5906] close(24) = -1 EBADF (Bad file descriptor) [pid 5906] close(25) = -1 EBADF (Bad file descriptor) [pid 5906] close(26) = -1 EBADF (Bad file descriptor) [pid 5906] close(27) = -1 EBADF (Bad file descriptor) [pid 5906] close(28) = -1 EBADF (Bad file descriptor) [pid 5906] close(29) = -1 EBADF (Bad file descriptor) [pid 5906] exit_group(0) = ? [pid 5908] <... futex resumed>) = ? [pid 5907] <... futex resumed>) = ? [pid 5908] +++ exited with 0 +++ [pid 5907] +++ exited with 0 +++ [pid 5906] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=836, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./278", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./278", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./278/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./278/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./278/cgroup.cpu") = 0 [pid 5063] umount2("./278/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./278/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./278/binderfs") = 0 [pid 5063] umount2("./278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./278/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./278/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./278/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./278/file0") = 0 [pid 5063] umount2("./278/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./278/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./278/cgroup") = 0 [pid 5063] umount2("./278/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./278/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./278/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./278") = 0 [pid 5063] mkdir("./279", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5909 attached [pid 5909] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 839 [pid 5909] chdir("./279") = 0 [pid 5909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5909] setpgid(0, 0) = 0 [pid 5909] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5909] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5909] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5909] write(3, "1000", 4) = 4 [pid 5909] close(3) = 0 [pid 5909] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5909] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5909] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5909] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5909] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5909] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5909] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5909] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5910 attached => {parent_tid=[840]}, 88) = 840 [pid 5910] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5909] rt_sigprocmask(SIG_SETMASK, [], [pid 5910] <... rseq resumed>) = 0 [pid 5909] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5910] set_robust_list(0x7eff0a34a9a0, 24 [pid 5909] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5910] <... set_robust_list resumed>) = 0 [pid 5909] <... futex resumed>) = 0 [pid 5910] rt_sigprocmask(SIG_SETMASK, [], [pid 5909] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5910] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5910] memfd_create("syzkaller", 0) = 3 [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5910] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5910] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5910] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5910] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5910] close(3) = 0 [pid 5910] mkdir("./file0", 0777) = 0 [pid 5910] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5910] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5910] chdir("./file0") = 0 [pid 5910] ioctl(4, LOOP_CLR_FD) = 0 [pid 5910] close(4) = 0 [pid 5910] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5909] <... futex resumed>) = 0 [pid 5910] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5909] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5909] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5910] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5910] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5910] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5909] <... futex resumed>) = 0 [ 215.538533][ T5910] loop0: detected capacity change from 0 to 4096 [ 215.558243][ T5910] ntfs: volume version 3.1. [pid 5909] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5910] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5909] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5909] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5909] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5909] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5909] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5909] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5911 attached [pid 5911] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5909] <... clone3 resumed> => {parent_tid=[841]}, 88) = 841 [pid 5911] set_robust_list(0x7eff0a3299a0, 24 [pid 5910] <... write resumed>) = 1048064 [pid 5911] <... set_robust_list resumed>) = 0 [pid 5909] rt_sigprocmask(SIG_SETMASK, [], [pid 5911] rt_sigprocmask(SIG_SETMASK, [], [pid 5910] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5909] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5911] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5910] <... futex resumed>) = 0 [pid 5909] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5911] creat("./file1", 000 [pid 5909] <... futex resumed>) = 0 [pid 5910] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5909] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5911] <... creat resumed>) = 5 [pid 5911] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5911] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5909] <... futex resumed>) = 0 [pid 5909] close(3) = 0 [pid 5909] close(4) = 0 [pid 5909] close(5) = 0 [pid 5909] close(6) = -1 EBADF (Bad file descriptor) [pid 5909] close(7) = -1 EBADF (Bad file descriptor) [pid 5909] close(8) = -1 EBADF (Bad file descriptor) [pid 5909] close(9) = -1 EBADF (Bad file descriptor) [pid 5909] close(10) = -1 EBADF (Bad file descriptor) [pid 5909] close(11) = -1 EBADF (Bad file descriptor) [pid 5909] close(12) = -1 EBADF (Bad file descriptor) [pid 5909] close(13) = -1 EBADF (Bad file descriptor) [pid 5909] close(14) = -1 EBADF (Bad file descriptor) [pid 5909] close(15) = -1 EBADF (Bad file descriptor) [pid 5909] close(16) = -1 EBADF (Bad file descriptor) [pid 5909] close(17) = -1 EBADF (Bad file descriptor) [pid 5909] close(18) = -1 EBADF (Bad file descriptor) [pid 5909] close(19) = -1 EBADF (Bad file descriptor) [pid 5909] close(20) = -1 EBADF (Bad file descriptor) [pid 5909] close(21) = -1 EBADF (Bad file descriptor) [pid 5909] close(22) = -1 EBADF (Bad file descriptor) [pid 5909] close(23) = -1 EBADF (Bad file descriptor) [pid 5909] close(24) = -1 EBADF (Bad file descriptor) [pid 5909] close(25) = -1 EBADF (Bad file descriptor) [pid 5909] close(26) = -1 EBADF (Bad file descriptor) [pid 5909] close(27) = -1 EBADF (Bad file descriptor) [pid 5909] close(28) = -1 EBADF (Bad file descriptor) [pid 5909] close(29) = -1 EBADF (Bad file descriptor) [pid 5909] exit_group(0 [pid 5910] <... futex resumed>) = ? [pid 5909] <... exit_group resumed>) = ? [pid 5911] <... futex resumed>) = ? [pid 5910] +++ exited with 0 +++ [pid 5911] +++ exited with 0 +++ [pid 5909] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=839, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./279", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./279", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./279/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./279/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./279/cgroup.cpu") = 0 [pid 5063] umount2("./279/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./279/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./279/binderfs") = 0 [pid 5063] umount2("./279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./279/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./279/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./279/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./279/file0") = 0 [pid 5063] umount2("./279/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./279/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./279/cgroup") = 0 [pid 5063] umount2("./279/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./279/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./279/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./279") = 0 [pid 5063] mkdir("./280", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5912 attached , child_tidptr=0x5555560b8690) = 842 [pid 5912] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5912] chdir("./280") = 0 [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5912] setpgid(0, 0) = 0 [pid 5912] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5912] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5912] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5912] write(3, "1000", 4) = 4 [pid 5912] close(3) = 0 [pid 5912] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5912] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5912] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5912] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5912] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5912] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5912] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5912] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5913 attached [pid 5913] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5912] <... clone3 resumed> => {parent_tid=[843]}, 88) = 843 [pid 5913] <... rseq resumed>) = 0 [pid 5912] rt_sigprocmask(SIG_SETMASK, [], [pid 5913] set_robust_list(0x7eff0a34a9a0, 24 [pid 5912] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5913] <... set_robust_list resumed>) = 0 [pid 5913] rt_sigprocmask(SIG_SETMASK, [], [pid 5912] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5913] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5912] <... futex resumed>) = 0 [pid 5912] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5913] memfd_create("syzkaller", 0) = 3 [pid 5913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5913] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5913] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5913] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5913] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5913] close(3) = 0 [pid 5913] mkdir("./file0", 0777) = 0 [pid 5913] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5913] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5913] chdir("./file0") = 0 [pid 5913] ioctl(4, LOOP_CLR_FD) = 0 [pid 5913] close(4) = 0 [pid 5913] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5913] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5912] <... futex resumed>) = 0 [pid 5912] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5913] <... futex resumed>) = 0 [pid 5912] <... futex resumed>) = 1 [pid 5913] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5912] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5913] <... openat resumed>) = 4 [pid 5913] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5912] <... futex resumed>) = 0 [pid 5913] <... futex resumed>) = 1 [pid 5912] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5913] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5912] <... futex resumed>) = 0 [ 215.995638][ T5913] loop0: detected capacity change from 0 to 4096 [ 216.025327][ T5913] ntfs: volume version 3.1. [pid 5912] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5912] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5912] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5912] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5912] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5912] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5914 attached => {parent_tid=[844]}, 88) = 844 [pid 5914] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5912] rt_sigprocmask(SIG_SETMASK, [], [pid 5914] set_robust_list(0x7eff0a3299a0, 24 [pid 5912] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5914] <... set_robust_list resumed>) = 0 [pid 5912] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5914] rt_sigprocmask(SIG_SETMASK, [], [pid 5912] <... futex resumed>) = 0 [pid 5914] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5912] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5914] creat("./file1", 000) = 5 [pid 5914] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5912] <... futex resumed>) = 0 [pid 5914] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5913] <... write resumed>) = 1048064 [pid 5913] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5913] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5912] close(3) = 0 [pid 5912] close(4) = 0 [pid 5912] close(5) = 0 [pid 5912] close(6) = -1 EBADF (Bad file descriptor) [pid 5912] close(7) = -1 EBADF (Bad file descriptor) [pid 5912] close(8) = -1 EBADF (Bad file descriptor) [pid 5912] close(9) = -1 EBADF (Bad file descriptor) [pid 5912] close(10) = -1 EBADF (Bad file descriptor) [pid 5912] close(11) = -1 EBADF (Bad file descriptor) [pid 5912] close(12) = -1 EBADF (Bad file descriptor) [pid 5912] close(13) = -1 EBADF (Bad file descriptor) [pid 5912] close(14) = -1 EBADF (Bad file descriptor) [pid 5912] close(15) = -1 EBADF (Bad file descriptor) [pid 5912] close(16) = -1 EBADF (Bad file descriptor) [pid 5912] close(17) = -1 EBADF (Bad file descriptor) [pid 5912] close(18) = -1 EBADF (Bad file descriptor) [pid 5912] close(19) = -1 EBADF (Bad file descriptor) [pid 5912] close(20) = -1 EBADF (Bad file descriptor) [pid 5912] close(21) = -1 EBADF (Bad file descriptor) [pid 5912] close(22) = -1 EBADF (Bad file descriptor) [pid 5912] close(23) = -1 EBADF (Bad file descriptor) [pid 5912] close(24) = -1 EBADF (Bad file descriptor) [pid 5912] close(25) = -1 EBADF (Bad file descriptor) [pid 5912] close(26) = -1 EBADF (Bad file descriptor) [pid 5912] close(27) = -1 EBADF (Bad file descriptor) [pid 5912] close(28) = -1 EBADF (Bad file descriptor) [pid 5912] close(29) = -1 EBADF (Bad file descriptor) [pid 5912] exit_group(0 [pid 5914] <... futex resumed>) = ? [pid 5913] <... futex resumed>) = ? [pid 5912] <... exit_group resumed>) = ? [pid 5914] +++ exited with 0 +++ [pid 5913] +++ exited with 0 +++ [pid 5912] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=842, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./280", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./280", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./280/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./280/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./280/cgroup.cpu") = 0 [pid 5063] umount2("./280/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./280/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./280/binderfs") = 0 [pid 5063] umount2("./280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./280/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./280/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./280/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./280/file0") = 0 [pid 5063] umount2("./280/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./280/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./280/cgroup") = 0 [pid 5063] umount2("./280/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./280/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./280/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./280") = 0 [pid 5063] mkdir("./281", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5915 attached , child_tidptr=0x5555560b8690) = 845 [pid 5915] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5915] chdir("./281") = 0 [pid 5915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5915] setpgid(0, 0) = 0 [pid 5915] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5915] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5915] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5915] write(3, "1000", 4) = 4 [pid 5915] close(3) = 0 [pid 5915] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5915] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5915] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5915] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5915] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5915] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5915] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5916 attached => {parent_tid=[846]}, 88) = 846 [pid 5916] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5915] rt_sigprocmask(SIG_SETMASK, [], [pid 5916] set_robust_list(0x7eff0a34a9a0, 24 [pid 5915] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5916] <... set_robust_list resumed>) = 0 [pid 5916] rt_sigprocmask(SIG_SETMASK, [], [pid 5915] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5916] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5915] <... futex resumed>) = 0 [pid 5915] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5916] memfd_create("syzkaller", 0) = 3 [pid 5916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5916] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5916] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5916] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5916] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5916] close(3) = 0 [pid 5916] mkdir("./file0", 0777) = 0 [pid 5916] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5916] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5916] chdir("./file0") = 0 [pid 5916] ioctl(4, LOOP_CLR_FD) = 0 [pid 5916] close(4) = 0 [pid 5916] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5915] <... futex resumed>) = 0 [pid 5915] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5916] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5915] <... futex resumed>) = 0 [pid 5915] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5916] <... openat resumed>) = 4 [pid 5916] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5916] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5915] <... futex resumed>) = 0 [pid 5915] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5916] <... futex resumed>) = 0 [pid 5916] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 216.442999][ T5916] loop0: detected capacity change from 0 to 4096 [ 216.464630][ T5916] ntfs: volume version 3.1. [pid 5915] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5915] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5915] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5915] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5915] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5915] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5917 attached => {parent_tid=[847]}, 88) = 847 [pid 5917] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5915] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5915] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5917] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5917] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5917] creat("./file1", 000 [pid 5915] <... futex resumed>) = 0 [pid 5917] <... creat resumed>) = 5 [pid 5916] <... write resumed>) = 1048064 [pid 5916] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5915] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5917] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5916] <... futex resumed>) = 0 [pid 5915] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5916] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5917] <... futex resumed>) = 0 [pid 5915] close(3 [pid 5917] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5915] <... close resumed>) = 0 [pid 5915] close(4) = 0 [pid 5915] close(5) = 0 [pid 5915] close(6) = -1 EBADF (Bad file descriptor) [pid 5915] close(7) = -1 EBADF (Bad file descriptor) [pid 5915] close(8) = -1 EBADF (Bad file descriptor) [pid 5915] close(9) = -1 EBADF (Bad file descriptor) [pid 5915] close(10) = -1 EBADF (Bad file descriptor) [pid 5915] close(11) = -1 EBADF (Bad file descriptor) [pid 5915] close(12) = -1 EBADF (Bad file descriptor) [pid 5915] close(13) = -1 EBADF (Bad file descriptor) [pid 5915] close(14) = -1 EBADF (Bad file descriptor) [pid 5915] close(15) = -1 EBADF (Bad file descriptor) [pid 5915] close(16) = -1 EBADF (Bad file descriptor) [pid 5915] close(17) = -1 EBADF (Bad file descriptor) [pid 5915] close(18) = -1 EBADF (Bad file descriptor) [pid 5915] close(19) = -1 EBADF (Bad file descriptor) [pid 5915] close(20) = -1 EBADF (Bad file descriptor) [pid 5915] close(21) = -1 EBADF (Bad file descriptor) [pid 5915] close(22) = -1 EBADF (Bad file descriptor) [pid 5915] close(23) = -1 EBADF (Bad file descriptor) [pid 5915] close(24) = -1 EBADF (Bad file descriptor) [pid 5915] close(25) = -1 EBADF (Bad file descriptor) [pid 5915] close(26) = -1 EBADF (Bad file descriptor) [pid 5915] close(27) = -1 EBADF (Bad file descriptor) [pid 5915] close(28) = -1 EBADF (Bad file descriptor) [pid 5915] close(29) = -1 EBADF (Bad file descriptor) [pid 5915] exit_group(0) = ? [pid 5917] <... futex resumed>) = ? [pid 5916] <... futex resumed>) = ? [pid 5917] +++ exited with 0 +++ [pid 5916] +++ exited with 0 +++ [pid 5915] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=845, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] umount2("./281", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./281", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./281/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./281/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./281/cgroup.cpu") = 0 [pid 5063] umount2("./281/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./281/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./281/binderfs") = 0 [pid 5063] umount2("./281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./281/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./281/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./281/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./281/file0") = 0 [pid 5063] umount2("./281/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./281/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./281/cgroup") = 0 [pid 5063] umount2("./281/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./281/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./281/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./281") = 0 [pid 5063] mkdir("./282", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5918 attached [pid 5918] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 848 [pid 5918] chdir("./282") = 0 [pid 5918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5918] setpgid(0, 0) = 0 [pid 5918] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5918] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5918] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5918] write(3, "1000", 4) = 4 [pid 5918] close(3) = 0 [pid 5918] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5918] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5918] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5918] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5918] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5918] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5918] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5918] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5919 attached => {parent_tid=[849]}, 88) = 849 [pid 5919] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5918] rt_sigprocmask(SIG_SETMASK, [], [pid 5919] <... rseq resumed>) = 0 [pid 5918] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5919] set_robust_list(0x7eff0a34a9a0, 24 [pid 5918] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5919] <... set_robust_list resumed>) = 0 [pid 5919] rt_sigprocmask(SIG_SETMASK, [], [pid 5918] <... futex resumed>) = 0 [pid 5919] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5918] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5919] memfd_create("syzkaller", 0) = 3 [pid 5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5919] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5919] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5919] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5919] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5919] close(3) = 0 [pid 5919] mkdir("./file0", 0777) = 0 [pid 5919] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5919] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5919] chdir("./file0") = 0 [pid 5919] ioctl(4, LOOP_CLR_FD) = 0 [pid 5919] close(4) = 0 [pid 5919] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5918] <... futex resumed>) = 0 [pid 5919] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5918] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 216.933243][ T5919] loop0: detected capacity change from 0 to 4096 [ 216.953872][ T5919] ntfs: volume version 3.1. [pid 5918] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5919] <... openat resumed>) = 4 [pid 5919] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5918] <... futex resumed>) = 0 [pid 5919] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5918] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5919] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5918] <... futex resumed>) = 0 [pid 5918] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5919] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5918] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5918] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5918] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5918] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5918] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5918] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5920 attached => {parent_tid=[850]}, 88) = 850 [pid 5920] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5918] rt_sigprocmask(SIG_SETMASK, [], [pid 5920] <... rseq resumed>) = 0 [pid 5918] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5920] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5918] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5920] rt_sigprocmask(SIG_SETMASK, [], [pid 5918] <... futex resumed>) = 0 [pid 5920] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5918] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5920] creat("./file1", 000) = 5 [pid 5919] <... write resumed>) = 1048064 [pid 5920] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5918] <... futex resumed>) = 0 [pid 5920] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5919] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5918] close(3) = 0 [pid 5918] close(4) = 0 [pid 5918] close(5) = 0 [pid 5918] close(6) = -1 EBADF (Bad file descriptor) [pid 5919] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5918] close(7) = -1 EBADF (Bad file descriptor) [pid 5918] close(8) = -1 EBADF (Bad file descriptor) [pid 5918] close(9) = -1 EBADF (Bad file descriptor) [pid 5918] close(10) = -1 EBADF (Bad file descriptor) [pid 5918] close(11) = -1 EBADF (Bad file descriptor) [pid 5918] close(12) = -1 EBADF (Bad file descriptor) [pid 5918] close(13) = -1 EBADF (Bad file descriptor) [pid 5918] close(14) = -1 EBADF (Bad file descriptor) [pid 5918] close(15) = -1 EBADF (Bad file descriptor) [pid 5918] close(16) = -1 EBADF (Bad file descriptor) [pid 5918] close(17) = -1 EBADF (Bad file descriptor) [pid 5918] close(18) = -1 EBADF (Bad file descriptor) [pid 5918] close(19) = -1 EBADF (Bad file descriptor) [pid 5918] close(20) = -1 EBADF (Bad file descriptor) [pid 5918] close(21) = -1 EBADF (Bad file descriptor) [pid 5918] close(22) = -1 EBADF (Bad file descriptor) [pid 5918] close(23) = -1 EBADF (Bad file descriptor) [pid 5918] close(24) = -1 EBADF (Bad file descriptor) [pid 5918] close(25) = -1 EBADF (Bad file descriptor) [pid 5918] close(26) = -1 EBADF (Bad file descriptor) [pid 5918] close(27) = -1 EBADF (Bad file descriptor) [pid 5918] close(28) = -1 EBADF (Bad file descriptor) [pid 5918] close(29) = -1 EBADF (Bad file descriptor) [pid 5918] exit_group(0) = ? [pid 5920] <... futex resumed>) = ? [pid 5919] <... futex resumed>) = ? [pid 5920] +++ exited with 0 +++ [pid 5919] +++ exited with 0 +++ [pid 5918] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=848, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./282", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./282", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./282/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./282/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./282/cgroup.cpu") = 0 [pid 5063] umount2("./282/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./282/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./282/binderfs") = 0 [pid 5063] umount2("./282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./282/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./282/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./282/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./282/file0") = 0 [pid 5063] umount2("./282/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./282/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./282/cgroup") = 0 [pid 5063] umount2("./282/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./282/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./282/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./282") = 0 [pid 5063] mkdir("./283", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5921 attached [pid 5921] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 851 [pid 5921] chdir("./283") = 0 [pid 5921] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5921] setpgid(0, 0) = 0 [pid 5921] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5921] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5921] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5921] write(3, "1000", 4) = 4 [pid 5921] close(3) = 0 [pid 5921] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5921] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5921] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5921] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5921] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5921] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5921] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5921] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5922 attached => {parent_tid=[852]}, 88) = 852 [pid 5922] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5921] rt_sigprocmask(SIG_SETMASK, [], [pid 5922] <... rseq resumed>) = 0 [pid 5921] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5922] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5921] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5922] rt_sigprocmask(SIG_SETMASK, [], [pid 5921] <... futex resumed>) = 0 [pid 5922] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5921] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5922] memfd_create("syzkaller", 0) = 3 [pid 5922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5922] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5922] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5922] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5922] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5922] close(3) = 0 [pid 5922] mkdir("./file0", 0777) = 0 [ 217.444901][ T5922] loop0: detected capacity change from 0 to 4096 [ 217.459631][ T5922] __ntfs_warning: 190 callbacks suppressed [ 217.459639][ T5922] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 217.486435][ T5922] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 217.495957][ T5922] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 217.511950][ T5922] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 217.520684][ T5922] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 217.540662][ T5922] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 217.549421][ T5922] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 217.569994][ T5922] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5922] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5922] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5922] chdir("./file0") = 0 [pid 5922] ioctl(4, LOOP_CLR_FD) = 0 [pid 5922] close(4) = 0 [pid 5922] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5921] <... futex resumed>) = 0 [pid 5922] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5921] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5922] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5921] <... futex resumed>) = 0 [pid 5922] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5921] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5922] <... openat resumed>) = 4 [pid 5922] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5921] <... futex resumed>) = 0 [pid 5921] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5922] <... futex resumed>) = 1 [pid 5921] <... futex resumed>) = 0 [pid 5922] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 217.578804][ T5922] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 217.598763][ T5922] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 217.609295][ T5922] ntfs: volume version 3.1. [pid 5921] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5921] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5921] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5921] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5921] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5921] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5923 attached => {parent_tid=[853]}, 88) = 853 [pid 5921] rt_sigprocmask(SIG_SETMASK, [], [pid 5923] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5923] set_robust_list(0x7eff0a3299a0, 24 [pid 5921] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5923] <... set_robust_list resumed>) = 0 [pid 5921] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5923] rt_sigprocmask(SIG_SETMASK, [], [pid 5921] <... futex resumed>) = 0 [pid 5923] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5921] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5923] creat("./file1", 000) = 5 [pid 5923] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5922] <... write resumed>) = 1048064 [pid 5923] <... futex resumed>) = 1 [pid 5922] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5921] <... futex resumed>) = 0 [pid 5923] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5922] <... futex resumed>) = 0 [pid 5921] close(3 [pid 5922] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5921] <... close resumed>) = 0 [pid 5921] close(4) = 0 [pid 5921] close(5) = 0 [pid 5921] close(6) = -1 EBADF (Bad file descriptor) [pid 5921] close(7) = -1 EBADF (Bad file descriptor) [pid 5921] close(8) = -1 EBADF (Bad file descriptor) [pid 5921] close(9) = -1 EBADF (Bad file descriptor) [pid 5921] close(10) = -1 EBADF (Bad file descriptor) [pid 5921] close(11) = -1 EBADF (Bad file descriptor) [pid 5921] close(12) = -1 EBADF (Bad file descriptor) [pid 5921] close(13) = -1 EBADF (Bad file descriptor) [pid 5921] close(14) = -1 EBADF (Bad file descriptor) [pid 5921] close(15) = -1 EBADF (Bad file descriptor) [pid 5921] close(16) = -1 EBADF (Bad file descriptor) [pid 5921] close(17) = -1 EBADF (Bad file descriptor) [pid 5921] close(18) = -1 EBADF (Bad file descriptor) [pid 5921] close(19) = -1 EBADF (Bad file descriptor) [pid 5921] close(20) = -1 EBADF (Bad file descriptor) [pid 5921] close(21) = -1 EBADF (Bad file descriptor) [pid 5921] close(22) = -1 EBADF (Bad file descriptor) [pid 5921] close(23) = -1 EBADF (Bad file descriptor) [pid 5921] close(24) = -1 EBADF (Bad file descriptor) [pid 5921] close(25) = -1 EBADF (Bad file descriptor) [pid 5921] close(26) = -1 EBADF (Bad file descriptor) [pid 5921] close(27) = -1 EBADF (Bad file descriptor) [pid 5921] close(28) = -1 EBADF (Bad file descriptor) [pid 5921] close(29) = -1 EBADF (Bad file descriptor) [pid 5921] exit_group(0) = ? [pid 5923] <... futex resumed>) = ? [pid 5922] <... futex resumed>) = ? [pid 5923] +++ exited with 0 +++ [pid 5922] +++ exited with 0 +++ [pid 5921] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=851, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5063] umount2("./283", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./283", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./283/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./283/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./283/cgroup.cpu") = 0 [pid 5063] umount2("./283/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./283/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./283/binderfs") = 0 [pid 5063] umount2("./283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./283/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./283/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./283/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./283/file0") = 0 [pid 5063] umount2("./283/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./283/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./283/cgroup") = 0 [pid 5063] umount2("./283/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./283/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./283/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./283") = 0 [pid 5063] mkdir("./284", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5924 attached , child_tidptr=0x5555560b8690) = 854 [pid 5924] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5924] chdir("./284") = 0 [pid 5924] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5924] setpgid(0, 0) = 0 [pid 5924] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5924] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5924] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5924] write(3, "1000", 4) = 4 [pid 5924] close(3) = 0 [pid 5924] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5924] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5924] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5924] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5924] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5924] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5924] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5924] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5925 attached => {parent_tid=[855]}, 88) = 855 [pid 5925] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5924] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5924] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5924] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5925] <... rseq resumed>) = 0 [pid 5925] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5925] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5925] memfd_create("syzkaller", 0) = 3 [pid 5925] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5925] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5925] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5925] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5925] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5925] close(3) = 0 [pid 5925] mkdir("./file0", 0777) = 0 [pid 5925] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5925] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5925] chdir("./file0") = 0 [pid 5925] ioctl(4, LOOP_CLR_FD) = 0 [pid 5925] close(4) = 0 [pid 5925] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5925] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5924] <... futex resumed>) = 0 [pid 5924] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5925] <... futex resumed>) = 0 [pid 5925] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 218.165272][ T5925] loop0: detected capacity change from 0 to 4096 [ 218.191079][ T5925] ntfs: volume version 3.1. [pid 5924] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5925] <... openat resumed>) = 4 [pid 5925] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5925] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5924] <... futex resumed>) = 0 [pid 5924] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5925] <... futex resumed>) = 0 [pid 5924] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5925] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5924] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5924] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5924] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5924] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5924] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5924] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5926 attached => {parent_tid=[856]}, 88) = 856 [pid 5926] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5924] rt_sigprocmask(SIG_SETMASK, [], [pid 5926] <... rseq resumed>) = 0 [pid 5924] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5926] set_robust_list(0x7eff0a3299a0, 24 [pid 5924] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5926] <... set_robust_list resumed>) = 0 [pid 5926] rt_sigprocmask(SIG_SETMASK, [], [pid 5924] <... futex resumed>) = 0 [pid 5926] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5926] creat("./file1", 000 [pid 5924] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5926] <... creat resumed>) = 5 [pid 5925] <... write resumed>) = 1048064 [pid 5926] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5924] <... futex resumed>) = 0 [pid 5926] <... futex resumed>) = 1 [pid 5925] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5926] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5925] <... futex resumed>) = 0 [pid 5925] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5924] close(3) = 0 [pid 5924] close(4) = 0 [pid 5924] close(5) = 0 [pid 5924] close(6) = -1 EBADF (Bad file descriptor) [pid 5924] close(7) = -1 EBADF (Bad file descriptor) [pid 5924] close(8) = -1 EBADF (Bad file descriptor) [pid 5924] close(9) = -1 EBADF (Bad file descriptor) [pid 5924] close(10) = -1 EBADF (Bad file descriptor) [pid 5924] close(11) = -1 EBADF (Bad file descriptor) [pid 5924] close(12) = -1 EBADF (Bad file descriptor) [pid 5924] close(13) = -1 EBADF (Bad file descriptor) [pid 5924] close(14) = -1 EBADF (Bad file descriptor) [pid 5924] close(15) = -1 EBADF (Bad file descriptor) [pid 5924] close(16) = -1 EBADF (Bad file descriptor) [pid 5924] close(17) = -1 EBADF (Bad file descriptor) [pid 5924] close(18) = -1 EBADF (Bad file descriptor) [pid 5924] close(19) = -1 EBADF (Bad file descriptor) [pid 5924] close(20) = -1 EBADF (Bad file descriptor) [pid 5924] close(21) = -1 EBADF (Bad file descriptor) [pid 5924] close(22) = -1 EBADF (Bad file descriptor) [pid 5924] close(23) = -1 EBADF (Bad file descriptor) [pid 5924] close(24) = -1 EBADF (Bad file descriptor) [pid 5924] close(25) = -1 EBADF (Bad file descriptor) [pid 5924] close(26) = -1 EBADF (Bad file descriptor) [pid 5924] close(27) = -1 EBADF (Bad file descriptor) [pid 5924] close(28) = -1 EBADF (Bad file descriptor) [pid 5924] close(29) = -1 EBADF (Bad file descriptor) [pid 5924] exit_group(0 [pid 5925] <... futex resumed>) = ? [pid 5926] <... futex resumed>) = ? [pid 5924] <... exit_group resumed>) = ? [pid 5925] +++ exited with 0 +++ [pid 5926] +++ exited with 0 +++ [pid 5924] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=854, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./284", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./284", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./284/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./284/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./284/cgroup.cpu") = 0 [pid 5063] umount2("./284/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./284/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./284/binderfs") = 0 [pid 5063] umount2("./284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./284/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./284/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./284/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./284/file0") = 0 [pid 5063] umount2("./284/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./284/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./284/cgroup") = 0 [pid 5063] umount2("./284/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./284/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./284/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./284") = 0 [pid 5063] mkdir("./285", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5927 attached [pid 5927] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 857 [pid 5927] <... set_robust_list resumed>) = 0 [pid 5927] chdir("./285") = 0 [pid 5927] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5927] setpgid(0, 0) = 0 [pid 5927] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5927] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5927] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5927] write(3, "1000", 4) = 4 [pid 5927] close(3) = 0 [pid 5927] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5927] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5927] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5927] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5927] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5927] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5927] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5927] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5928 attached => {parent_tid=[858]}, 88) = 858 [pid 5928] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5927] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5927] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5927] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5928] <... rseq resumed>) = 0 [pid 5928] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5928] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5928] memfd_create("syzkaller", 0) = 3 [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5928] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5928] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5928] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5928] close(3) = 0 [pid 5928] mkdir("./file0", 0777) = 0 [pid 5928] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5928] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5928] chdir("./file0") = 0 [pid 5928] ioctl(4, LOOP_CLR_FD) = 0 [pid 5928] close(4) = 0 [pid 5928] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5928] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5927] <... futex resumed>) = 0 [pid 5927] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5927] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5928] <... futex resumed>) = 0 [pid 5928] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5928] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5928] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5927] <... futex resumed>) = 0 [pid 5927] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5928] <... futex resumed>) = 0 [pid 5928] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 218.804536][ T5928] loop0: detected capacity change from 0 to 4096 [ 218.835168][ T5928] ntfs: volume version 3.1. [pid 5927] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5927] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5927] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5927] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5927] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5927] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5930 attached => {parent_tid=[859]}, 88) = 859 [pid 5930] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5927] rt_sigprocmask(SIG_SETMASK, [], [pid 5930] <... rseq resumed>) = 0 [pid 5930] set_robust_list(0x7eff0a3299a0, 24 [pid 5927] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5930] <... set_robust_list resumed>) = 0 [pid 5927] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5930] rt_sigprocmask(SIG_SETMASK, [], [pid 5927] <... futex resumed>) = 0 [pid 5930] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5927] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5930] creat("./file1", 000) = 5 [pid 5928] <... write resumed>) = 1048064 [pid 5930] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5927] <... futex resumed>) = 0 [pid 5930] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5928] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5927] close(3 [pid 5928] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5927] <... close resumed>) = 0 [pid 5927] close(4) = 0 [pid 5927] close(5) = 0 [pid 5927] close(6) = -1 EBADF (Bad file descriptor) [pid 5927] close(7) = -1 EBADF (Bad file descriptor) [pid 5927] close(8) = -1 EBADF (Bad file descriptor) [pid 5927] close(9) = -1 EBADF (Bad file descriptor) [pid 5927] close(10) = -1 EBADF (Bad file descriptor) [pid 5927] close(11) = -1 EBADF (Bad file descriptor) [pid 5927] close(12) = -1 EBADF (Bad file descriptor) [pid 5927] close(13) = -1 EBADF (Bad file descriptor) [pid 5927] close(14) = -1 EBADF (Bad file descriptor) [pid 5927] close(15) = -1 EBADF (Bad file descriptor) [pid 5927] close(16) = -1 EBADF (Bad file descriptor) [pid 5927] close(17) = -1 EBADF (Bad file descriptor) [pid 5927] close(18) = -1 EBADF (Bad file descriptor) [pid 5927] close(19) = -1 EBADF (Bad file descriptor) [pid 5927] close(20) = -1 EBADF (Bad file descriptor) [pid 5927] close(21) = -1 EBADF (Bad file descriptor) [pid 5927] close(22) = -1 EBADF (Bad file descriptor) [pid 5927] close(23) = -1 EBADF (Bad file descriptor) [pid 5927] close(24) = -1 EBADF (Bad file descriptor) [pid 5927] close(25) = -1 EBADF (Bad file descriptor) [pid 5927] close(26) = -1 EBADF (Bad file descriptor) [pid 5927] close(27) = -1 EBADF (Bad file descriptor) [pid 5927] close(28) = -1 EBADF (Bad file descriptor) [pid 5927] close(29) = -1 EBADF (Bad file descriptor) [pid 5927] exit_group(0) = ? [pid 5930] <... futex resumed>) = ? [pid 5928] <... futex resumed>) = ? [pid 5930] +++ exited with 0 +++ [pid 5928] +++ exited with 0 +++ [pid 5927] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=857, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./285", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./285", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./285/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./285/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./285/cgroup.cpu") = 0 [pid 5063] umount2("./285/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./285/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./285/binderfs") = 0 [pid 5063] umount2("./285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./285/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./285/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./285/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./285/file0") = 0 [pid 5063] umount2("./285/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./285/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./285/cgroup") = 0 [pid 5063] umount2("./285/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./285/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./285/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./285") = 0 [pid 5063] mkdir("./286", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5932 attached [pid 5932] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 860 [pid 5932] <... set_robust_list resumed>) = 0 [pid 5932] chdir("./286") = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5932] setpgid(0, 0) = 0 [pid 5932] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5932] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5932] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5932] write(3, "1000", 4) = 4 [pid 5932] close(3) = 0 [pid 5932] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5932] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5932] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5932] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5932] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5932] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5932] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5932] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5933 attached [pid 5933] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5933] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5932] <... clone3 resumed> => {parent_tid=[861]}, 88) = 861 [pid 5933] rt_sigprocmask(SIG_SETMASK, [], [pid 5932] rt_sigprocmask(SIG_SETMASK, [], [pid 5933] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5932] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5933] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5932] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5933] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5932] <... futex resumed>) = 0 [pid 5932] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5933] memfd_create("syzkaller", 0) = 3 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5933] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5933] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5933] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5933] close(3) = 0 [pid 5933] mkdir("./file0", 0777) = 0 [pid 5933] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5933] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5933] chdir("./file0") = 0 [pid 5933] ioctl(4, LOOP_CLR_FD) = 0 [pid 5933] close(4) = 0 [ 219.414391][ T5933] loop0: detected capacity change from 0 to 4096 [ 219.439441][ T5933] ntfs: volume version 3.1. [pid 5933] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5932] <... futex resumed>) = 0 [pid 5933] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5932] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5932] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5933] <... openat resumed>) = 4 [pid 5933] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5932] <... futex resumed>) = 0 [pid 5932] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5933] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5932] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5932] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5932] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5932] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5932] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5932] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5934 attached [pid 5934] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5932] <... clone3 resumed> => {parent_tid=[862]}, 88) = 862 [pid 5934] set_robust_list(0x7eff0a3299a0, 24 [pid 5932] rt_sigprocmask(SIG_SETMASK, [], [pid 5934] <... set_robust_list resumed>) = 0 [pid 5932] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5932] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5934] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5934] creat("./file1", 000 [pid 5932] <... futex resumed>) = 0 [pid 5932] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5934] <... creat resumed>) = 5 [pid 5934] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5933] <... write resumed>) = 1048064 [pid 5933] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5933] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5934] <... futex resumed>) = 1 [pid 5932] <... futex resumed>) = 0 [pid 5932] close(3) = 0 [pid 5932] close(4 [pid 5934] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5932] <... close resumed>) = 0 [pid 5932] close(5) = 0 [pid 5932] close(6) = -1 EBADF (Bad file descriptor) [pid 5932] close(7) = -1 EBADF (Bad file descriptor) [pid 5932] close(8) = -1 EBADF (Bad file descriptor) [pid 5932] close(9) = -1 EBADF (Bad file descriptor) [pid 5932] close(10) = -1 EBADF (Bad file descriptor) [pid 5932] close(11) = -1 EBADF (Bad file descriptor) [pid 5932] close(12) = -1 EBADF (Bad file descriptor) [pid 5932] close(13) = -1 EBADF (Bad file descriptor) [pid 5932] close(14) = -1 EBADF (Bad file descriptor) [pid 5932] close(15) = -1 EBADF (Bad file descriptor) [pid 5932] close(16) = -1 EBADF (Bad file descriptor) [pid 5932] close(17) = -1 EBADF (Bad file descriptor) [pid 5932] close(18) = -1 EBADF (Bad file descriptor) [pid 5932] close(19) = -1 EBADF (Bad file descriptor) [pid 5932] close(20) = -1 EBADF (Bad file descriptor) [pid 5932] close(21) = -1 EBADF (Bad file descriptor) [pid 5932] close(22) = -1 EBADF (Bad file descriptor) [pid 5932] close(23) = -1 EBADF (Bad file descriptor) [pid 5932] close(24) = -1 EBADF (Bad file descriptor) [pid 5932] close(25) = -1 EBADF (Bad file descriptor) [pid 5932] close(26) = -1 EBADF (Bad file descriptor) [pid 5932] close(27) = -1 EBADF (Bad file descriptor) [pid 5932] close(28) = -1 EBADF (Bad file descriptor) [pid 5932] close(29) = -1 EBADF (Bad file descriptor) [pid 5932] exit_group(0) = ? [pid 5933] <... futex resumed>) = ? [pid 5934] <... futex resumed>) = ? [pid 5933] +++ exited with 0 +++ [pid 5934] +++ exited with 0 +++ [pid 5932] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=860, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./286", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./286", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./286/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./286/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./286/cgroup.cpu") = 0 [pid 5063] umount2("./286/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./286/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./286/binderfs") = 0 [pid 5063] umount2("./286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./286/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./286/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./286/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./286/file0") = 0 [pid 5063] umount2("./286/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./286/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./286/cgroup") = 0 [pid 5063] umount2("./286/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./286/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./286/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./286") = 0 [pid 5063] mkdir("./287", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5935 attached [pid 5935] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 863 [pid 5935] <... set_robust_list resumed>) = 0 [pid 5935] chdir("./287") = 0 [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5935] setpgid(0, 0) = 0 [pid 5935] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5935] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5935] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5935] write(3, "1000", 4) = 4 [pid 5935] close(3) = 0 [pid 5935] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5935] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5935] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5935] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5935] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5935] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5935] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5935] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5936 attached => {parent_tid=[864]}, 88) = 864 [pid 5936] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5935] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5935] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5936] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5935] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5936] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5936] memfd_create("syzkaller", 0) = 3 [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5936] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5936] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5936] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5936] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5936] close(3) = 0 [pid 5936] mkdir("./file0", 0777) = 0 [pid 5936] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5936] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5936] chdir("./file0") = 0 [pid 5936] ioctl(4, LOOP_CLR_FD) = 0 [pid 5936] close(4) = 0 [ 219.967954][ T5936] loop0: detected capacity change from 0 to 4096 [ 219.994084][ T5936] ntfs: volume version 3.1. [pid 5936] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5935] <... futex resumed>) = 0 [pid 5935] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5935] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5936] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5936] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5935] <... futex resumed>) = 0 [pid 5936] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5935] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5936] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5935] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5936] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5935] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5935] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5935] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5935] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5935] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5935] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5938 attached [pid 5938] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5935] <... clone3 resumed> => {parent_tid=[865]}, 88) = 865 [pid 5938] <... rseq resumed>) = 0 [pid 5935] rt_sigprocmask(SIG_SETMASK, [], [pid 5938] set_robust_list(0x7eff0a3299a0, 24 [pid 5935] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5938] <... set_robust_list resumed>) = 0 [pid 5935] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5938] rt_sigprocmask(SIG_SETMASK, [], [pid 5935] <... futex resumed>) = 0 [pid 5938] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5935] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5938] creat("./file1", 000) = 5 [pid 5936] <... write resumed>) = 1048064 [pid 5938] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5936] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5938] <... futex resumed>) = 1 [pid 5936] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5935] <... futex resumed>) = 0 [pid 5938] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5935] close(3) = 0 [pid 5935] close(4) = 0 [pid 5935] close(5) = 0 [pid 5935] close(6) = -1 EBADF (Bad file descriptor) [pid 5935] close(7) = -1 EBADF (Bad file descriptor) [pid 5935] close(8) = -1 EBADF (Bad file descriptor) [pid 5935] close(9) = -1 EBADF (Bad file descriptor) [pid 5935] close(10) = -1 EBADF (Bad file descriptor) [pid 5935] close(11) = -1 EBADF (Bad file descriptor) [pid 5935] close(12) = -1 EBADF (Bad file descriptor) [pid 5935] close(13) = -1 EBADF (Bad file descriptor) [pid 5935] close(14) = -1 EBADF (Bad file descriptor) [pid 5935] close(15) = -1 EBADF (Bad file descriptor) [pid 5935] close(16) = -1 EBADF (Bad file descriptor) [pid 5935] close(17) = -1 EBADF (Bad file descriptor) [pid 5935] close(18) = -1 EBADF (Bad file descriptor) [pid 5935] close(19) = -1 EBADF (Bad file descriptor) [pid 5935] close(20) = -1 EBADF (Bad file descriptor) [pid 5935] close(21) = -1 EBADF (Bad file descriptor) [pid 5935] close(22) = -1 EBADF (Bad file descriptor) [pid 5935] close(23) = -1 EBADF (Bad file descriptor) [pid 5935] close(24) = -1 EBADF (Bad file descriptor) [pid 5935] close(25) = -1 EBADF (Bad file descriptor) [pid 5935] close(26) = -1 EBADF (Bad file descriptor) [pid 5935] close(27) = -1 EBADF (Bad file descriptor) [pid 5935] close(28) = -1 EBADF (Bad file descriptor) [pid 5935] close(29) = -1 EBADF (Bad file descriptor) [pid 5935] exit_group(0) = ? [pid 5936] <... futex resumed>) = ? [pid 5938] <... futex resumed>) = ? [pid 5936] +++ exited with 0 +++ [pid 5938] +++ exited with 0 +++ [pid 5935] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=863, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./287", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./287", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./287/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./287/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./287/cgroup.cpu") = 0 [pid 5063] umount2("./287/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./287/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./287/binderfs") = 0 [pid 5063] umount2("./287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./287/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./287/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./287/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./287/file0") = 0 [pid 5063] umount2("./287/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./287/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./287/cgroup") = 0 [pid 5063] umount2("./287/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./287/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./287/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./287") = 0 [pid 5063] mkdir("./288", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5939 attached [pid 5939] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 866 [pid 5939] <... set_robust_list resumed>) = 0 [pid 5939] chdir("./288") = 0 [pid 5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5939] setpgid(0, 0) = 0 [pid 5939] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5939] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5939] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5939] write(3, "1000", 4) = 4 [pid 5939] close(3) = 0 [pid 5939] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5939] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5939] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5939] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5939] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5939] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5939] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5939] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5940 attached => {parent_tid=[867]}, 88) = 867 [pid 5940] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5939] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5939] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5939] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5940] <... rseq resumed>) = 0 [pid 5940] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5940] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5940] memfd_create("syzkaller", 0) = 3 [pid 5940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5940] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5940] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5940] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5940] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5940] close(3) = 0 [pid 5940] mkdir("./file0", 0777) = 0 [pid 5940] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5940] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5940] chdir("./file0") = 0 [pid 5940] ioctl(4, LOOP_CLR_FD) = 0 [ 220.574292][ T5940] loop0: detected capacity change from 0 to 4096 [ 220.593349][ T5940] ntfs: volume version 3.1. [pid 5940] close(4) = 0 [pid 5940] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5940] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5939] <... futex resumed>) = 0 [pid 5939] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5939] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5940] <... futex resumed>) = 0 [pid 5940] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5940] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5939] <... futex resumed>) = 0 [pid 5940] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5939] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5940] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5939] <... futex resumed>) = 0 [pid 5940] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5939] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5939] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5939] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5939] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5939] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5939] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5942 attached [pid 5942] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5939] <... clone3 resumed> => {parent_tid=[868]}, 88) = 868 [pid 5942] set_robust_list(0x7eff0a3299a0, 24 [pid 5939] rt_sigprocmask(SIG_SETMASK, [], [pid 5942] <... set_robust_list resumed>) = 0 [pid 5942] rt_sigprocmask(SIG_SETMASK, [], [pid 5939] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5942] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5939] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5942] creat("./file1", 000 [pid 5939] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5942] <... creat resumed>) = 5 [pid 5940] <... write resumed>) = 1048064 [pid 5942] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5940] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5942] <... futex resumed>) = 1 [pid 5939] <... futex resumed>) = 0 [pid 5942] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5940] <... futex resumed>) = 0 [pid 5939] close(3 [pid 5940] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5939] <... close resumed>) = 0 [pid 5939] close(4) = 0 [pid 5939] close(5) = 0 [pid 5939] close(6) = -1 EBADF (Bad file descriptor) [pid 5939] close(7) = -1 EBADF (Bad file descriptor) [pid 5939] close(8) = -1 EBADF (Bad file descriptor) [pid 5939] close(9) = -1 EBADF (Bad file descriptor) [pid 5939] close(10) = -1 EBADF (Bad file descriptor) [pid 5939] close(11) = -1 EBADF (Bad file descriptor) [pid 5939] close(12) = -1 EBADF (Bad file descriptor) [pid 5939] close(13) = -1 EBADF (Bad file descriptor) [pid 5939] close(14) = -1 EBADF (Bad file descriptor) [pid 5939] close(15) = -1 EBADF (Bad file descriptor) [pid 5939] close(16) = -1 EBADF (Bad file descriptor) [pid 5939] close(17) = -1 EBADF (Bad file descriptor) [pid 5939] close(18) = -1 EBADF (Bad file descriptor) [pid 5939] close(19) = -1 EBADF (Bad file descriptor) [pid 5939] close(20) = -1 EBADF (Bad file descriptor) [pid 5939] close(21) = -1 EBADF (Bad file descriptor) [pid 5939] close(22) = -1 EBADF (Bad file descriptor) [pid 5939] close(23) = -1 EBADF (Bad file descriptor) [pid 5939] close(24) = -1 EBADF (Bad file descriptor) [pid 5939] close(25) = -1 EBADF (Bad file descriptor) [pid 5939] close(26) = -1 EBADF (Bad file descriptor) [pid 5939] close(27) = -1 EBADF (Bad file descriptor) [pid 5939] close(28) = -1 EBADF (Bad file descriptor) [pid 5939] close(29) = -1 EBADF (Bad file descriptor) [pid 5939] exit_group(0) = ? [pid 5940] <... futex resumed>) = ? [pid 5942] <... futex resumed>) = ? [pid 5940] +++ exited with 0 +++ [pid 5942] +++ exited with 0 +++ [pid 5939] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=866, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./288", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./288", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./288/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./288/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./288/cgroup.cpu") = 0 [pid 5063] umount2("./288/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./288/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./288/binderfs") = 0 [pid 5063] umount2("./288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./288/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./288/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./288/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./288/file0") = 0 [pid 5063] umount2("./288/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./288/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./288/cgroup") = 0 [pid 5063] umount2("./288/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./288/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./288/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./288") = 0 [pid 5063] mkdir("./289", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5943 attached , child_tidptr=0x5555560b8690) = 869 [pid 5943] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5943] chdir("./289") = 0 [pid 5943] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5943] setpgid(0, 0) = 0 [pid 5943] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5943] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5943] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5943] write(3, "1000", 4) = 4 [pid 5943] close(3) = 0 [pid 5943] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5943] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5943] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5943] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5943] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5943] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5943] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5943] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5944 attached => {parent_tid=[870]}, 88) = 870 [pid 5944] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5943] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5943] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5944] <... rseq resumed>) = 0 [pid 5944] set_robust_list(0x7eff0a34a9a0, 24 [pid 5943] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5944] <... set_robust_list resumed>) = 0 [pid 5944] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5944] memfd_create("syzkaller", 0) = 3 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5944] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5944] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5944] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5944] close(3) = 0 [pid 5944] mkdir("./file0", 0777) = 0 [pid 5944] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5944] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5944] chdir("./file0") = 0 [pid 5944] ioctl(4, LOOP_CLR_FD) = 0 [pid 5944] close(4) = 0 [pid 5944] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5943] <... futex resumed>) = 0 [pid 5944] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5943] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5944] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5943] <... futex resumed>) = 0 [pid 5944] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 221.214398][ T5944] loop0: detected capacity change from 0 to 4096 [ 221.246454][ T5944] ntfs: volume version 3.1. [pid 5943] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5944] <... openat resumed>) = 4 [pid 5944] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5943] <... futex resumed>) = 0 [pid 5944] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5943] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5944] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5943] <... futex resumed>) = 0 [pid 5943] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5943] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5943] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5943] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5943] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5943] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5947 attached [pid 5947] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5943] <... clone3 resumed> => {parent_tid=[871]}, 88) = 871 [pid 5943] rt_sigprocmask(SIG_SETMASK, [], [pid 5947] <... rseq resumed>) = 0 [pid 5943] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5947] set_robust_list(0x7eff0a3299a0, 24 [pid 5943] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5947] <... set_robust_list resumed>) = 0 [pid 5943] <... futex resumed>) = 0 [pid 5947] rt_sigprocmask(SIG_SETMASK, [], [pid 5943] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5947] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5947] creat("./file1", 000) = 5 [pid 5947] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5943] <... futex resumed>) = 0 [pid 5947] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5944] <... write resumed>) = 1048064 [pid 5944] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5944] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5943] close(3) = 0 [pid 5943] close(4) = 0 [pid 5943] close(5) = 0 [pid 5943] close(6) = -1 EBADF (Bad file descriptor) [pid 5943] close(7) = -1 EBADF (Bad file descriptor) [pid 5943] close(8) = -1 EBADF (Bad file descriptor) [pid 5943] close(9) = -1 EBADF (Bad file descriptor) [pid 5943] close(10) = -1 EBADF (Bad file descriptor) [pid 5943] close(11) = -1 EBADF (Bad file descriptor) [pid 5943] close(12) = -1 EBADF (Bad file descriptor) [pid 5943] close(13) = -1 EBADF (Bad file descriptor) [pid 5943] close(14) = -1 EBADF (Bad file descriptor) [pid 5943] close(15) = -1 EBADF (Bad file descriptor) [pid 5943] close(16) = -1 EBADF (Bad file descriptor) [pid 5943] close(17) = -1 EBADF (Bad file descriptor) [pid 5943] close(18) = -1 EBADF (Bad file descriptor) [pid 5943] close(19) = -1 EBADF (Bad file descriptor) [pid 5943] close(20) = -1 EBADF (Bad file descriptor) [pid 5943] close(21) = -1 EBADF (Bad file descriptor) [pid 5943] close(22) = -1 EBADF (Bad file descriptor) [pid 5943] close(23) = -1 EBADF (Bad file descriptor) [pid 5943] close(24) = -1 EBADF (Bad file descriptor) [pid 5943] close(25) = -1 EBADF (Bad file descriptor) [pid 5943] close(26) = -1 EBADF (Bad file descriptor) [pid 5943] close(27) = -1 EBADF (Bad file descriptor) [pid 5943] close(28) = -1 EBADF (Bad file descriptor) [pid 5943] close(29) = -1 EBADF (Bad file descriptor) [pid 5943] exit_group(0) = ? [pid 5947] <... futex resumed>) = ? [pid 5944] <... futex resumed>) = ? [pid 5947] +++ exited with 0 +++ [pid 5944] +++ exited with 0 +++ [pid 5943] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=869, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./289", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./289", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./289/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./289/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./289/cgroup.cpu") = 0 [pid 5063] umount2("./289/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./289/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./289/binderfs") = 0 [pid 5063] umount2("./289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./289/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./289/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./289/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./289/file0") = 0 [pid 5063] umount2("./289/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./289/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./289/cgroup") = 0 [pid 5063] umount2("./289/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./289/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./289/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./289") = 0 [pid 5063] mkdir("./290", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5948 attached , child_tidptr=0x5555560b8690) = 872 [pid 5948] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5948] chdir("./290") = 0 [pid 5948] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5948] setpgid(0, 0) = 0 [pid 5948] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5948] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5948] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5948] write(3, "1000", 4) = 4 [pid 5948] close(3) = 0 [pid 5948] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5948] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5948] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5948] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5948] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5948] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5948] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5949 attached => {parent_tid=[873]}, 88) = 873 [pid 5949] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5948] rt_sigprocmask(SIG_SETMASK, [], [pid 5949] <... rseq resumed>) = 0 [pid 5948] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5949] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5948] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5949] rt_sigprocmask(SIG_SETMASK, [], [pid 5948] <... futex resumed>) = 0 [pid 5949] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5948] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5949] memfd_create("syzkaller", 0) = 3 [pid 5949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5949] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5949] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5949] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5949] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5949] close(3) = 0 [pid 5949] mkdir("./file0", 0777) = 0 [pid 5949] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5949] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5949] chdir("./file0") = 0 [pid 5949] ioctl(4, LOOP_CLR_FD) = 0 [pid 5949] close(4) = 0 [pid 5949] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5948] <... futex resumed>) = 0 [pid 5949] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5948] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5948] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5949] <... futex resumed>) = 0 [pid 5949] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5949] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5948] <... futex resumed>) = 0 [pid 5949] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5948] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 221.790387][ T5949] loop0: detected capacity change from 0 to 4096 [ 221.811521][ T5949] ntfs: volume version 3.1. [pid 5948] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5948] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 5948] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5948] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5948] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5948] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5948] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5950 attached => {parent_tid=[874]}, 88) = 874 [pid 5950] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5948] rt_sigprocmask(SIG_SETMASK, [], [pid 5950] <... rseq resumed>) = 0 [pid 5948] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5950] set_robust_list(0x7eff0a3299a0, 24 [pid 5948] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5950] <... set_robust_list resumed>) = 0 [pid 5948] <... futex resumed>) = 0 [pid 5950] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5948] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5950] creat("./file1", 000) = 5 [pid 5949] <... write resumed>) = 1048064 [pid 5950] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5950] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5948] <... futex resumed>) = 0 [pid 5949] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5949] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5948] close(3) = 0 [pid 5948] close(4) = 0 [pid 5948] close(5) = 0 [pid 5948] close(6) = -1 EBADF (Bad file descriptor) [pid 5948] close(7) = -1 EBADF (Bad file descriptor) [pid 5948] close(8) = -1 EBADF (Bad file descriptor) [pid 5948] close(9) = -1 EBADF (Bad file descriptor) [pid 5948] close(10) = -1 EBADF (Bad file descriptor) [pid 5948] close(11) = -1 EBADF (Bad file descriptor) [pid 5948] close(12) = -1 EBADF (Bad file descriptor) [pid 5948] close(13) = -1 EBADF (Bad file descriptor) [pid 5948] close(14) = -1 EBADF (Bad file descriptor) [pid 5948] close(15) = -1 EBADF (Bad file descriptor) [pid 5948] close(16) = -1 EBADF (Bad file descriptor) [pid 5948] close(17) = -1 EBADF (Bad file descriptor) [pid 5948] close(18) = -1 EBADF (Bad file descriptor) [pid 5948] close(19) = -1 EBADF (Bad file descriptor) [pid 5948] close(20) = -1 EBADF (Bad file descriptor) [pid 5948] close(21) = -1 EBADF (Bad file descriptor) [pid 5948] close(22) = -1 EBADF (Bad file descriptor) [pid 5948] close(23) = -1 EBADF (Bad file descriptor) [pid 5948] close(24) = -1 EBADF (Bad file descriptor) [pid 5948] close(25) = -1 EBADF (Bad file descriptor) [pid 5948] close(26) = -1 EBADF (Bad file descriptor) [pid 5948] close(27) = -1 EBADF (Bad file descriptor) [pid 5948] close(28) = -1 EBADF (Bad file descriptor) [pid 5948] close(29) = -1 EBADF (Bad file descriptor) [pid 5948] exit_group(0 [pid 5949] <... futex resumed>) = ? [pid 5950] <... futex resumed>) = ? [pid 5948] <... exit_group resumed>) = ? [pid 5949] +++ exited with 0 +++ [pid 5950] +++ exited with 0 +++ [pid 5948] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=872, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./290", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./290", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./290/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./290/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./290/cgroup.cpu") = 0 [pid 5063] umount2("./290/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./290/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./290/binderfs") = 0 [pid 5063] umount2("./290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./290/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./290/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./290/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./290/file0") = 0 [pid 5063] umount2("./290/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./290/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./290/cgroup") = 0 [pid 5063] umount2("./290/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./290/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./290/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./290") = 0 [pid 5063] mkdir("./291", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5951 attached , child_tidptr=0x5555560b8690) = 875 [pid 5951] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5951] chdir("./291") = 0 [pid 5951] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5951] setpgid(0, 0) = 0 [pid 5951] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5951] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5951] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5951] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5951] write(3, "1000", 4) = 4 [pid 5951] close(3) = 0 [pid 5951] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5951] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5951] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5951] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5951] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5951] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5951] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5951] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5952 attached [pid 5952] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5951] <... clone3 resumed> => {parent_tid=[876]}, 88) = 876 [pid 5952] <... rseq resumed>) = 0 [pid 5951] rt_sigprocmask(SIG_SETMASK, [], [pid 5952] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5951] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5952] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5951] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5951] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5952] memfd_create("syzkaller", 0) = 3 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5952] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5952] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5952] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5952] close(3) = 0 [pid 5952] mkdir("./file0", 0777) = 0 [pid 5952] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5952] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5952] chdir("./file0") = 0 [pid 5952] ioctl(4, LOOP_CLR_FD) = 0 [pid 5952] close(4) = 0 [pid 5952] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5951] <... futex resumed>) = 0 [pid 5952] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5951] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5951] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5952] <... futex resumed>) = 0 [pid 5952] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5952] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5951] <... futex resumed>) = 0 [pid 5951] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5952] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5951] <... futex resumed>) = 0 [ 222.380409][ T5952] loop0: detected capacity change from 0 to 4096 [ 222.410502][ T5952] ntfs: volume version 3.1. [pid 5951] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5951] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5951] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5951] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5951] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5951] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5953 attached [pid 5953] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5951] <... clone3 resumed> => {parent_tid=[877]}, 88) = 877 [pid 5953] <... rseq resumed>) = 0 [pid 5951] rt_sigprocmask(SIG_SETMASK, [], [pid 5953] set_robust_list(0x7eff0a3299a0, 24 [pid 5951] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5953] <... set_robust_list resumed>) = 0 [pid 5951] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5953] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5951] <... futex resumed>) = 0 [pid 5953] creat("./file1", 000 [pid 5951] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5953] <... creat resumed>) = 5 [pid 5952] <... write resumed>) = 1048064 [pid 5953] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5952] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5952] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5953] <... futex resumed>) = 1 [pid 5951] <... futex resumed>) = 0 [pid 5953] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5951] close(3) = 0 [pid 5951] close(4) = 0 [pid 5951] close(5) = 0 [pid 5951] close(6) = -1 EBADF (Bad file descriptor) [pid 5951] close(7) = -1 EBADF (Bad file descriptor) [pid 5951] close(8) = -1 EBADF (Bad file descriptor) [pid 5951] close(9) = -1 EBADF (Bad file descriptor) [pid 5951] close(10) = -1 EBADF (Bad file descriptor) [pid 5951] close(11) = -1 EBADF (Bad file descriptor) [pid 5951] close(12) = -1 EBADF (Bad file descriptor) [pid 5951] close(13) = -1 EBADF (Bad file descriptor) [pid 5951] close(14) = -1 EBADF (Bad file descriptor) [pid 5951] close(15) = -1 EBADF (Bad file descriptor) [pid 5951] close(16) = -1 EBADF (Bad file descriptor) [pid 5951] close(17) = -1 EBADF (Bad file descriptor) [pid 5951] close(18) = -1 EBADF (Bad file descriptor) [pid 5951] close(19) = -1 EBADF (Bad file descriptor) [pid 5951] close(20) = -1 EBADF (Bad file descriptor) [pid 5951] close(21) = -1 EBADF (Bad file descriptor) [pid 5951] close(22) = -1 EBADF (Bad file descriptor) [pid 5951] close(23) = -1 EBADF (Bad file descriptor) [pid 5951] close(24) = -1 EBADF (Bad file descriptor) [pid 5951] close(25) = -1 EBADF (Bad file descriptor) [pid 5951] close(26) = -1 EBADF (Bad file descriptor) [pid 5951] close(27) = -1 EBADF (Bad file descriptor) [pid 5951] close(28) = -1 EBADF (Bad file descriptor) [pid 5951] close(29) = -1 EBADF (Bad file descriptor) [pid 5951] exit_group(0) = ? [pid 5953] <... futex resumed>) = ? [pid 5952] <... futex resumed>) = ? [pid 5953] +++ exited with 0 +++ [pid 5952] +++ exited with 0 +++ [pid 5951] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=875, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./291", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./291", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./291/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./291/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./291/cgroup.cpu") = 0 [pid 5063] umount2("./291/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./291/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./291/binderfs") = 0 [pid 5063] umount2("./291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./291/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./291/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./291/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./291/file0") = 0 [pid 5063] umount2("./291/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./291/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./291/cgroup") = 0 [pid 5063] umount2("./291/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./291/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./291/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./291") = 0 [pid 5063] mkdir("./292", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5954 attached , child_tidptr=0x5555560b8690) = 878 [pid 5954] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5954] chdir("./292") = 0 [pid 5954] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5954] setpgid(0, 0) = 0 [pid 5954] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5954] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5954] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5954] write(3, "1000", 4) = 4 [pid 5954] close(3) = 0 [pid 5954] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5954] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5954] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5954] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5954] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5954] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5954] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5954] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5955 attached [pid 5955] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5954] <... clone3 resumed> => {parent_tid=[879]}, 88) = 879 [pid 5955] set_robust_list(0x7eff0a34a9a0, 24 [pid 5954] rt_sigprocmask(SIG_SETMASK, [], [pid 5955] <... set_robust_list resumed>) = 0 [pid 5954] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5955] rt_sigprocmask(SIG_SETMASK, [], [pid 5954] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5955] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5954] <... futex resumed>) = 0 [pid 5954] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5955] memfd_create("syzkaller", 0) = 3 [pid 5955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5955] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5955] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5955] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5955] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5955] close(3) = 0 [pid 5955] mkdir("./file0", 0777) = 0 [ 222.927216][ T5955] loop0: detected capacity change from 0 to 4096 [ 222.951955][ T5955] __ntfs_warning: 170 callbacks suppressed [ 222.952020][ T5955] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 222.978629][ T5955] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 222.988141][ T5955] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 223.004103][ T5955] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 223.012929][ T5955] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 223.032851][ T5955] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 223.041582][ T5955] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 223.061747][ T5955] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5955] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5955] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5955] chdir("./file0") = 0 [pid 5955] ioctl(4, LOOP_CLR_FD) = 0 [pid 5955] close(4) = 0 [pid 5955] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5954] <... futex resumed>) = 0 [pid 5954] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5955] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5954] <... futex resumed>) = 0 [pid 5954] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5955] <... openat resumed>) = 4 [pid 5955] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5954] <... futex resumed>) = 0 [pid 5954] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5954] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 223.070601][ T5955] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 223.090556][ T5955] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 223.100969][ T5955] ntfs: volume version 3.1. [pid 5955] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5954] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5954] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5954] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5954] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5954] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5954] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5956 attached [pid 5956] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5954] <... clone3 resumed> => {parent_tid=[880]}, 88) = 880 [pid 5956] <... rseq resumed>) = 0 [pid 5956] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5954] rt_sigprocmask(SIG_SETMASK, [], [pid 5956] rt_sigprocmask(SIG_SETMASK, [], [pid 5954] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5956] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5954] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5954] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5956] creat("./file1", 000) = 5 [pid 5955] <... write resumed>) = 1048064 [pid 5956] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5955] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5956] <... futex resumed>) = 1 [pid 5955] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5954] <... futex resumed>) = 0 [pid 5956] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5954] close(3) = 0 [pid 5954] close(4) = 0 [pid 5954] close(5) = 0 [pid 5954] close(6) = -1 EBADF (Bad file descriptor) [pid 5954] close(7) = -1 EBADF (Bad file descriptor) [pid 5954] close(8) = -1 EBADF (Bad file descriptor) [pid 5954] close(9) = -1 EBADF (Bad file descriptor) [pid 5954] close(10) = -1 EBADF (Bad file descriptor) [pid 5954] close(11) = -1 EBADF (Bad file descriptor) [pid 5954] close(12) = -1 EBADF (Bad file descriptor) [pid 5954] close(13) = -1 EBADF (Bad file descriptor) [pid 5954] close(14) = -1 EBADF (Bad file descriptor) [pid 5954] close(15) = -1 EBADF (Bad file descriptor) [pid 5954] close(16) = -1 EBADF (Bad file descriptor) [pid 5954] close(17) = -1 EBADF (Bad file descriptor) [pid 5954] close(18) = -1 EBADF (Bad file descriptor) [pid 5954] close(19) = -1 EBADF (Bad file descriptor) [pid 5954] close(20) = -1 EBADF (Bad file descriptor) [pid 5954] close(21) = -1 EBADF (Bad file descriptor) [pid 5954] close(22) = -1 EBADF (Bad file descriptor) [pid 5954] close(23) = -1 EBADF (Bad file descriptor) [pid 5954] close(24) = -1 EBADF (Bad file descriptor) [pid 5954] close(25) = -1 EBADF (Bad file descriptor) [pid 5954] close(26) = -1 EBADF (Bad file descriptor) [pid 5954] close(27) = -1 EBADF (Bad file descriptor) [pid 5954] close(28) = -1 EBADF (Bad file descriptor) [pid 5954] close(29) = -1 EBADF (Bad file descriptor) [pid 5954] exit_group(0) = ? [pid 5956] <... futex resumed>) = ? [pid 5955] <... futex resumed>) = ? [pid 5956] +++ exited with 0 +++ [pid 5955] +++ exited with 0 +++ [pid 5954] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=878, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./292", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./292", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./292/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./292/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./292/cgroup.cpu") = 0 [pid 5063] umount2("./292/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./292/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./292/binderfs") = 0 [pid 5063] umount2("./292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./292/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./292/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./292/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./292/file0") = 0 [pid 5063] umount2("./292/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./292/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./292/cgroup") = 0 [pid 5063] umount2("./292/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./292/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./292/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./292") = 0 [pid 5063] mkdir("./293", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5957 attached , child_tidptr=0x5555560b8690) = 881 [pid 5957] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5957] chdir("./293") = 0 [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5957] setpgid(0, 0) = 0 [pid 5957] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5957] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5957] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5957] write(3, "1000", 4) = 4 [pid 5957] close(3) = 0 [pid 5957] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5957] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5957] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5957] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5957] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5957] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5957] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5957] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5958 attached => {parent_tid=[882]}, 88) = 882 [pid 5958] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5957] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5957] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5957] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5958] <... rseq resumed>) = 0 [pid 5958] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5958] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5958] memfd_create("syzkaller", 0) = 3 [pid 5958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5958] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5958] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5958] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5958] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5958] close(3) = 0 [pid 5958] mkdir("./file0", 0777) = 0 [pid 5958] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5958] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5958] chdir("./file0") = 0 [pid 5958] ioctl(4, LOOP_CLR_FD) = 0 [pid 5958] close(4) = 0 [ 223.587022][ T5958] loop0: detected capacity change from 0 to 4096 [ 223.607347][ T5958] ntfs: volume version 3.1. [pid 5958] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5957] <... futex resumed>) = 0 [pid 5957] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5958] <... futex resumed>) = 1 [pid 5957] <... futex resumed>) = 0 [pid 5958] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5957] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5958] <... openat resumed>) = 4 [pid 5958] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5957] <... futex resumed>) = 0 [pid 5958] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5957] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5958] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5957] <... futex resumed>) = 0 [pid 5957] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5958] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5957] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5957] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5957] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5957] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5957] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5957] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[883]}, 88) = 883 ./strace-static-x86_64: Process 5959 attached [pid 5957] rt_sigprocmask(SIG_SETMASK, [], [pid 5959] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5957] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5959] <... rseq resumed>) = 0 [pid 5957] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5959] set_robust_list(0x7eff0a3299a0, 24 [pid 5957] <... futex resumed>) = 0 [pid 5957] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5959] <... set_robust_list resumed>) = 0 [pid 5959] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5958] <... write resumed>) = 1048064 [pid 5959] creat("./file1", 000 [pid 5958] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5958] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5959] <... creat resumed>) = 5 [pid 5959] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5957] <... futex resumed>) = 0 [pid 5959] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5957] close(3) = 0 [pid 5957] close(4) = 0 [pid 5957] close(5) = 0 [pid 5957] close(6) = -1 EBADF (Bad file descriptor) [pid 5957] close(7) = -1 EBADF (Bad file descriptor) [pid 5957] close(8) = -1 EBADF (Bad file descriptor) [pid 5957] close(9) = -1 EBADF (Bad file descriptor) [pid 5957] close(10) = -1 EBADF (Bad file descriptor) [pid 5957] close(11) = -1 EBADF (Bad file descriptor) [pid 5957] close(12) = -1 EBADF (Bad file descriptor) [pid 5957] close(13) = -1 EBADF (Bad file descriptor) [pid 5957] close(14) = -1 EBADF (Bad file descriptor) [pid 5957] close(15) = -1 EBADF (Bad file descriptor) [pid 5957] close(16) = -1 EBADF (Bad file descriptor) [pid 5957] close(17) = -1 EBADF (Bad file descriptor) [pid 5957] close(18) = -1 EBADF (Bad file descriptor) [pid 5957] close(19) = -1 EBADF (Bad file descriptor) [pid 5957] close(20) = -1 EBADF (Bad file descriptor) [pid 5957] close(21) = -1 EBADF (Bad file descriptor) [pid 5957] close(22) = -1 EBADF (Bad file descriptor) [pid 5957] close(23) = -1 EBADF (Bad file descriptor) [pid 5957] close(24) = -1 EBADF (Bad file descriptor) [pid 5957] close(25) = -1 EBADF (Bad file descriptor) [pid 5957] close(26) = -1 EBADF (Bad file descriptor) [pid 5957] close(27) = -1 EBADF (Bad file descriptor) [pid 5957] close(28) = -1 EBADF (Bad file descriptor) [pid 5957] close(29) = -1 EBADF (Bad file descriptor) [pid 5957] exit_group(0 [pid 5958] <... futex resumed>) = ? [pid 5957] <... exit_group resumed>) = ? [pid 5959] <... futex resumed>) = ? [pid 5958] +++ exited with 0 +++ [pid 5959] +++ exited with 0 +++ [pid 5957] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=881, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./293", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./293", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./293/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./293/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./293/cgroup.cpu") = 0 [pid 5063] umount2("./293/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./293/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./293/binderfs") = 0 [pid 5063] umount2("./293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./293/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./293/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./293/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./293/file0") = 0 [pid 5063] umount2("./293/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./293/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./293/cgroup") = 0 [pid 5063] umount2("./293/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./293/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./293/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./293") = 0 [pid 5063] mkdir("./294", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5960 attached [pid 5960] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 884 [pid 5960] <... set_robust_list resumed>) = 0 [pid 5960] chdir("./294") = 0 [pid 5960] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5960] setpgid(0, 0) = 0 [pid 5960] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5960] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5960] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5960] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5960] write(3, "1000", 4) = 4 [pid 5960] close(3) = 0 [pid 5960] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5960] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5960] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5960] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5960] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5960] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5960] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5960] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5961 attached => {parent_tid=[885]}, 88) = 885 [pid 5961] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5960] rt_sigprocmask(SIG_SETMASK, [], [pid 5961] <... rseq resumed>) = 0 [pid 5960] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5961] set_robust_list(0x7eff0a34a9a0, 24 [pid 5960] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5961] <... set_robust_list resumed>) = 0 [pid 5961] rt_sigprocmask(SIG_SETMASK, [], [pid 5960] <... futex resumed>) = 0 [pid 5961] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5960] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5961] memfd_create("syzkaller", 0) = 3 [pid 5961] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5961] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5961] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5961] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5961] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5961] close(3) = 0 [pid 5961] mkdir("./file0", 0777) = 0 [pid 5961] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5961] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5961] chdir("./file0") = 0 [pid 5961] ioctl(4, LOOP_CLR_FD) = 0 [pid 5961] close(4) = 0 [pid 5961] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5960] <... futex resumed>) = 0 [pid 5961] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5960] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5960] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5961] <... futex resumed>) = 0 [pid 5961] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5961] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5960] <... futex resumed>) = 0 [pid 5960] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5961] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5960] <... futex resumed>) = 0 [ 224.097752][ T5961] loop0: detected capacity change from 0 to 4096 [ 224.123804][ T5961] ntfs: volume version 3.1. [pid 5960] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5960] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5960] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5960] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5960] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5960] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5962 attached [pid 5962] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5960] <... clone3 resumed> => {parent_tid=[886]}, 88) = 886 [pid 5962] <... rseq resumed>) = 0 [pid 5960] rt_sigprocmask(SIG_SETMASK, [], [pid 5962] set_robust_list(0x7eff0a3299a0, 24 [pid 5960] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5960] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5962] <... set_robust_list resumed>) = 0 [pid 5962] rt_sigprocmask(SIG_SETMASK, [], [pid 5960] <... futex resumed>) = 0 [pid 5962] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5960] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5962] creat("./file1", 000) = 5 [pid 5961] <... write resumed>) = 1048064 [pid 5962] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5961] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5962] <... futex resumed>) = 1 [pid 5960] <... futex resumed>) = 0 [pid 5962] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5960] close(3 [pid 5961] <... futex resumed>) = 0 [pid 5960] <... close resumed>) = 0 [pid 5961] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5960] close(4) = 0 [pid 5960] close(5) = 0 [pid 5960] close(6) = -1 EBADF (Bad file descriptor) [pid 5960] close(7) = -1 EBADF (Bad file descriptor) [pid 5960] close(8) = -1 EBADF (Bad file descriptor) [pid 5960] close(9) = -1 EBADF (Bad file descriptor) [pid 5960] close(10) = -1 EBADF (Bad file descriptor) [pid 5960] close(11) = -1 EBADF (Bad file descriptor) [pid 5960] close(12) = -1 EBADF (Bad file descriptor) [pid 5960] close(13) = -1 EBADF (Bad file descriptor) [pid 5960] close(14) = -1 EBADF (Bad file descriptor) [pid 5960] close(15) = -1 EBADF (Bad file descriptor) [pid 5960] close(16) = -1 EBADF (Bad file descriptor) [pid 5960] close(17) = -1 EBADF (Bad file descriptor) [pid 5960] close(18) = -1 EBADF (Bad file descriptor) [pid 5960] close(19) = -1 EBADF (Bad file descriptor) [pid 5960] close(20) = -1 EBADF (Bad file descriptor) [pid 5960] close(21) = -1 EBADF (Bad file descriptor) [pid 5960] close(22) = -1 EBADF (Bad file descriptor) [pid 5960] close(23) = -1 EBADF (Bad file descriptor) [pid 5960] close(24) = -1 EBADF (Bad file descriptor) [pid 5960] close(25) = -1 EBADF (Bad file descriptor) [pid 5960] close(26) = -1 EBADF (Bad file descriptor) [pid 5960] close(27) = -1 EBADF (Bad file descriptor) [pid 5960] close(28) = -1 EBADF (Bad file descriptor) [pid 5960] close(29) = -1 EBADF (Bad file descriptor) [pid 5960] exit_group(0 [pid 5962] <... futex resumed>) = ? [pid 5962] +++ exited with 0 +++ [pid 5961] <... futex resumed>) = ? [pid 5960] <... exit_group resumed>) = ? [pid 5961] +++ exited with 0 +++ [pid 5960] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=884, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./294", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./294", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./294/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./294/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./294/cgroup.cpu") = 0 [pid 5063] umount2("./294/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./294/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./294/binderfs") = 0 [pid 5063] umount2("./294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./294/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./294/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./294/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./294/file0") = 0 [pid 5063] umount2("./294/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./294/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./294/cgroup") = 0 [pid 5063] umount2("./294/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./294/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./294/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./294") = 0 [pid 5063] mkdir("./295", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5963 attached , child_tidptr=0x5555560b8690) = 887 [pid 5963] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5963] chdir("./295") = 0 [pid 5963] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5963] setpgid(0, 0) = 0 [pid 5963] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5963] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5963] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5963] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5963] write(3, "1000", 4) = 4 [pid 5963] close(3) = 0 [pid 5963] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5963] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5963] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5963] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5963] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5963] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5963] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5963] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5964 attached [pid 5964] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5963] <... clone3 resumed> => {parent_tid=[888]}, 88) = 888 [pid 5964] <... rseq resumed>) = 0 [pid 5964] set_robust_list(0x7eff0a34a9a0, 24 [pid 5963] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5964] <... set_robust_list resumed>) = 0 [pid 5964] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5964] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5963] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5964] <... futex resumed>) = 0 [pid 5963] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5964] memfd_create("syzkaller", 0) = 3 [pid 5964] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5964] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5964] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5964] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5964] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5964] close(3) = 0 [pid 5964] mkdir("./file0", 0777) = 0 [pid 5964] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5964] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5964] chdir("./file0") = 0 [pid 5964] ioctl(4, LOOP_CLR_FD) = 0 [pid 5964] close(4) = 0 [pid 5964] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5963] <... futex resumed>) = 0 [pid 5964] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5963] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5964] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5963] <... futex resumed>) = 0 [pid 5963] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5964] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5964] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5963] <... futex resumed>) = 0 [pid 5964] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5963] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5964] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5963] <... futex resumed>) = 0 [ 224.595373][ T5964] loop0: detected capacity change from 0 to 4096 [ 224.625123][ T5964] ntfs: volume version 3.1. [pid 5963] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5963] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5963] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5963] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5963] rt_sigprocmask(SIG_BLOCK, ~[], [pid 5964] <... write resumed>) = 1048064 [pid 5963] <... rt_sigprocmask resumed>[], 8) = 0 [pid 5963] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} [pid 5964] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 ./strace-static-x86_64: Process 5965 attached [pid 5964] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5963] <... clone3 resumed> => {parent_tid=[889]}, 88) = 889 [pid 5965] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5963] rt_sigprocmask(SIG_SETMASK, [], [pid 5965] <... rseq resumed>) = 0 [pid 5963] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5965] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5963] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5965] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5963] <... futex resumed>) = 0 [pid 5965] creat("./file1", 000 [pid 5963] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5965] <... creat resumed>) = 5 [pid 5965] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5965] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5963] <... futex resumed>) = 0 [pid 5963] close(3) = 0 [pid 5963] close(4) = 0 [pid 5963] close(5) = 0 [pid 5963] close(6) = -1 EBADF (Bad file descriptor) [pid 5963] close(7) = -1 EBADF (Bad file descriptor) [pid 5963] close(8) = -1 EBADF (Bad file descriptor) [pid 5963] close(9) = -1 EBADF (Bad file descriptor) [pid 5963] close(10) = -1 EBADF (Bad file descriptor) [pid 5963] close(11) = -1 EBADF (Bad file descriptor) [pid 5963] close(12) = -1 EBADF (Bad file descriptor) [pid 5963] close(13) = -1 EBADF (Bad file descriptor) [pid 5963] close(14) = -1 EBADF (Bad file descriptor) [pid 5963] close(15) = -1 EBADF (Bad file descriptor) [pid 5963] close(16) = -1 EBADF (Bad file descriptor) [pid 5963] close(17) = -1 EBADF (Bad file descriptor) [pid 5963] close(18) = -1 EBADF (Bad file descriptor) [pid 5963] close(19) = -1 EBADF (Bad file descriptor) [pid 5963] close(20) = -1 EBADF (Bad file descriptor) [pid 5963] close(21) = -1 EBADF (Bad file descriptor) [pid 5963] close(22) = -1 EBADF (Bad file descriptor) [pid 5963] close(23) = -1 EBADF (Bad file descriptor) [pid 5963] close(24) = -1 EBADF (Bad file descriptor) [pid 5963] close(25) = -1 EBADF (Bad file descriptor) [pid 5963] close(26) = -1 EBADF (Bad file descriptor) [pid 5963] close(27) = -1 EBADF (Bad file descriptor) [pid 5963] close(28) = -1 EBADF (Bad file descriptor) [pid 5963] close(29) = -1 EBADF (Bad file descriptor) [pid 5963] exit_group(0) = ? [pid 5965] <... futex resumed>) = ? [pid 5964] <... futex resumed>) = ? [pid 5965] +++ exited with 0 +++ [pid 5964] +++ exited with 0 +++ [pid 5963] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=887, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./295", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./295", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./295/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./295/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./295/cgroup.cpu") = 0 [pid 5063] umount2("./295/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./295/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./295/binderfs") = 0 [pid 5063] umount2("./295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./295/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./295/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./295/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./295/file0") = 0 [pid 5063] umount2("./295/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./295/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./295/cgroup") = 0 [pid 5063] umount2("./295/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./295/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./295/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./295") = 0 [pid 5063] mkdir("./296", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5966 attached , child_tidptr=0x5555560b8690) = 890 [pid 5966] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5966] chdir("./296") = 0 [pid 5966] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5966] setpgid(0, 0) = 0 [pid 5966] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5966] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5966] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5966] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5966] write(3, "1000", 4) = 4 [pid 5966] close(3) = 0 [pid 5966] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5966] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5966] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5966] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5966] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5966] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5966] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5966] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5967 attached [pid 5967] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5967] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5967] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5966] <... clone3 resumed> => {parent_tid=[891]}, 88) = 891 [pid 5967] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5966] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5966] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5967] <... futex resumed>) = 0 [pid 5966] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5967] memfd_create("syzkaller", 0) = 3 [pid 5967] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5967] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5967] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5967] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5967] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5967] close(3) = 0 [pid 5967] mkdir("./file0", 0777) = 0 [pid 5967] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5967] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5967] chdir("./file0") = 0 [pid 5967] ioctl(4, LOOP_CLR_FD) = 0 [pid 5967] close(4) = 0 [pid 5967] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5967] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5966] <... futex resumed>) = 0 [pid 5966] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5966] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5967] <... futex resumed>) = 0 [ 225.161950][ T5967] loop0: detected capacity change from 0 to 4096 [ 225.190997][ T5967] ntfs: volume version 3.1. [pid 5967] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5967] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5966] <... futex resumed>) = 0 [pid 5967] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5966] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5967] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5966] <... futex resumed>) = 0 [pid 5967] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5966] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5966] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5966] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5966] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5966] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5966] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5968 attached [pid 5968] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5966] <... clone3 resumed> => {parent_tid=[892]}, 88) = 892 [pid 5968] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5968] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5968] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5966] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5966] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5968] <... futex resumed>) = 0 [pid 5966] <... futex resumed>) = 1 [pid 5968] creat("./file1", 000 [pid 5966] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5968] <... creat resumed>) = 5 [pid 5967] <... write resumed>) = 1048064 [pid 5968] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5968] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5966] <... futex resumed>) = 0 [pid 5967] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5967] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5966] close(3) = 0 [pid 5966] close(4) = 0 [pid 5966] close(5) = 0 [pid 5966] close(6) = -1 EBADF (Bad file descriptor) [pid 5966] close(7) = -1 EBADF (Bad file descriptor) [pid 5966] close(8) = -1 EBADF (Bad file descriptor) [pid 5966] close(9) = -1 EBADF (Bad file descriptor) [pid 5966] close(10) = -1 EBADF (Bad file descriptor) [pid 5966] close(11) = -1 EBADF (Bad file descriptor) [pid 5966] close(12) = -1 EBADF (Bad file descriptor) [pid 5966] close(13) = -1 EBADF (Bad file descriptor) [pid 5966] close(14) = -1 EBADF (Bad file descriptor) [pid 5966] close(15) = -1 EBADF (Bad file descriptor) [pid 5966] close(16) = -1 EBADF (Bad file descriptor) [pid 5966] close(17) = -1 EBADF (Bad file descriptor) [pid 5966] close(18) = -1 EBADF (Bad file descriptor) [pid 5966] close(19) = -1 EBADF (Bad file descriptor) [pid 5966] close(20) = -1 EBADF (Bad file descriptor) [pid 5966] close(21) = -1 EBADF (Bad file descriptor) [pid 5966] close(22) = -1 EBADF (Bad file descriptor) [pid 5966] close(23) = -1 EBADF (Bad file descriptor) [pid 5966] close(24) = -1 EBADF (Bad file descriptor) [pid 5966] close(25) = -1 EBADF (Bad file descriptor) [pid 5966] close(26) = -1 EBADF (Bad file descriptor) [pid 5966] close(27) = -1 EBADF (Bad file descriptor) [pid 5966] close(28) = -1 EBADF (Bad file descriptor) [pid 5966] close(29) = -1 EBADF (Bad file descriptor) [pid 5966] exit_group(0 [pid 5967] <... futex resumed>) = ? [pid 5968] <... futex resumed>) = ? [pid 5967] +++ exited with 0 +++ [pid 5966] <... exit_group resumed>) = ? [pid 5968] +++ exited with 0 +++ [pid 5966] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=890, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./296", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./296", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./296/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./296/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./296/cgroup.cpu") = 0 [pid 5063] umount2("./296/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./296/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./296/binderfs") = 0 [pid 5063] umount2("./296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./296/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./296/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./296/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./296/file0") = 0 [pid 5063] umount2("./296/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./296/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./296/cgroup") = 0 [pid 5063] umount2("./296/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./296/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./296/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./296") = 0 [pid 5063] mkdir("./297", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5969 attached [pid 5969] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 893 [pid 5969] <... set_robust_list resumed>) = 0 [pid 5969] chdir("./297") = 0 [pid 5969] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5969] setpgid(0, 0) = 0 [pid 5969] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5969] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5969] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5969] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5969] write(3, "1000", 4) = 4 [pid 5969] close(3) = 0 [pid 5969] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5969] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5969] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5969] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5969] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5969] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5969] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5969] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5970 attached => {parent_tid=[894]}, 88) = 894 [pid 5970] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5969] rt_sigprocmask(SIG_SETMASK, [], [pid 5970] <... rseq resumed>) = 0 [pid 5969] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5970] set_robust_list(0x7eff0a34a9a0, 24 [pid 5969] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5970] <... set_robust_list resumed>) = 0 [pid 5969] <... futex resumed>) = 0 [pid 5970] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5969] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5970] memfd_create("syzkaller", 0) = 3 [pid 5970] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5970] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5970] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5970] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5970] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5970] close(3) = 0 [pid 5970] mkdir("./file0", 0777) = 0 [pid 5970] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5970] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5970] chdir("./file0") = 0 [pid 5970] ioctl(4, LOOP_CLR_FD) = 0 [pid 5970] close(4) = 0 [pid 5970] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5970] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5969] <... futex resumed>) = 0 [pid 5970] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5969] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5970] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5969] <... futex resumed>) = 0 [ 225.671420][ T5970] loop0: detected capacity change from 0 to 4096 [ 225.692906][ T5970] ntfs: volume version 3.1. [pid 5969] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5970] <... openat resumed>) = 4 [pid 5970] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5970] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5969] <... futex resumed>) = 0 [pid 5969] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5970] <... futex resumed>) = 0 [pid 5969] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5970] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5969] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5969] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5969] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5969] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5969] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5969] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5971 attached => {parent_tid=[895]}, 88) = 895 [pid 5971] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5969] rt_sigprocmask(SIG_SETMASK, [], [pid 5971] <... rseq resumed>) = 0 [pid 5969] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5971] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5969] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5971] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5969] <... futex resumed>) = 0 [pid 5971] creat("./file1", 000 [pid 5969] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5971] <... creat resumed>) = 5 [pid 5971] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5970] <... write resumed>) = 1048064 [pid 5971] <... futex resumed>) = 1 [pid 5969] <... futex resumed>) = 0 [pid 5970] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5969] close(3 [pid 5971] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5970] <... futex resumed>) = 0 [pid 5969] <... close resumed>) = 0 [pid 5970] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5969] close(4) = 0 [pid 5969] close(5) = 0 [pid 5969] close(6) = -1 EBADF (Bad file descriptor) [pid 5969] close(7) = -1 EBADF (Bad file descriptor) [pid 5969] close(8) = -1 EBADF (Bad file descriptor) [pid 5969] close(9) = -1 EBADF (Bad file descriptor) [pid 5969] close(10) = -1 EBADF (Bad file descriptor) [pid 5969] close(11) = -1 EBADF (Bad file descriptor) [pid 5969] close(12) = -1 EBADF (Bad file descriptor) [pid 5969] close(13) = -1 EBADF (Bad file descriptor) [pid 5969] close(14) = -1 EBADF (Bad file descriptor) [pid 5969] close(15) = -1 EBADF (Bad file descriptor) [pid 5969] close(16) = -1 EBADF (Bad file descriptor) [pid 5969] close(17) = -1 EBADF (Bad file descriptor) [pid 5969] close(18) = -1 EBADF (Bad file descriptor) [pid 5969] close(19) = -1 EBADF (Bad file descriptor) [pid 5969] close(20) = -1 EBADF (Bad file descriptor) [pid 5969] close(21) = -1 EBADF (Bad file descriptor) [pid 5969] close(22) = -1 EBADF (Bad file descriptor) [pid 5969] close(23) = -1 EBADF (Bad file descriptor) [pid 5969] close(24) = -1 EBADF (Bad file descriptor) [pid 5969] close(25) = -1 EBADF (Bad file descriptor) [pid 5969] close(26) = -1 EBADF (Bad file descriptor) [pid 5969] close(27) = -1 EBADF (Bad file descriptor) [pid 5969] close(28) = -1 EBADF (Bad file descriptor) [pid 5969] close(29) = -1 EBADF (Bad file descriptor) [pid 5969] exit_group(0) = ? [pid 5971] <... futex resumed>) = ? [pid 5970] <... futex resumed>) = ? [pid 5970] +++ exited with 0 +++ [pid 5971] +++ exited with 0 +++ [pid 5969] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=893, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./297", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./297", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./297/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./297/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./297/cgroup.cpu") = 0 [pid 5063] umount2("./297/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./297/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./297/binderfs") = 0 [pid 5063] umount2("./297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./297/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./297/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./297/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./297/file0") = 0 [pid 5063] umount2("./297/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./297/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./297/cgroup") = 0 [pid 5063] umount2("./297/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./297/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./297/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./297") = 0 [pid 5063] mkdir("./298", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5972 attached , child_tidptr=0x5555560b8690) = 896 [pid 5972] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5972] chdir("./298") = 0 [pid 5972] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5972] setpgid(0, 0) = 0 [pid 5972] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5972] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5972] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5972] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5972] write(3, "1000", 4) = 4 [pid 5972] close(3) = 0 [pid 5972] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5972] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5972] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5972] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5972] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5972] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5972] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5973 attached => {parent_tid=[897]}, 88) = 897 [pid 5973] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5972] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5972] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5972] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5973] <... rseq resumed>) = 0 [pid 5973] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5973] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5973] memfd_create("syzkaller", 0) = 3 [pid 5973] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5973] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5973] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5973] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5973] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5973] close(3) = 0 [pid 5973] mkdir("./file0", 0777) = 0 [pid 5973] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5973] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5973] chdir("./file0") = 0 [pid 5973] ioctl(4, LOOP_CLR_FD) = 0 [pid 5973] close(4) = 0 [pid 5973] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5973] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5972] <... futex resumed>) = 0 [pid 5972] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5973] <... futex resumed>) = 0 [pid 5972] <... futex resumed>) = 1 [pid 5972] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5973] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5973] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5973] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5972] <... futex resumed>) = 0 [pid 5972] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5973] <... futex resumed>) = 0 [pid 5972] <... futex resumed>) = 1 [pid 5973] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 226.258234][ T5973] loop0: detected capacity change from 0 to 4096 [ 226.278789][ T5973] ntfs: volume version 3.1. [pid 5972] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5972] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5972] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5972] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5972] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5972] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5974 attached => {parent_tid=[898]}, 88) = 898 [pid 5974] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5972] rt_sigprocmask(SIG_SETMASK, [], [pid 5974] <... rseq resumed>) = 0 [pid 5974] set_robust_list(0x7eff0a3299a0, 24 [pid 5972] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5974] <... set_robust_list resumed>) = 0 [pid 5974] rt_sigprocmask(SIG_SETMASK, [], [pid 5972] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5974] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5972] <... futex resumed>) = 0 [pid 5974] creat("./file1", 000 [pid 5972] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5974] <... creat resumed>) = 5 [pid 5973] <... write resumed>) = 1048064 [pid 5974] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5973] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5972] <... futex resumed>) = 0 [pid 5974] <... futex resumed>) = 1 [pid 5973] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5974] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5972] close(3) = 0 [pid 5972] close(4) = 0 [pid 5972] close(5) = 0 [pid 5972] close(6) = -1 EBADF (Bad file descriptor) [pid 5972] close(7) = -1 EBADF (Bad file descriptor) [pid 5972] close(8) = -1 EBADF (Bad file descriptor) [pid 5972] close(9) = -1 EBADF (Bad file descriptor) [pid 5972] close(10) = -1 EBADF (Bad file descriptor) [pid 5972] close(11) = -1 EBADF (Bad file descriptor) [pid 5972] close(12) = -1 EBADF (Bad file descriptor) [pid 5972] close(13) = -1 EBADF (Bad file descriptor) [pid 5972] close(14) = -1 EBADF (Bad file descriptor) [pid 5972] close(15) = -1 EBADF (Bad file descriptor) [pid 5972] close(16) = -1 EBADF (Bad file descriptor) [pid 5972] close(17) = -1 EBADF (Bad file descriptor) [pid 5972] close(18) = -1 EBADF (Bad file descriptor) [pid 5972] close(19) = -1 EBADF (Bad file descriptor) [pid 5972] close(20) = -1 EBADF (Bad file descriptor) [pid 5972] close(21) = -1 EBADF (Bad file descriptor) [pid 5972] close(22) = -1 EBADF (Bad file descriptor) [pid 5972] close(23) = -1 EBADF (Bad file descriptor) [pid 5972] close(24) = -1 EBADF (Bad file descriptor) [pid 5972] close(25) = -1 EBADF (Bad file descriptor) [pid 5972] close(26) = -1 EBADF (Bad file descriptor) [pid 5972] close(27) = -1 EBADF (Bad file descriptor) [pid 5972] close(28) = -1 EBADF (Bad file descriptor) [pid 5972] close(29) = -1 EBADF (Bad file descriptor) [pid 5972] exit_group(0) = ? [pid 5974] <... futex resumed>) = ? [pid 5973] <... futex resumed>) = ? [pid 5974] +++ exited with 0 +++ [pid 5973] +++ exited with 0 +++ [pid 5972] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=896, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./298", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./298", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./298/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./298/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./298/cgroup.cpu") = 0 [pid 5063] umount2("./298/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./298/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./298/binderfs") = 0 [pid 5063] umount2("./298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./298/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./298/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./298/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./298/file0") = 0 [pid 5063] umount2("./298/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./298/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./298/cgroup") = 0 [pid 5063] umount2("./298/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./298/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./298/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./298") = 0 [pid 5063] mkdir("./299", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5975 attached , child_tidptr=0x5555560b8690) = 899 [pid 5975] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5975] chdir("./299") = 0 [pid 5975] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5975] setpgid(0, 0) = 0 [pid 5975] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5975] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5975] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5975] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5975] write(3, "1000", 4) = 4 [pid 5975] close(3) = 0 [pid 5975] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5975] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5975] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5975] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5975] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5975] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5975] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5975] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5976 attached => {parent_tid=[900]}, 88) = 900 [pid 5976] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5975] rt_sigprocmask(SIG_SETMASK, [], [pid 5976] <... rseq resumed>) = 0 [pid 5975] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5976] set_robust_list(0x7eff0a34a9a0, 24 [pid 5975] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5976] <... set_robust_list resumed>) = 0 [pid 5975] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5976] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5976] memfd_create("syzkaller", 0) = 3 [pid 5976] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5976] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5976] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5976] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5976] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5976] close(3) = 0 [pid 5976] mkdir("./file0", 0777) = 0 [pid 5976] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5976] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5976] chdir("./file0") = 0 [pid 5976] ioctl(4, LOOP_CLR_FD) = 0 [pid 5976] close(4) = 0 [pid 5976] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5975] <... futex resumed>) = 0 [pid 5976] <... futex resumed>) = 1 [pid 5975] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5976] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5975] <... futex resumed>) = 0 [pid 5975] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5976] <... openat resumed>) = 4 [pid 5976] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5976] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5975] <... futex resumed>) = 0 [ 226.761222][ T5976] loop0: detected capacity change from 0 to 4096 [ 226.794505][ T5976] ntfs: volume version 3.1. [pid 5975] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5976] <... futex resumed>) = 0 [pid 5976] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5975] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5975] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5975] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5975] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5975] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5975] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5977 attached => {parent_tid=[901]}, 88) = 901 [pid 5977] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5975] rt_sigprocmask(SIG_SETMASK, [], [pid 5977] <... rseq resumed>) = 0 [pid 5975] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5977] set_robust_list(0x7eff0a3299a0, 24 [pid 5975] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5977] <... set_robust_list resumed>) = 0 [pid 5977] rt_sigprocmask(SIG_SETMASK, [], [pid 5975] <... futex resumed>) = 0 [pid 5977] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5975] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5977] creat("./file1", 000) = 5 [pid 5977] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5976] <... write resumed>) = 1048064 [pid 5977] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5975] <... futex resumed>) = 0 [pid 5976] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5975] close(3 [pid 5976] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5975] <... close resumed>) = 0 [pid 5975] close(4) = 0 [pid 5975] close(5) = 0 [pid 5975] close(6) = -1 EBADF (Bad file descriptor) [pid 5975] close(7) = -1 EBADF (Bad file descriptor) [pid 5975] close(8) = -1 EBADF (Bad file descriptor) [pid 5975] close(9) = -1 EBADF (Bad file descriptor) [pid 5975] close(10) = -1 EBADF (Bad file descriptor) [pid 5975] close(11) = -1 EBADF (Bad file descriptor) [pid 5975] close(12) = -1 EBADF (Bad file descriptor) [pid 5975] close(13) = -1 EBADF (Bad file descriptor) [pid 5975] close(14) = -1 EBADF (Bad file descriptor) [pid 5975] close(15) = -1 EBADF (Bad file descriptor) [pid 5975] close(16) = -1 EBADF (Bad file descriptor) [pid 5975] close(17) = -1 EBADF (Bad file descriptor) [pid 5975] close(18) = -1 EBADF (Bad file descriptor) [pid 5975] close(19) = -1 EBADF (Bad file descriptor) [pid 5975] close(20) = -1 EBADF (Bad file descriptor) [pid 5975] close(21) = -1 EBADF (Bad file descriptor) [pid 5975] close(22) = -1 EBADF (Bad file descriptor) [pid 5975] close(23) = -1 EBADF (Bad file descriptor) [pid 5975] close(24) = -1 EBADF (Bad file descriptor) [pid 5975] close(25) = -1 EBADF (Bad file descriptor) [pid 5975] close(26) = -1 EBADF (Bad file descriptor) [pid 5975] close(27) = -1 EBADF (Bad file descriptor) [pid 5975] close(28) = -1 EBADF (Bad file descriptor) [pid 5975] close(29) = -1 EBADF (Bad file descriptor) [pid 5975] exit_group(0 [pid 5977] <... futex resumed>) = ? [pid 5976] <... futex resumed>) = ? [pid 5977] +++ exited with 0 +++ [pid 5975] <... exit_group resumed>) = ? [pid 5976] +++ exited with 0 +++ [pid 5975] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=899, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./299", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./299", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./299/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./299/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./299/cgroup.cpu") = 0 [pid 5063] umount2("./299/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./299/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./299/binderfs") = 0 [pid 5063] umount2("./299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./299/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./299/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./299/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./299/file0") = 0 [pid 5063] umount2("./299/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./299/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./299/cgroup") = 0 [pid 5063] umount2("./299/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./299/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./299/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./299") = 0 [pid 5063] mkdir("./300", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 902 ./strace-static-x86_64: Process 5978 attached [pid 5978] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5978] chdir("./300") = 0 [pid 5978] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5978] setpgid(0, 0) = 0 [pid 5978] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5978] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5978] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5978] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5978] write(3, "1000", 4) = 4 [pid 5978] close(3) = 0 [pid 5978] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5978] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5978] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5978] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5978] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5978] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5978] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5978] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5979 attached => {parent_tid=[903]}, 88) = 903 [pid 5979] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5978] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5978] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5978] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5979] <... rseq resumed>) = 0 [pid 5979] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5979] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5979] memfd_create("syzkaller", 0) = 3 [pid 5979] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5979] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5979] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5979] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5979] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5979] close(3) = 0 [pid 5979] mkdir("./file0", 0777) = 0 [pid 5979] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5979] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5979] chdir("./file0") = 0 [pid 5979] ioctl(4, LOOP_CLR_FD) = 0 [pid 5979] close(4) = 0 [pid 5979] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5979] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5978] <... futex resumed>) = 0 [pid 5978] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5978] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5979] <... futex resumed>) = 0 [pid 5979] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5979] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5979] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5978] <... futex resumed>) = 0 [ 227.391531][ T5979] loop0: detected capacity change from 0 to 4096 [ 227.407301][ T5979] ntfs: volume version 3.1. [pid 5978] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5979] <... futex resumed>) = 0 [pid 5978] <... futex resumed>) = 1 [pid 5979] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5978] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5978] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5978] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5978] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5978] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5978] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5980 attached [pid 5980] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5980] set_robust_list(0x7eff0a3299a0, 24 [pid 5978] <... clone3 resumed> => {parent_tid=[904]}, 88) = 904 [pid 5980] <... set_robust_list resumed>) = 0 [pid 5980] rt_sigprocmask(SIG_SETMASK, [], [pid 5978] rt_sigprocmask(SIG_SETMASK, [], [pid 5980] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5978] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5980] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5978] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5980] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5980] creat("./file1", 000 [pid 5978] <... futex resumed>) = 0 [pid 5978] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5980] <... creat resumed>) = 5 [pid 5979] <... write resumed>) = 1048064 [pid 5980] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5978] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5979] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5978] close(3 [pid 5980] <... futex resumed>) = 0 [pid 5979] <... futex resumed>) = 0 [pid 5978] <... close resumed>) = 0 [pid 5980] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5978] close(4 [pid 5979] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5978] <... close resumed>) = 0 [pid 5978] close(5) = 0 [pid 5978] close(6) = -1 EBADF (Bad file descriptor) [pid 5978] close(7) = -1 EBADF (Bad file descriptor) [pid 5978] close(8) = -1 EBADF (Bad file descriptor) [pid 5978] close(9) = -1 EBADF (Bad file descriptor) [pid 5978] close(10) = -1 EBADF (Bad file descriptor) [pid 5978] close(11) = -1 EBADF (Bad file descriptor) [pid 5978] close(12) = -1 EBADF (Bad file descriptor) [pid 5978] close(13) = -1 EBADF (Bad file descriptor) [pid 5978] close(14) = -1 EBADF (Bad file descriptor) [pid 5978] close(15) = -1 EBADF (Bad file descriptor) [pid 5978] close(16) = -1 EBADF (Bad file descriptor) [pid 5978] close(17) = -1 EBADF (Bad file descriptor) [pid 5978] close(18) = -1 EBADF (Bad file descriptor) [pid 5978] close(19) = -1 EBADF (Bad file descriptor) [pid 5978] close(20) = -1 EBADF (Bad file descriptor) [pid 5978] close(21) = -1 EBADF (Bad file descriptor) [pid 5978] close(22) = -1 EBADF (Bad file descriptor) [pid 5978] close(23) = -1 EBADF (Bad file descriptor) [pid 5978] close(24) = -1 EBADF (Bad file descriptor) [pid 5978] close(25) = -1 EBADF (Bad file descriptor) [pid 5978] close(26) = -1 EBADF (Bad file descriptor) [pid 5978] close(27) = -1 EBADF (Bad file descriptor) [pid 5978] close(28) = -1 EBADF (Bad file descriptor) [pid 5978] close(29) = -1 EBADF (Bad file descriptor) [pid 5978] exit_group(0) = ? [pid 5979] <... futex resumed>) = ? [pid 5980] <... futex resumed>) = ? [pid 5979] +++ exited with 0 +++ [pid 5980] +++ exited with 0 +++ [pid 5978] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=902, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./300", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./300", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./300/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./300/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./300/cgroup.cpu") = 0 [pid 5063] umount2("./300/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./300/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./300/binderfs") = 0 [pid 5063] umount2("./300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./300/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./300/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./300/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./300/file0") = 0 [pid 5063] umount2("./300/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./300/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./300/cgroup") = 0 [pid 5063] umount2("./300/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./300/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./300/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./300") = 0 [pid 5063] mkdir("./301", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5981 attached , child_tidptr=0x5555560b8690) = 905 [pid 5981] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5981] chdir("./301") = 0 [pid 5981] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5981] setpgid(0, 0) = 0 [pid 5981] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5981] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5981] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5981] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5981] write(3, "1000", 4) = 4 [pid 5981] close(3) = 0 [pid 5981] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5981] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5981] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5981] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5981] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5981] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5981] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5981] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5982 attached => {parent_tid=[906]}, 88) = 906 [pid 5982] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5981] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5981] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5981] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5982] <... rseq resumed>) = 0 [pid 5982] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5982] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5982] memfd_create("syzkaller", 0) = 3 [pid 5982] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5982] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5982] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5982] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5982] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5982] close(3) = 0 [pid 5982] mkdir("./file0", 0777) = 0 [ 227.977374][ T5982] loop0: detected capacity change from 0 to 4096 [ 228.000873][ T5982] __ntfs_warning: 170 callbacks suppressed [ 228.000881][ T5982] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 228.027553][ T5982] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 228.037122][ T5982] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 228.053533][ T5982] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 228.062275][ T5982] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 228.082234][ T5982] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 228.091170][ T5982] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 228.111331][ T5982] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 5982] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5982] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5982] chdir("./file0") = 0 [pid 5982] ioctl(4, LOOP_CLR_FD) = 0 [pid 5982] close(4) = 0 [pid 5982] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5981] <... futex resumed>) = 0 [pid 5982] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5981] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5982] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5981] <... futex resumed>) = 0 [pid 5982] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5981] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5982] <... openat resumed>) = 4 [pid 5982] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5982] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5981] <... futex resumed>) = 0 [pid 5981] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5982] <... futex resumed>) = 0 [pid 5981] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 228.120086][ T5982] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 228.140052][ T5982] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 228.150769][ T5982] ntfs: volume version 3.1. [pid 5982] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5981] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5981] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5981] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5981] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5981] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5981] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5983 attached [pid 5983] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 5981] <... clone3 resumed> => {parent_tid=[907]}, 88) = 907 [pid 5981] rt_sigprocmask(SIG_SETMASK, [], [pid 5983] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5983] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5981] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5983] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5981] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5983] creat("./file1", 000 [pid 5981] <... futex resumed>) = 0 [pid 5981] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5983] <... creat resumed>) = 5 [pid 5982] <... write resumed>) = 1048064 [pid 5983] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5982] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5983] <... futex resumed>) = 1 [pid 5983] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5982] <... futex resumed>) = 0 [pid 5981] <... futex resumed>) = 0 [pid 5982] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5981] close(3) = 0 [pid 5981] close(4) = 0 [pid 5981] close(5) = 0 [pid 5981] close(6) = -1 EBADF (Bad file descriptor) [pid 5981] close(7) = -1 EBADF (Bad file descriptor) [pid 5981] close(8) = -1 EBADF (Bad file descriptor) [pid 5981] close(9) = -1 EBADF (Bad file descriptor) [pid 5981] close(10) = -1 EBADF (Bad file descriptor) [pid 5981] close(11) = -1 EBADF (Bad file descriptor) [pid 5981] close(12) = -1 EBADF (Bad file descriptor) [pid 5981] close(13) = -1 EBADF (Bad file descriptor) [pid 5981] close(14) = -1 EBADF (Bad file descriptor) [pid 5981] close(15) = -1 EBADF (Bad file descriptor) [pid 5981] close(16) = -1 EBADF (Bad file descriptor) [pid 5981] close(17) = -1 EBADF (Bad file descriptor) [pid 5981] close(18) = -1 EBADF (Bad file descriptor) [pid 5981] close(19) = -1 EBADF (Bad file descriptor) [pid 5981] close(20) = -1 EBADF (Bad file descriptor) [pid 5981] close(21) = -1 EBADF (Bad file descriptor) [pid 5981] close(22) = -1 EBADF (Bad file descriptor) [pid 5981] close(23) = -1 EBADF (Bad file descriptor) [pid 5981] close(24) = -1 EBADF (Bad file descriptor) [pid 5981] close(25) = -1 EBADF (Bad file descriptor) [pid 5981] close(26) = -1 EBADF (Bad file descriptor) [pid 5981] close(27) = -1 EBADF (Bad file descriptor) [pid 5981] close(28) = -1 EBADF (Bad file descriptor) [pid 5981] close(29) = -1 EBADF (Bad file descriptor) [pid 5981] exit_group(0) = ? [pid 5983] <... futex resumed>) = ? [pid 5982] <... futex resumed>) = ? [pid 5983] +++ exited with 0 +++ [pid 5982] +++ exited with 0 +++ [pid 5981] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=905, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./301", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./301", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./301/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./301/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./301/cgroup.cpu") = 0 [pid 5063] umount2("./301/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./301/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./301/binderfs") = 0 [pid 5063] umount2("./301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./301/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./301/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./301/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./301/file0") = 0 [pid 5063] umount2("./301/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./301/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./301/cgroup") = 0 [pid 5063] umount2("./301/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./301/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./301/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./301") = 0 [pid 5063] mkdir("./302", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5984 attached [pid 5984] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 908 [pid 5984] <... set_robust_list resumed>) = 0 [pid 5984] chdir("./302") = 0 [pid 5984] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5984] setpgid(0, 0) = 0 [pid 5984] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5984] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5984] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5984] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5984] write(3, "1000", 4) = 4 [pid 5984] close(3) = 0 [pid 5984] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5984] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5984] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5984] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5984] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5984] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5984] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5984] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5985 attached => {parent_tid=[909]}, 88) = 909 [pid 5985] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5984] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5985] <... rseq resumed>) = 0 [pid 5985] set_robust_list(0x7eff0a34a9a0, 24 [pid 5984] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5984] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5985] <... set_robust_list resumed>) = 0 [pid 5985] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5985] memfd_create("syzkaller", 0) = 3 [pid 5985] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5985] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5985] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5985] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5985] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5985] close(3) = 0 [pid 5985] mkdir("./file0", 0777) = 0 [pid 5985] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5985] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5985] chdir("./file0") = 0 [pid 5985] ioctl(4, LOOP_CLR_FD) = 0 [pid 5985] close(4) = 0 [pid 5985] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5984] <... futex resumed>) = 0 [pid 5984] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5984] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5985] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5985] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5984] <... futex resumed>) = 0 [pid 5985] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5984] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5985] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5984] <... futex resumed>) = 0 [pid 5984] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 228.737947][ T5985] loop0: detected capacity change from 0 to 4096 [ 228.758312][ T5985] ntfs: volume version 3.1. [pid 5985] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5984] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5984] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5984] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5984] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5984] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5984] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5986 attached [pid 5986] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5984] <... clone3 resumed> => {parent_tid=[910]}, 88) = 910 [pid 5986] <... rseq resumed>) = 0 [pid 5984] rt_sigprocmask(SIG_SETMASK, [], [pid 5986] set_robust_list(0x7eff0a3299a0, 24 [pid 5984] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5986] <... set_robust_list resumed>) = 0 [pid 5984] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5986] rt_sigprocmask(SIG_SETMASK, [], [pid 5984] <... futex resumed>) = 0 [pid 5986] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5984] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5986] creat("./file1", 000) = 5 [pid 5985] <... write resumed>) = 1048064 [pid 5986] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5985] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5985] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5986] <... futex resumed>) = 1 [pid 5984] <... futex resumed>) = 0 [pid 5986] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5984] close(3) = 0 [pid 5984] close(4) = 0 [pid 5984] close(5) = 0 [pid 5984] close(6) = -1 EBADF (Bad file descriptor) [pid 5984] close(7) = -1 EBADF (Bad file descriptor) [pid 5984] close(8) = -1 EBADF (Bad file descriptor) [pid 5984] close(9) = -1 EBADF (Bad file descriptor) [pid 5984] close(10) = -1 EBADF (Bad file descriptor) [pid 5984] close(11) = -1 EBADF (Bad file descriptor) [pid 5984] close(12) = -1 EBADF (Bad file descriptor) [pid 5984] close(13) = -1 EBADF (Bad file descriptor) [pid 5984] close(14) = -1 EBADF (Bad file descriptor) [pid 5984] close(15) = -1 EBADF (Bad file descriptor) [pid 5984] close(16) = -1 EBADF (Bad file descriptor) [pid 5984] close(17) = -1 EBADF (Bad file descriptor) [pid 5984] close(18) = -1 EBADF (Bad file descriptor) [pid 5984] close(19) = -1 EBADF (Bad file descriptor) [pid 5984] close(20) = -1 EBADF (Bad file descriptor) [pid 5984] close(21) = -1 EBADF (Bad file descriptor) [pid 5984] close(22) = -1 EBADF (Bad file descriptor) [pid 5984] close(23) = -1 EBADF (Bad file descriptor) [pid 5984] close(24) = -1 EBADF (Bad file descriptor) [pid 5984] close(25) = -1 EBADF (Bad file descriptor) [pid 5984] close(26) = -1 EBADF (Bad file descriptor) [pid 5984] close(27) = -1 EBADF (Bad file descriptor) [pid 5984] close(28) = -1 EBADF (Bad file descriptor) [pid 5984] close(29) = -1 EBADF (Bad file descriptor) [pid 5984] exit_group(0) = ? [pid 5986] <... futex resumed>) = ? [pid 5985] <... futex resumed>) = ? [pid 5986] +++ exited with 0 +++ [pid 5985] +++ exited with 0 +++ [pid 5984] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=908, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./302", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./302", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./302/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./302/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./302/cgroup.cpu") = 0 [pid 5063] umount2("./302/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./302/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./302/binderfs") = 0 [pid 5063] umount2("./302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./302/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./302/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./302/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./302/file0") = 0 [pid 5063] umount2("./302/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./302/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./302/cgroup") = 0 [pid 5063] umount2("./302/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./302/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./302/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./302") = 0 [pid 5063] mkdir("./303", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5987 attached [pid 5987] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 911 [pid 5987] <... set_robust_list resumed>) = 0 [pid 5987] chdir("./303") = 0 [pid 5987] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5987] setpgid(0, 0) = 0 [pid 5987] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5987] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5987] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5987] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5987] write(3, "1000", 4) = 4 [pid 5987] close(3) = 0 [pid 5987] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5987] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5987] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5987] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5987] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5987] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5987] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5987] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5988 attached => {parent_tid=[912]}, 88) = 912 [pid 5988] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5987] rt_sigprocmask(SIG_SETMASK, [], [pid 5988] <... rseq resumed>) = 0 [pid 5987] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5988] set_robust_list(0x7eff0a34a9a0, 24 [pid 5987] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5988] <... set_robust_list resumed>) = 0 [pid 5988] rt_sigprocmask(SIG_SETMASK, [], [pid 5987] <... futex resumed>) = 0 [pid 5988] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5987] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5988] memfd_create("syzkaller", 0) = 3 [pid 5988] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5988] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5988] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5988] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5988] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5988] close(3) = 0 [pid 5988] mkdir("./file0", 0777) = 0 [pid 5988] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5988] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5988] chdir("./file0") = 0 [pid 5988] ioctl(4, LOOP_CLR_FD) = 0 [pid 5988] close(4) = 0 [pid 5988] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5987] <... futex resumed>) = 0 [pid 5987] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5987] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5988] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 5988] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5988] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5987] <... futex resumed>) = 0 [pid 5987] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5988] <... futex resumed>) = 0 [pid 5987] <... futex resumed>) = 1 [ 229.236232][ T5988] loop0: detected capacity change from 0 to 4096 [ 229.264832][ T5988] ntfs: volume version 3.1. [pid 5988] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5987] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5987] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5987] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5987] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5987] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5987] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5989 attached [pid 5989] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5987] <... clone3 resumed> => {parent_tid=[913]}, 88) = 913 [pid 5989] <... rseq resumed>) = 0 [pid 5987] rt_sigprocmask(SIG_SETMASK, [], [pid 5989] set_robust_list(0x7eff0a3299a0, 24 [pid 5987] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5989] <... set_robust_list resumed>) = 0 [pid 5987] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5989] rt_sigprocmask(SIG_SETMASK, [], [pid 5987] <... futex resumed>) = 0 [pid 5989] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5987] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5989] creat("./file1", 000) = 5 [pid 5988] <... write resumed>) = 1048064 [pid 5988] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5989] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5988] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5989] <... futex resumed>) = 1 [pid 5987] <... futex resumed>) = 0 [pid 5987] close(3) = 0 [pid 5987] close(4 [pid 5989] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5987] <... close resumed>) = 0 [pid 5987] close(5) = 0 [pid 5987] close(6) = -1 EBADF (Bad file descriptor) [pid 5987] close(7) = -1 EBADF (Bad file descriptor) [pid 5987] close(8) = -1 EBADF (Bad file descriptor) [pid 5987] close(9) = -1 EBADF (Bad file descriptor) [pid 5987] close(10) = -1 EBADF (Bad file descriptor) [pid 5987] close(11) = -1 EBADF (Bad file descriptor) [pid 5987] close(12) = -1 EBADF (Bad file descriptor) [pid 5987] close(13) = -1 EBADF (Bad file descriptor) [pid 5987] close(14) = -1 EBADF (Bad file descriptor) [pid 5987] close(15) = -1 EBADF (Bad file descriptor) [pid 5987] close(16) = -1 EBADF (Bad file descriptor) [pid 5987] close(17) = -1 EBADF (Bad file descriptor) [pid 5987] close(18) = -1 EBADF (Bad file descriptor) [pid 5987] close(19) = -1 EBADF (Bad file descriptor) [pid 5987] close(20) = -1 EBADF (Bad file descriptor) [pid 5987] close(21) = -1 EBADF (Bad file descriptor) [pid 5987] close(22) = -1 EBADF (Bad file descriptor) [pid 5987] close(23) = -1 EBADF (Bad file descriptor) [pid 5987] close(24) = -1 EBADF (Bad file descriptor) [pid 5987] close(25) = -1 EBADF (Bad file descriptor) [pid 5987] close(26) = -1 EBADF (Bad file descriptor) [pid 5987] close(27) = -1 EBADF (Bad file descriptor) [pid 5987] close(28) = -1 EBADF (Bad file descriptor) [pid 5987] close(29) = -1 EBADF (Bad file descriptor) [pid 5987] exit_group(0 [pid 5989] <... futex resumed>) = ? [pid 5988] <... futex resumed>) = ? [pid 5989] +++ exited with 0 +++ [pid 5987] <... exit_group resumed>) = ? [pid 5988] +++ exited with 0 +++ [pid 5987] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=911, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./303", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./303", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./303/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./303/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./303/cgroup.cpu") = 0 [pid 5063] umount2("./303/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./303/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./303/binderfs") = 0 [pid 5063] umount2("./303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./303/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./303/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./303/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./303/file0") = 0 [pid 5063] umount2("./303/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./303/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./303/cgroup") = 0 [pid 5063] umount2("./303/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./303/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./303/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./303") = 0 [pid 5063] mkdir("./304", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5990 attached , child_tidptr=0x5555560b8690) = 914 [pid 5990] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5990] chdir("./304") = 0 [pid 5990] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5990] setpgid(0, 0) = 0 [pid 5990] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5990] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5990] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5990] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5990] write(3, "1000", 4) = 4 [pid 5990] close(3) = 0 [pid 5990] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5990] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5990] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5990] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5990] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5990] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5990] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5990] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5991 attached => {parent_tid=[915]}, 88) = 915 [pid 5991] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5990] rt_sigprocmask(SIG_SETMASK, [], [pid 5991] <... rseq resumed>) = 0 [pid 5990] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5990] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5991] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5990] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5991] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5991] memfd_create("syzkaller", 0) = 3 [pid 5991] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5991] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5991] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5991] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5991] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5991] close(3) = 0 [pid 5991] mkdir("./file0", 0777) = 0 [pid 5991] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5991] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5991] chdir("./file0") = 0 [pid 5991] ioctl(4, LOOP_CLR_FD) = 0 [pid 5991] close(4) = 0 [pid 5991] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5990] <... futex resumed>) = 0 [pid 5991] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5990] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5991] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5990] <... futex resumed>) = 0 [ 229.824546][ T5991] loop0: detected capacity change from 0 to 4096 [ 229.845367][ T5991] ntfs: volume version 3.1. [pid 5990] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5991] <... openat resumed>) = 4 [pid 5991] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5990] <... futex resumed>) = 0 [pid 5991] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5990] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5991] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5990] <... futex resumed>) = 0 [pid 5991] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5990] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5990] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5990] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5990] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5990] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5990] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5992 attached => {parent_tid=[916]}, 88) = 916 [pid 5992] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5990] rt_sigprocmask(SIG_SETMASK, [], [pid 5992] <... rseq resumed>) = 0 [pid 5990] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5992] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5991] <... write resumed>) = 1048064 [pid 5990] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5992] rt_sigprocmask(SIG_SETMASK, [], [pid 5990] <... futex resumed>) = 0 [pid 5992] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5990] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5992] creat("./file1", 000 [pid 5991] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5992] <... creat resumed>) = 5 [pid 5992] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5991] <... futex resumed>) = 0 [pid 5991] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5990] <... futex resumed>) = 0 [pid 5992] <... futex resumed>) = 1 [pid 5992] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5990] close(3) = 0 [pid 5990] close(4) = 0 [pid 5990] close(5) = 0 [pid 5990] close(6) = -1 EBADF (Bad file descriptor) [pid 5990] close(7) = -1 EBADF (Bad file descriptor) [pid 5990] close(8) = -1 EBADF (Bad file descriptor) [pid 5990] close(9) = -1 EBADF (Bad file descriptor) [pid 5990] close(10) = -1 EBADF (Bad file descriptor) [pid 5990] close(11) = -1 EBADF (Bad file descriptor) [pid 5990] close(12) = -1 EBADF (Bad file descriptor) [pid 5990] close(13) = -1 EBADF (Bad file descriptor) [pid 5990] close(14) = -1 EBADF (Bad file descriptor) [pid 5990] close(15) = -1 EBADF (Bad file descriptor) [pid 5990] close(16) = -1 EBADF (Bad file descriptor) [pid 5990] close(17) = -1 EBADF (Bad file descriptor) [pid 5990] close(18) = -1 EBADF (Bad file descriptor) [pid 5990] close(19) = -1 EBADF (Bad file descriptor) [pid 5990] close(20) = -1 EBADF (Bad file descriptor) [pid 5990] close(21) = -1 EBADF (Bad file descriptor) [pid 5990] close(22) = -1 EBADF (Bad file descriptor) [pid 5990] close(23) = -1 EBADF (Bad file descriptor) [pid 5990] close(24) = -1 EBADF (Bad file descriptor) [pid 5990] close(25) = -1 EBADF (Bad file descriptor) [pid 5990] close(26) = -1 EBADF (Bad file descriptor) [pid 5990] close(27) = -1 EBADF (Bad file descriptor) [pid 5990] close(28) = -1 EBADF (Bad file descriptor) [pid 5990] close(29) = -1 EBADF (Bad file descriptor) [pid 5990] exit_group(0 [pid 5991] <... futex resumed>) = ? [pid 5992] <... futex resumed>) = ? [pid 5991] +++ exited with 0 +++ [pid 5992] +++ exited with 0 +++ [pid 5990] <... exit_group resumed>) = ? [pid 5990] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=914, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./304", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./304", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./304/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./304/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./304/cgroup.cpu") = 0 [pid 5063] umount2("./304/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./304/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./304/binderfs") = 0 [pid 5063] umount2("./304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./304/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./304/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./304/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./304/file0") = 0 [pid 5063] umount2("./304/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./304/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./304/cgroup") = 0 [pid 5063] umount2("./304/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./304/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./304/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./304") = 0 [pid 5063] mkdir("./305", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5993 attached [pid 5993] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 917 [pid 5993] <... set_robust_list resumed>) = 0 [pid 5993] chdir("./305") = 0 [pid 5993] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5993] setpgid(0, 0) = 0 [pid 5993] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5993] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5993] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5993] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5993] write(3, "1000", 4) = 4 [pid 5993] close(3) = 0 [pid 5993] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5993] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5993] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5993] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5993] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5993] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5993] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5993] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5994 attached => {parent_tid=[918]}, 88) = 918 [pid 5994] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 5994] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5994] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5994] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5993] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5993] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5994] <... futex resumed>) = 0 [pid 5993] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5994] memfd_create("syzkaller", 0) = 3 [pid 5994] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5994] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5994] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5994] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5994] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5994] close(3) = 0 [pid 5994] mkdir("./file0", 0777) = 0 [pid 5994] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5994] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5994] chdir("./file0") = 0 [pid 5994] ioctl(4, LOOP_CLR_FD) = 0 [ 230.509895][ T5994] loop0: detected capacity change from 0 to 4096 [ 230.524500][ T5994] ntfs: volume version 3.1. [pid 5994] close(4) = 0 [pid 5994] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5993] <... futex resumed>) = 0 [pid 5994] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5993] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5993] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5994] <... openat resumed>) = 4 [pid 5994] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5993] <... futex resumed>) = 0 [pid 5994] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5993] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5994] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5993] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5993] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5993] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5993] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5993] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5993] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[919]}, 88) = 919 ./strace-static-x86_64: Process 5995 attached [pid 5995] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5993] rt_sigprocmask(SIG_SETMASK, [], [pid 5995] <... rseq resumed>) = 0 [pid 5995] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5995] rt_sigprocmask(SIG_SETMASK, [], [pid 5993] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5995] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5993] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5995] creat("./file1", 000 [pid 5993] <... futex resumed>) = 0 [pid 5993] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5995] <... creat resumed>) = 5 [pid 5994] <... write resumed>) = 1048064 [pid 5995] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5993] <... futex resumed>) = 0 [pid 5995] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5994] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5993] close(3) = 0 [pid 5993] close(4 [pid 5994] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5993] <... close resumed>) = 0 [pid 5993] close(5) = 0 [pid 5993] close(6) = -1 EBADF (Bad file descriptor) [pid 5993] close(7) = -1 EBADF (Bad file descriptor) [pid 5993] close(8) = -1 EBADF (Bad file descriptor) [pid 5993] close(9) = -1 EBADF (Bad file descriptor) [pid 5993] close(10) = -1 EBADF (Bad file descriptor) [pid 5993] close(11) = -1 EBADF (Bad file descriptor) [pid 5993] close(12) = -1 EBADF (Bad file descriptor) [pid 5993] close(13) = -1 EBADF (Bad file descriptor) [pid 5993] close(14) = -1 EBADF (Bad file descriptor) [pid 5993] close(15) = -1 EBADF (Bad file descriptor) [pid 5993] close(16) = -1 EBADF (Bad file descriptor) [pid 5993] close(17) = -1 EBADF (Bad file descriptor) [pid 5993] close(18) = -1 EBADF (Bad file descriptor) [pid 5993] close(19) = -1 EBADF (Bad file descriptor) [pid 5993] close(20) = -1 EBADF (Bad file descriptor) [pid 5993] close(21) = -1 EBADF (Bad file descriptor) [pid 5993] close(22) = -1 EBADF (Bad file descriptor) [pid 5993] close(23) = -1 EBADF (Bad file descriptor) [pid 5993] close(24) = -1 EBADF (Bad file descriptor) [pid 5993] close(25) = -1 EBADF (Bad file descriptor) [pid 5993] close(26) = -1 EBADF (Bad file descriptor) [pid 5993] close(27) = -1 EBADF (Bad file descriptor) [pid 5993] close(28) = -1 EBADF (Bad file descriptor) [pid 5993] close(29) = -1 EBADF (Bad file descriptor) [pid 5993] exit_group(0) = ? [pid 5995] <... futex resumed>) = ? [pid 5994] <... futex resumed>) = ? [pid 5995] +++ exited with 0 +++ [pid 5994] +++ exited with 0 +++ [pid 5993] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=917, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./305", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./305", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./305/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./305/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./305/cgroup.cpu") = 0 [pid 5063] umount2("./305/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./305/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./305/binderfs") = 0 [pid 5063] umount2("./305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./305/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./305/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./305/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./305/file0") = 0 [pid 5063] umount2("./305/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./305/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./305/cgroup") = 0 [pid 5063] umount2("./305/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./305/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./305/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./305") = 0 [pid 5063] mkdir("./306", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5996 attached [pid 5996] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 920 [pid 5996] <... set_robust_list resumed>) = 0 [pid 5996] chdir("./306") = 0 [pid 5996] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5996] setpgid(0, 0) = 0 [pid 5996] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5996] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5996] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5996] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5996] write(3, "1000", 4) = 4 [pid 5996] close(3) = 0 [pid 5996] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5996] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5996] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5996] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5996] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5996] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5996] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5996] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 5997 attached => {parent_tid=[921]}, 88) = 921 [pid 5997] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5996] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5996] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5996] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 5997] <... rseq resumed>) = 0 [pid 5997] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 5997] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5997] memfd_create("syzkaller", 0) = 3 [pid 5997] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 5997] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5997] munmap(0x7eff01f2a000, 138412032) = 0 [pid 5997] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5997] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5997] close(3) = 0 [pid 5997] mkdir("./file0", 0777) = 0 [pid 5997] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 5997] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5997] chdir("./file0") = 0 [pid 5997] ioctl(4, LOOP_CLR_FD) = 0 [pid 5997] close(4) = 0 [pid 5997] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5996] <... futex resumed>) = 0 [pid 5997] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 5996] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5997] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5996] <... futex resumed>) = 0 [pid 5997] <... openat resumed>) = 4 [pid 5997] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 5996] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5997] <... futex resumed>) = 0 [pid 5996] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5997] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5996] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5997] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 5996] <... futex resumed>) = 0 [pid 5997] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 231.118220][ T5997] loop0: detected capacity change from 0 to 4096 [ 231.143463][ T5997] ntfs: volume version 3.1. [pid 5996] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 5996] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5996] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5996] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5996] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5996] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 5998 attached [pid 5998] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5996] <... clone3 resumed> => {parent_tid=[922]}, 88) = 922 [pid 5998] <... rseq resumed>) = 0 [pid 5996] rt_sigprocmask(SIG_SETMASK, [], [pid 5998] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 5996] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5996] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 5998] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5996] <... futex resumed>) = 0 [pid 5998] creat("./file1", 000 [pid 5996] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 5998] <... creat resumed>) = 5 [pid 5997] <... write resumed>) = 1048064 [pid 5997] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5997] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5998] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5996] <... futex resumed>) = 0 [pid 5998] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5996] close(3) = 0 [pid 5996] close(4) = 0 [pid 5996] close(5) = 0 [pid 5996] close(6) = -1 EBADF (Bad file descriptor) [pid 5996] close(7) = -1 EBADF (Bad file descriptor) [pid 5996] close(8) = -1 EBADF (Bad file descriptor) [pid 5996] close(9) = -1 EBADF (Bad file descriptor) [pid 5996] close(10) = -1 EBADF (Bad file descriptor) [pid 5996] close(11) = -1 EBADF (Bad file descriptor) [pid 5996] close(12) = -1 EBADF (Bad file descriptor) [pid 5996] close(13) = -1 EBADF (Bad file descriptor) [pid 5996] close(14) = -1 EBADF (Bad file descriptor) [pid 5996] close(15) = -1 EBADF (Bad file descriptor) [pid 5996] close(16) = -1 EBADF (Bad file descriptor) [pid 5996] close(17) = -1 EBADF (Bad file descriptor) [pid 5996] close(18) = -1 EBADF (Bad file descriptor) [pid 5996] close(19) = -1 EBADF (Bad file descriptor) [pid 5996] close(20) = -1 EBADF (Bad file descriptor) [pid 5996] close(21) = -1 EBADF (Bad file descriptor) [pid 5996] close(22) = -1 EBADF (Bad file descriptor) [pid 5996] close(23) = -1 EBADF (Bad file descriptor) [pid 5996] close(24) = -1 EBADF (Bad file descriptor) [pid 5996] close(25) = -1 EBADF (Bad file descriptor) [pid 5996] close(26) = -1 EBADF (Bad file descriptor) [pid 5996] close(27) = -1 EBADF (Bad file descriptor) [pid 5996] close(28) = -1 EBADF (Bad file descriptor) [pid 5996] close(29) = -1 EBADF (Bad file descriptor) [pid 5996] exit_group(0 [pid 5997] <... futex resumed>) = ? [pid 5996] <... exit_group resumed>) = ? [pid 5998] <... futex resumed>) = ? [pid 5997] +++ exited with 0 +++ [pid 5998] +++ exited with 0 +++ [pid 5996] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=920, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./306", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./306", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./306/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./306/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./306/cgroup.cpu") = 0 [pid 5063] umount2("./306/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./306/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./306/binderfs") = 0 [pid 5063] umount2("./306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./306/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./306/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./306/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./306/file0") = 0 [pid 5063] umount2("./306/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./306/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./306/cgroup") = 0 [pid 5063] umount2("./306/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./306/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./306/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./306") = 0 [pid 5063] mkdir("./307", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5999 attached [pid 5999] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 923 [pid 5999] <... set_robust_list resumed>) = 0 [pid 5999] chdir("./307") = 0 [pid 5999] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5999] setpgid(0, 0) = 0 [pid 5999] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 5999] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 5999] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 5999] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5999] write(3, "1000", 4) = 4 [pid 5999] close(3) = 0 [pid 5999] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5999] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5999] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 5999] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 5999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 5999] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5999] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5999] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6000 attached [pid 6000] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 5999] <... clone3 resumed> => {parent_tid=[924]}, 88) = 924 [pid 6000] <... rseq resumed>) = 0 [pid 5999] rt_sigprocmask(SIG_SETMASK, [], [pid 6000] set_robust_list(0x7eff0a34a9a0, 24 [pid 5999] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6000] <... set_robust_list resumed>) = 0 [pid 5999] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6000] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 5999] <... futex resumed>) = 0 [pid 6000] memfd_create("syzkaller", 0 [pid 5999] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6000] <... memfd_create resumed>) = 3 [pid 6000] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6000] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6000] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6000] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6000] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6000] close(3) = 0 [pid 6000] mkdir("./file0", 0777) = 0 [pid 6000] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6000] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6000] chdir("./file0") = 0 [pid 6000] ioctl(4, LOOP_CLR_FD) = 0 [pid 6000] close(4) = 0 [pid 6000] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5999] <... futex resumed>) = 0 [pid 5999] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6000] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 5999] <... futex resumed>) = 0 [pid 5999] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6000] <... openat resumed>) = 4 [pid 6000] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6000] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5999] <... futex resumed>) = 0 [pid 5999] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6000] <... futex resumed>) = 0 [pid 5999] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 231.668586][ T6000] loop0: detected capacity change from 0 to 4096 [ 231.693281][ T6000] ntfs: volume version 3.1. [pid 6000] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 5999] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 5999] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 5999] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 5999] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 5999] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 5999] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6001 attached [pid 6001] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 5999] <... clone3 resumed> => {parent_tid=[925]}, 88) = 925 [pid 6001] <... rseq resumed>) = 0 [pid 5999] rt_sigprocmask(SIG_SETMASK, [], [pid 6001] set_robust_list(0x7eff0a3299a0, 24 [pid 5999] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6001] <... set_robust_list resumed>) = 0 [pid 5999] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6001] rt_sigprocmask(SIG_SETMASK, [], [pid 5999] <... futex resumed>) = 0 [pid 6001] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 5999] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6001] creat("./file1", 000) = 5 [pid 6000] <... write resumed>) = 1048064 [pid 6000] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6000] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6001] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 5999] <... futex resumed>) = 0 [pid 6001] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 5999] close(3) = 0 [pid 5999] close(4) = 0 [pid 5999] close(5) = 0 [pid 5999] close(6) = -1 EBADF (Bad file descriptor) [pid 5999] close(7) = -1 EBADF (Bad file descriptor) [pid 5999] close(8) = -1 EBADF (Bad file descriptor) [pid 5999] close(9) = -1 EBADF (Bad file descriptor) [pid 5999] close(10) = -1 EBADF (Bad file descriptor) [pid 5999] close(11) = -1 EBADF (Bad file descriptor) [pid 5999] close(12) = -1 EBADF (Bad file descriptor) [pid 5999] close(13) = -1 EBADF (Bad file descriptor) [pid 5999] close(14) = -1 EBADF (Bad file descriptor) [pid 5999] close(15) = -1 EBADF (Bad file descriptor) [pid 5999] close(16) = -1 EBADF (Bad file descriptor) [pid 5999] close(17) = -1 EBADF (Bad file descriptor) [pid 5999] close(18) = -1 EBADF (Bad file descriptor) [pid 5999] close(19) = -1 EBADF (Bad file descriptor) [pid 5999] close(20) = -1 EBADF (Bad file descriptor) [pid 5999] close(21) = -1 EBADF (Bad file descriptor) [pid 5999] close(22) = -1 EBADF (Bad file descriptor) [pid 5999] close(23) = -1 EBADF (Bad file descriptor) [pid 5999] close(24) = -1 EBADF (Bad file descriptor) [pid 5999] close(25) = -1 EBADF (Bad file descriptor) [pid 5999] close(26) = -1 EBADF (Bad file descriptor) [pid 5999] close(27) = -1 EBADF (Bad file descriptor) [pid 5999] close(28) = -1 EBADF (Bad file descriptor) [pid 5999] close(29) = -1 EBADF (Bad file descriptor) [pid 5999] exit_group(0) = ? [pid 6001] <... futex resumed>) = ? [pid 6000] <... futex resumed>) = ? [pid 6001] +++ exited with 0 +++ [pid 6000] +++ exited with 0 +++ [pid 5999] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=923, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./307", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./307", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./307/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./307/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./307/cgroup.cpu") = 0 [pid 5063] umount2("./307/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./307/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./307/binderfs") = 0 [pid 5063] umount2("./307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./307/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./307/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./307/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./307/file0") = 0 [pid 5063] umount2("./307/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./307/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./307/cgroup") = 0 [pid 5063] umount2("./307/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./307/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./307/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./307") = 0 [pid 5063] mkdir("./308", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6002 attached , child_tidptr=0x5555560b8690) = 926 [pid 6002] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6002] chdir("./308") = 0 [pid 6002] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6002] setpgid(0, 0) = 0 [pid 6002] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6002] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6002] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6002] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6002] write(3, "1000", 4) = 4 [pid 6002] close(3) = 0 [pid 6002] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6002] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6002] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6002] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6002] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6002] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6002] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6002] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6003 attached [pid 6003] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6002] <... clone3 resumed> => {parent_tid=[927]}, 88) = 927 [pid 6003] <... rseq resumed>) = 0 [pid 6002] rt_sigprocmask(SIG_SETMASK, [], [pid 6003] set_robust_list(0x7eff0a34a9a0, 24 [pid 6002] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6003] <... set_robust_list resumed>) = 0 [pid 6002] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6003] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6002] <... futex resumed>) = 0 [pid 6002] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6003] memfd_create("syzkaller", 0) = 3 [pid 6003] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6003] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6003] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6003] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6003] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6003] close(3) = 0 [pid 6003] mkdir("./file0", 0777) = 0 [pid 6003] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6003] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6003] chdir("./file0") = 0 [pid 6003] ioctl(4, LOOP_CLR_FD) = 0 [pid 6003] close(4) = 0 [pid 6003] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6003] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6002] <... futex resumed>) = 0 [pid 6003] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6002] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6003] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6002] <... futex resumed>) = 0 [pid 6002] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6003] <... openat resumed>) = 4 [pid 6003] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6002] <... futex resumed>) = 0 [pid 6003] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6002] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6003] <... futex resumed>) = 0 [pid 6002] <... futex resumed>) = 1 [pid 6003] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 232.236241][ T6003] loop0: detected capacity change from 0 to 4096 [ 232.267275][ T6003] ntfs: volume version 3.1. [pid 6002] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6002] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6002] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6002] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6002] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6002] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6004 attached [pid 6004] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6004] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6004] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6002] <... clone3 resumed> => {parent_tid=[928]}, 88) = 928 [pid 6004] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6002] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6002] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6004] <... futex resumed>) = 0 [pid 6002] <... futex resumed>) = 1 [pid 6004] creat("./file1", 000 [pid 6002] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6004] <... creat resumed>) = 5 [pid 6003] <... write resumed>) = 1048064 [pid 6004] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6003] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6004] <... futex resumed>) = 1 [pid 6004] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6003] <... futex resumed>) = 0 [pid 6002] <... futex resumed>) = 0 [pid 6003] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6002] close(3) = 0 [pid 6002] close(4) = 0 [pid 6002] close(5) = 0 [pid 6002] close(6) = -1 EBADF (Bad file descriptor) [pid 6002] close(7) = -1 EBADF (Bad file descriptor) [pid 6002] close(8) = -1 EBADF (Bad file descriptor) [pid 6002] close(9) = -1 EBADF (Bad file descriptor) [pid 6002] close(10) = -1 EBADF (Bad file descriptor) [pid 6002] close(11) = -1 EBADF (Bad file descriptor) [pid 6002] close(12) = -1 EBADF (Bad file descriptor) [pid 6002] close(13) = -1 EBADF (Bad file descriptor) [pid 6002] close(14) = -1 EBADF (Bad file descriptor) [pid 6002] close(15) = -1 EBADF (Bad file descriptor) [pid 6002] close(16) = -1 EBADF (Bad file descriptor) [pid 6002] close(17) = -1 EBADF (Bad file descriptor) [pid 6002] close(18) = -1 EBADF (Bad file descriptor) [pid 6002] close(19) = -1 EBADF (Bad file descriptor) [pid 6002] close(20) = -1 EBADF (Bad file descriptor) [pid 6002] close(21) = -1 EBADF (Bad file descriptor) [pid 6002] close(22) = -1 EBADF (Bad file descriptor) [pid 6002] close(23) = -1 EBADF (Bad file descriptor) [pid 6002] close(24) = -1 EBADF (Bad file descriptor) [pid 6002] close(25) = -1 EBADF (Bad file descriptor) [pid 6002] close(26) = -1 EBADF (Bad file descriptor) [pid 6002] close(27) = -1 EBADF (Bad file descriptor) [pid 6002] close(28) = -1 EBADF (Bad file descriptor) [pid 6002] close(29) = -1 EBADF (Bad file descriptor) [pid 6002] exit_group(0 [pid 6003] <... futex resumed>) = ? [pid 6002] <... exit_group resumed>) = ? [pid 6004] <... futex resumed>) = ? [pid 6003] +++ exited with 0 +++ [pid 6004] +++ exited with 0 +++ [pid 6002] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=926, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./308", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./308", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./308/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./308/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./308/cgroup.cpu") = 0 [pid 5063] umount2("./308/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./308/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./308/binderfs") = 0 [pid 5063] umount2("./308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./308/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./308/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./308/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./308/file0") = 0 [pid 5063] umount2("./308/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./308/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./308/cgroup") = 0 [pid 5063] umount2("./308/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./308/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./308/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./308") = 0 [pid 5063] mkdir("./309", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6005 attached , child_tidptr=0x5555560b8690) = 929 [pid 6005] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6005] chdir("./309") = 0 [pid 6005] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6005] setpgid(0, 0) = 0 [pid 6005] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6005] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6005] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6005] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6005] write(3, "1000", 4) = 4 [pid 6005] close(3) = 0 [pid 6005] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6005] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6005] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6005] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6005] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6005] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6005] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6005] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6006 attached => {parent_tid=[930]}, 88) = 930 [pid 6006] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6005] rt_sigprocmask(SIG_SETMASK, [], [pid 6006] set_robust_list(0x7eff0a34a9a0, 24 [pid 6005] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6006] <... set_robust_list resumed>) = 0 [pid 6005] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6006] rt_sigprocmask(SIG_SETMASK, [], [pid 6005] <... futex resumed>) = 0 [pid 6006] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6005] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6006] memfd_create("syzkaller", 0) = 3 [pid 6006] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6006] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6006] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6006] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6006] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6006] close(3) = 0 [pid 6006] mkdir("./file0", 0777) = 0 [pid 6006] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6006] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6006] chdir("./file0") = 0 [pid 6006] ioctl(4, LOOP_CLR_FD) = 0 [pid 6006] close(4) = 0 [pid 6006] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6006] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6005] <... futex resumed>) = 0 [pid 6005] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6006] <... futex resumed>) = 0 [pid 6005] <... futex resumed>) = 1 [pid 6006] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6005] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6006] <... openat resumed>) = 4 [pid 6006] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6005] <... futex resumed>) = 0 [pid 6006] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6005] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6006] <... futex resumed>) = 0 [pid 6005] <... futex resumed>) = 1 [pid 6006] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 232.790394][ T6006] loop0: detected capacity change from 0 to 4096 [ 232.811701][ T6006] ntfs: volume version 3.1. [pid 6005] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6005] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6005] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6005] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6005] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6005] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6007 attached => {parent_tid=[931]}, 88) = 931 [pid 6007] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6007] set_robust_list(0x7eff0a3299a0, 24 [pid 6005] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6007] <... set_robust_list resumed>) = 0 [pid 6007] rt_sigprocmask(SIG_SETMASK, [], [pid 6005] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6007] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6007] creat("./file1", 000 [pid 6005] <... futex resumed>) = 0 [pid 6005] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6007] <... creat resumed>) = 5 [pid 6007] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6006] <... write resumed>) = 1048064 [pid 6007] <... futex resumed>) = 1 [pid 6006] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6007] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6006] <... futex resumed>) = 0 [pid 6005] <... futex resumed>) = 0 [pid 6006] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6005] close(3) = 0 [pid 6005] close(4) = 0 [pid 6005] close(5) = 0 [pid 6005] close(6) = -1 EBADF (Bad file descriptor) [pid 6005] close(7) = -1 EBADF (Bad file descriptor) [pid 6005] close(8) = -1 EBADF (Bad file descriptor) [pid 6005] close(9) = -1 EBADF (Bad file descriptor) [pid 6005] close(10) = -1 EBADF (Bad file descriptor) [pid 6005] close(11) = -1 EBADF (Bad file descriptor) [pid 6005] close(12) = -1 EBADF (Bad file descriptor) [pid 6005] close(13) = -1 EBADF (Bad file descriptor) [pid 6005] close(14) = -1 EBADF (Bad file descriptor) [pid 6005] close(15) = -1 EBADF (Bad file descriptor) [pid 6005] close(16) = -1 EBADF (Bad file descriptor) [pid 6005] close(17) = -1 EBADF (Bad file descriptor) [pid 6005] close(18) = -1 EBADF (Bad file descriptor) [pid 6005] close(19) = -1 EBADF (Bad file descriptor) [pid 6005] close(20) = -1 EBADF (Bad file descriptor) [pid 6005] close(21) = -1 EBADF (Bad file descriptor) [pid 6005] close(22) = -1 EBADF (Bad file descriptor) [pid 6005] close(23) = -1 EBADF (Bad file descriptor) [pid 6005] close(24) = -1 EBADF (Bad file descriptor) [pid 6005] close(25) = -1 EBADF (Bad file descriptor) [pid 6005] close(26) = -1 EBADF (Bad file descriptor) [pid 6005] close(27) = -1 EBADF (Bad file descriptor) [pid 6005] close(28) = -1 EBADF (Bad file descriptor) [pid 6005] close(29) = -1 EBADF (Bad file descriptor) [pid 6005] exit_group(0) = ? [pid 6006] <... futex resumed>) = ? [pid 6007] <... futex resumed>) = ? [pid 6006] +++ exited with 0 +++ [pid 6007] +++ exited with 0 +++ [pid 6005] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=929, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./309", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./309", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./309/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./309/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./309/cgroup.cpu") = 0 [pid 5063] umount2("./309/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./309/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./309/binderfs") = 0 [pid 5063] umount2("./309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./309/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./309/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./309/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./309/file0") = 0 [pid 5063] umount2("./309/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./309/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./309/cgroup") = 0 [pid 5063] umount2("./309/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./309/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./309/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./309") = 0 [pid 5063] mkdir("./310", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6008 attached [pid 6008] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 932 [pid 6008] <... set_robust_list resumed>) = 0 [pid 6008] chdir("./310") = 0 [pid 6008] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6008] setpgid(0, 0) = 0 [pid 6008] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6008] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6008] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6008] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6008] write(3, "1000", 4) = 4 [pid 6008] close(3) = 0 [pid 6008] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6008] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6008] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6008] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6008] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6008] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6008] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6008] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6009 attached => {parent_tid=[933]}, 88) = 933 [pid 6008] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6008] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6009] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6008] <... futex resumed>) = 0 [pid 6009] set_robust_list(0x7eff0a34a9a0, 24 [pid 6008] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6009] <... set_robust_list resumed>) = 0 [pid 6009] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6009] memfd_create("syzkaller", 0) = 3 [pid 6009] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6009] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6009] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6009] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6009] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6009] close(3) = 0 [pid 6009] mkdir("./file0", 0777) = 0 [ 233.354316][ T6009] loop0: detected capacity change from 0 to 4096 [ 233.371846][ T6009] __ntfs_warning: 170 callbacks suppressed [ 233.371858][ T6009] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 233.398483][ T6009] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 233.407980][ T6009] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 233.423647][ T6009] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 233.432438][ T6009] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 233.452369][ T6009] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 233.461086][ T6009] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 233.481251][ T6009] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6009] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6009] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6009] chdir("./file0") = 0 [pid 6009] ioctl(4, LOOP_CLR_FD) = 0 [pid 6009] close(4) = 0 [pid 6009] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6008] <... futex resumed>) = 0 [pid 6009] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6008] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6009] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6008] <... futex resumed>) = 0 [pid 6009] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6008] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6009] <... openat resumed>) = 4 [pid 6009] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6009] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6008] <... futex resumed>) = 0 [pid 6008] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6009] <... futex resumed>) = 0 [pid 6008] <... futex resumed>) = 1 [pid 6009] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 233.490029][ T6009] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 233.510061][ T6009] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 233.520665][ T6009] ntfs: volume version 3.1. [pid 6008] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6008] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6008] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6008] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6008] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6008] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6010 attached => {parent_tid=[934]}, 88) = 934 [pid 6010] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6010] set_robust_list(0x7eff0a3299a0, 24 [pid 6008] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6008] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6010] <... set_robust_list resumed>) = 0 [pid 6008] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6010] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6010] creat("./file1", 000) = 5 [pid 6010] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6008] <... futex resumed>) = 0 [pid 6010] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6009] <... write resumed>) = 1048064 [pid 6009] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6009] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6008] close(3) = 0 [pid 6008] close(4) = 0 [pid 6008] close(5) = 0 [pid 6008] close(6) = -1 EBADF (Bad file descriptor) [pid 6008] close(7) = -1 EBADF (Bad file descriptor) [pid 6008] close(8) = -1 EBADF (Bad file descriptor) [pid 6008] close(9) = -1 EBADF (Bad file descriptor) [pid 6008] close(10) = -1 EBADF (Bad file descriptor) [pid 6008] close(11) = -1 EBADF (Bad file descriptor) [pid 6008] close(12) = -1 EBADF (Bad file descriptor) [pid 6008] close(13) = -1 EBADF (Bad file descriptor) [pid 6008] close(14) = -1 EBADF (Bad file descriptor) [pid 6008] close(15) = -1 EBADF (Bad file descriptor) [pid 6008] close(16) = -1 EBADF (Bad file descriptor) [pid 6008] close(17) = -1 EBADF (Bad file descriptor) [pid 6008] close(18) = -1 EBADF (Bad file descriptor) [pid 6008] close(19) = -1 EBADF (Bad file descriptor) [pid 6008] close(20) = -1 EBADF (Bad file descriptor) [pid 6008] close(21) = -1 EBADF (Bad file descriptor) [pid 6008] close(22) = -1 EBADF (Bad file descriptor) [pid 6008] close(23) = -1 EBADF (Bad file descriptor) [pid 6008] close(24) = -1 EBADF (Bad file descriptor) [pid 6008] close(25) = -1 EBADF (Bad file descriptor) [pid 6008] close(26) = -1 EBADF (Bad file descriptor) [pid 6008] close(27) = -1 EBADF (Bad file descriptor) [pid 6008] close(28) = -1 EBADF (Bad file descriptor) [pid 6008] close(29) = -1 EBADF (Bad file descriptor) [pid 6008] exit_group(0 [pid 6010] <... futex resumed>) = ? [pid 6009] <... futex resumed>) = ? [pid 6008] <... exit_group resumed>) = ? [pid 6010] +++ exited with 0 +++ [pid 6009] +++ exited with 0 +++ [pid 6008] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=932, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5063] umount2("./310", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./310", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./310/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./310/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./310/cgroup.cpu") = 0 [pid 5063] umount2("./310/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./310/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./310/binderfs") = 0 [pid 5063] umount2("./310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./310/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./310/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./310/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./310/file0") = 0 [pid 5063] umount2("./310/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./310/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./310/cgroup") = 0 [pid 5063] umount2("./310/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./310/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./310/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./310") = 0 [pid 5063] mkdir("./311", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 935 ./strace-static-x86_64: Process 6011 attached [pid 6011] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6011] chdir("./311") = 0 [pid 6011] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6011] setpgid(0, 0) = 0 [pid 6011] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6011] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6011] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6011] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6011] write(3, "1000", 4) = 4 [pid 6011] close(3) = 0 [pid 6011] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6011] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6011] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6011] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6011] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6011] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6011] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6011] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6012 attached => {parent_tid=[936]}, 88) = 936 [pid 6012] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6011] rt_sigprocmask(SIG_SETMASK, [], [pid 6012] <... rseq resumed>) = 0 [pid 6012] set_robust_list(0x7eff0a34a9a0, 24 [pid 6011] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6012] <... set_robust_list resumed>) = 0 [pid 6011] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6012] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6011] <... futex resumed>) = 0 [pid 6011] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6012] memfd_create("syzkaller", 0) = 3 [pid 6012] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6012] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6012] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6012] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6012] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6012] close(3) = 0 [pid 6012] mkdir("./file0", 0777) = 0 [pid 6012] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6012] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6012] chdir("./file0") = 0 [pid 6012] ioctl(4, LOOP_CLR_FD) = 0 [pid 6012] close(4) = 0 [pid 6012] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6011] <... futex resumed>) = 0 [pid 6012] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6011] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6012] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6011] <... futex resumed>) = 0 [pid 6012] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 233.985682][ T6012] loop0: detected capacity change from 0 to 4096 [ 234.011265][ T6012] ntfs: volume version 3.1. [pid 6011] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6012] <... openat resumed>) = 4 [pid 6012] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6012] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6011] <... futex resumed>) = 0 [pid 6011] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6012] <... futex resumed>) = 0 [pid 6011] <... futex resumed>) = 1 [pid 6012] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6011] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6011] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6011] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6011] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6011] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6011] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6013 attached => {parent_tid=[937]}, 88) = 937 [pid 6013] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6012] <... write resumed>) = 1048064 [pid 6012] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6011] rt_sigprocmask(SIG_SETMASK, [], [pid 6013] <... rseq resumed>) = 0 [pid 6012] <... futex resumed>) = 0 [pid 6011] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6012] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6013] set_robust_list(0x7eff0a3299a0, 24 [pid 6011] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6013] <... set_robust_list resumed>) = 0 [pid 6011] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6013] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6013] creat("./file1", 000) = 5 [pid 6013] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6011] <... futex resumed>) = 0 [pid 6013] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6011] close(3) = 0 [pid 6011] close(4) = 0 [pid 6011] close(5) = 0 [pid 6011] close(6) = -1 EBADF (Bad file descriptor) [pid 6011] close(7) = -1 EBADF (Bad file descriptor) [pid 6011] close(8) = -1 EBADF (Bad file descriptor) [pid 6011] close(9) = -1 EBADF (Bad file descriptor) [pid 6011] close(10) = -1 EBADF (Bad file descriptor) [pid 6011] close(11) = -1 EBADF (Bad file descriptor) [pid 6011] close(12) = -1 EBADF (Bad file descriptor) [pid 6011] close(13) = -1 EBADF (Bad file descriptor) [pid 6011] close(14) = -1 EBADF (Bad file descriptor) [pid 6011] close(15) = -1 EBADF (Bad file descriptor) [pid 6011] close(16) = -1 EBADF (Bad file descriptor) [pid 6011] close(17) = -1 EBADF (Bad file descriptor) [pid 6011] close(18) = -1 EBADF (Bad file descriptor) [pid 6011] close(19) = -1 EBADF (Bad file descriptor) [pid 6011] close(20) = -1 EBADF (Bad file descriptor) [pid 6011] close(21) = -1 EBADF (Bad file descriptor) [pid 6011] close(22) = -1 EBADF (Bad file descriptor) [pid 6011] close(23) = -1 EBADF (Bad file descriptor) [pid 6011] close(24) = -1 EBADF (Bad file descriptor) [pid 6011] close(25) = -1 EBADF (Bad file descriptor) [pid 6011] close(26) = -1 EBADF (Bad file descriptor) [pid 6011] close(27) = -1 EBADF (Bad file descriptor) [pid 6011] close(28) = -1 EBADF (Bad file descriptor) [pid 6011] close(29) = -1 EBADF (Bad file descriptor) [pid 6011] exit_group(0 [pid 6013] <... futex resumed>) = ? [pid 6012] <... futex resumed>) = ? [pid 6011] <... exit_group resumed>) = ? [pid 6013] +++ exited with 0 +++ [pid 6012] +++ exited with 0 +++ [pid 6011] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=935, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./311", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./311", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./311/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./311/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./311/cgroup.cpu") = 0 [pid 5063] umount2("./311/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./311/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./311/binderfs") = 0 [pid 5063] umount2("./311/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./311/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./311/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./311/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./311/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./311/file0") = 0 [pid 5063] umount2("./311/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./311/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./311/cgroup") = 0 [pid 5063] umount2("./311/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./311/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./311/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./311") = 0 [pid 5063] mkdir("./312", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 938 ./strace-static-x86_64: Process 6014 attached [pid 6014] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6014] chdir("./312") = 0 [pid 6014] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6014] setpgid(0, 0) = 0 [pid 6014] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6014] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6014] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6014] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6014] write(3, "1000", 4) = 4 [pid 6014] close(3) = 0 [pid 6014] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6014] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6014] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6014] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6014] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6014] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6014] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6014] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6015 attached => {parent_tid=[939]}, 88) = 939 [pid 6015] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6014] rt_sigprocmask(SIG_SETMASK, [], [pid 6015] <... rseq resumed>) = 0 [pid 6014] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6015] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6014] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6015] rt_sigprocmask(SIG_SETMASK, [], [pid 6014] <... futex resumed>) = 0 [pid 6015] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6014] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6015] memfd_create("syzkaller", 0) = 3 [pid 6015] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6015] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6015] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6015] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6015] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6015] close(3) = 0 [pid 6015] mkdir("./file0", 0777) = 0 [pid 6015] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6015] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6015] chdir("./file0") = 0 [pid 6015] ioctl(4, LOOP_CLR_FD) = 0 [pid 6015] close(4) = 0 [pid 6015] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6014] <... futex resumed>) = 0 [pid 6015] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6014] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6014] <... futex resumed>) = 0 [pid 6015] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6014] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6015] <... openat resumed>) = 4 [pid 6015] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6014] <... futex resumed>) = 0 [pid 6015] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6014] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6015] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6014] <... futex resumed>) = 0 [pid 6015] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 234.526298][ T6015] loop0: detected capacity change from 0 to 4096 [ 234.556139][ T6015] ntfs: volume version 3.1. [pid 6014] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6014] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6014] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6014] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6014] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6014] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6016 attached [pid 6016] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6016] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6014] <... clone3 resumed> => {parent_tid=[940]}, 88) = 940 [pid 6014] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6014] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6016] rt_sigprocmask(SIG_SETMASK, [], [pid 6014] <... futex resumed>) = 0 [pid 6016] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6014] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6016] creat("./file1", 000) = 5 [pid 6015] <... write resumed>) = 1048064 [pid 6016] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6015] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6016] <... futex resumed>) = 1 [pid 6014] <... futex resumed>) = 0 [pid 6016] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6015] <... futex resumed>) = 0 [pid 6015] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6014] close(3) = 0 [pid 6014] close(4) = 0 [pid 6014] close(5) = 0 [pid 6014] close(6) = -1 EBADF (Bad file descriptor) [pid 6014] close(7) = -1 EBADF (Bad file descriptor) [pid 6014] close(8) = -1 EBADF (Bad file descriptor) [pid 6014] close(9) = -1 EBADF (Bad file descriptor) [pid 6014] close(10) = -1 EBADF (Bad file descriptor) [pid 6014] close(11) = -1 EBADF (Bad file descriptor) [pid 6014] close(12) = -1 EBADF (Bad file descriptor) [pid 6014] close(13) = -1 EBADF (Bad file descriptor) [pid 6014] close(14) = -1 EBADF (Bad file descriptor) [pid 6014] close(15) = -1 EBADF (Bad file descriptor) [pid 6014] close(16) = -1 EBADF (Bad file descriptor) [pid 6014] close(17) = -1 EBADF (Bad file descriptor) [pid 6014] close(18) = -1 EBADF (Bad file descriptor) [pid 6014] close(19) = -1 EBADF (Bad file descriptor) [pid 6014] close(20) = -1 EBADF (Bad file descriptor) [pid 6014] close(21) = -1 EBADF (Bad file descriptor) [pid 6014] close(22) = -1 EBADF (Bad file descriptor) [pid 6014] close(23) = -1 EBADF (Bad file descriptor) [pid 6014] close(24) = -1 EBADF (Bad file descriptor) [pid 6014] close(25) = -1 EBADF (Bad file descriptor) [pid 6014] close(26) = -1 EBADF (Bad file descriptor) [pid 6014] close(27) = -1 EBADF (Bad file descriptor) [pid 6014] close(28) = -1 EBADF (Bad file descriptor) [pid 6014] close(29) = -1 EBADF (Bad file descriptor) [pid 6014] exit_group(0 [pid 6016] <... futex resumed>) = ? [pid 6015] <... futex resumed>) = ? [pid 6014] <... exit_group resumed>) = ? [pid 6016] +++ exited with 0 +++ [pid 6015] +++ exited with 0 +++ [pid 6014] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=938, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./312", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./312", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./312/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./312/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./312/cgroup.cpu") = 0 [pid 5063] umount2("./312/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./312/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./312/binderfs") = 0 [pid 5063] umount2("./312/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./312/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./312/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./312/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./312/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./312/file0") = 0 [pid 5063] umount2("./312/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./312/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./312/cgroup") = 0 [pid 5063] umount2("./312/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./312/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./312/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./312") = 0 [pid 5063] mkdir("./313", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6017 attached , child_tidptr=0x5555560b8690) = 941 [pid 6017] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6017] chdir("./313") = 0 [pid 6017] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6017] setpgid(0, 0) = 0 [pid 6017] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6017] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6017] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6017] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6017] write(3, "1000", 4) = 4 [pid 6017] close(3) = 0 [pid 6017] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6017] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6017] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6017] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6017] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6017] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6017] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6017] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6018 attached [pid 6018] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6017] <... clone3 resumed> => {parent_tid=[942]}, 88) = 942 [pid 6018] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6017] rt_sigprocmask(SIG_SETMASK, [], [pid 6018] rt_sigprocmask(SIG_SETMASK, [], [pid 6017] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6018] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6017] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6017] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6018] memfd_create("syzkaller", 0) = 3 [pid 6018] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6018] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6018] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6018] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6018] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6018] close(3) = 0 [pid 6018] mkdir("./file0", 0777) = 0 [pid 6018] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6018] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6018] chdir("./file0") = 0 [pid 6018] ioctl(4, LOOP_CLR_FD) = 0 [pid 6018] close(4) = 0 [pid 6018] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6017] <... futex resumed>) = 0 [pid 6018] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6017] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6018] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6017] <... futex resumed>) = 0 [ 235.068835][ T6018] loop0: detected capacity change from 0 to 4096 [ 235.097504][ T6018] ntfs: volume version 3.1. [pid 6017] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6018] <... openat resumed>) = 4 [pid 6018] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6017] <... futex resumed>) = 0 [pid 6018] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6017] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6018] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6017] <... futex resumed>) = 0 [pid 6018] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6017] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6017] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6017] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6017] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6017] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6017] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6019 attached [pid 6019] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6019] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6019] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6017] <... clone3 resumed> => {parent_tid=[943]}, 88) = 943 [pid 6019] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6017] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6017] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6019] <... futex resumed>) = 0 [pid 6017] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6019] creat("./file1", 000) = 5 [pid 6019] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6019] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6018] <... write resumed>) = 1048064 [pid 6018] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6017] <... futex resumed>) = 0 [pid 6018] <... futex resumed>) = 0 [pid 6018] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6017] close(3) = 0 [pid 6017] close(4) = 0 [pid 6017] close(5) = 0 [pid 6017] close(6) = -1 EBADF (Bad file descriptor) [pid 6017] close(7) = -1 EBADF (Bad file descriptor) [pid 6017] close(8) = -1 EBADF (Bad file descriptor) [pid 6017] close(9) = -1 EBADF (Bad file descriptor) [pid 6017] close(10) = -1 EBADF (Bad file descriptor) [pid 6017] close(11) = -1 EBADF (Bad file descriptor) [pid 6017] close(12) = -1 EBADF (Bad file descriptor) [pid 6017] close(13) = -1 EBADF (Bad file descriptor) [pid 6017] close(14) = -1 EBADF (Bad file descriptor) [pid 6017] close(15) = -1 EBADF (Bad file descriptor) [pid 6017] close(16) = -1 EBADF (Bad file descriptor) [pid 6017] close(17) = -1 EBADF (Bad file descriptor) [pid 6017] close(18) = -1 EBADF (Bad file descriptor) [pid 6017] close(19) = -1 EBADF (Bad file descriptor) [pid 6017] close(20) = -1 EBADF (Bad file descriptor) [pid 6017] close(21) = -1 EBADF (Bad file descriptor) [pid 6017] close(22) = -1 EBADF (Bad file descriptor) [pid 6017] close(23) = -1 EBADF (Bad file descriptor) [pid 6017] close(24) = -1 EBADF (Bad file descriptor) [pid 6017] close(25) = -1 EBADF (Bad file descriptor) [pid 6017] close(26) = -1 EBADF (Bad file descriptor) [pid 6017] close(27) = -1 EBADF (Bad file descriptor) [pid 6017] close(28) = -1 EBADF (Bad file descriptor) [pid 6017] close(29) = -1 EBADF (Bad file descriptor) [pid 6017] exit_group(0) = ? [pid 6019] <... futex resumed>) = ? [pid 6018] <... futex resumed>) = ? [pid 6018] +++ exited with 0 +++ [pid 6019] +++ exited with 0 +++ [pid 6017] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=941, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./313", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./313", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./313/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./313/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./313/cgroup.cpu") = 0 [pid 5063] umount2("./313/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./313/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./313/binderfs") = 0 [pid 5063] umount2("./313/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./313/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./313/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./313/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./313/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./313/file0") = 0 [pid 5063] umount2("./313/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./313/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./313/cgroup") = 0 [pid 5063] umount2("./313/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./313/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./313/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./313") = 0 [pid 5063] mkdir("./314", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6020 attached , child_tidptr=0x5555560b8690) = 944 [pid 6020] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6020] chdir("./314") = 0 [pid 6020] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6020] setpgid(0, 0) = 0 [pid 6020] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6020] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6020] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6020] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6020] write(3, "1000", 4) = 4 [pid 6020] close(3) = 0 [pid 6020] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6020] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6020] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6020] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6020] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6020] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6020] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6020] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6021 attached [pid 6021] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6020] <... clone3 resumed> => {parent_tid=[945]}, 88) = 945 [pid 6021] set_robust_list(0x7eff0a34a9a0, 24 [pid 6020] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6021] <... set_robust_list resumed>) = 0 [pid 6020] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6021] rt_sigprocmask(SIG_SETMASK, [], [pid 6020] <... futex resumed>) = 0 [pid 6021] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6020] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6021] memfd_create("syzkaller", 0) = 3 [pid 6021] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6021] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6021] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6021] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6021] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6021] close(3) = 0 [pid 6021] mkdir("./file0", 0777) = 0 [pid 6021] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6021] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6021] chdir("./file0") = 0 [pid 6021] ioctl(4, LOOP_CLR_FD) = 0 [pid 6021] close(4) = 0 [pid 6021] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6021] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6020] <... futex resumed>) = 0 [ 235.616729][ T6021] loop0: detected capacity change from 0 to 4096 [ 235.636894][ T6021] ntfs: volume version 3.1. [pid 6020] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6021] <... futex resumed>) = 0 [pid 6020] <... futex resumed>) = 1 [pid 6021] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6020] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6021] <... openat resumed>) = 4 [pid 6021] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6021] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6020] <... futex resumed>) = 0 [pid 6020] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6021] <... futex resumed>) = 0 [pid 6021] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6020] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6020] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6020] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6020] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6020] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6020] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[946]}, 88) = 946 [pid 6020] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6022 attached [pid 6022] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6022] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6022] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6020] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6020] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6022] creat("./file1", 000 [pid 6020] <... futex resumed>) = 0 [pid 6020] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6022] <... creat resumed>) = 5 [pid 6021] <... write resumed>) = 1048064 [pid 6022] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6021] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6020] <... futex resumed>) = 0 [pid 6022] <... futex resumed>) = 1 [pid 6021] <... futex resumed>) = 0 [pid 6020] close(3 [pid 6022] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6021] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6020] <... close resumed>) = 0 [pid 6020] close(4) = 0 [pid 6020] close(5) = 0 [pid 6020] close(6) = -1 EBADF (Bad file descriptor) [pid 6020] close(7) = -1 EBADF (Bad file descriptor) [pid 6020] close(8) = -1 EBADF (Bad file descriptor) [pid 6020] close(9) = -1 EBADF (Bad file descriptor) [pid 6020] close(10) = -1 EBADF (Bad file descriptor) [pid 6020] close(11) = -1 EBADF (Bad file descriptor) [pid 6020] close(12) = -1 EBADF (Bad file descriptor) [pid 6020] close(13) = -1 EBADF (Bad file descriptor) [pid 6020] close(14) = -1 EBADF (Bad file descriptor) [pid 6020] close(15) = -1 EBADF (Bad file descriptor) [pid 6020] close(16) = -1 EBADF (Bad file descriptor) [pid 6020] close(17) = -1 EBADF (Bad file descriptor) [pid 6020] close(18) = -1 EBADF (Bad file descriptor) [pid 6020] close(19) = -1 EBADF (Bad file descriptor) [pid 6020] close(20) = -1 EBADF (Bad file descriptor) [pid 6020] close(21) = -1 EBADF (Bad file descriptor) [pid 6020] close(22) = -1 EBADF (Bad file descriptor) [pid 6020] close(23) = -1 EBADF (Bad file descriptor) [pid 6020] close(24) = -1 EBADF (Bad file descriptor) [pid 6020] close(25) = -1 EBADF (Bad file descriptor) [pid 6020] close(26) = -1 EBADF (Bad file descriptor) [pid 6020] close(27) = -1 EBADF (Bad file descriptor) [pid 6020] close(28) = -1 EBADF (Bad file descriptor) [pid 6020] close(29) = -1 EBADF (Bad file descriptor) [pid 6020] exit_group(0) = ? [pid 6022] <... futex resumed>) = ? [pid 6021] <... futex resumed>) = ? [pid 6022] +++ exited with 0 +++ [pid 6021] +++ exited with 0 +++ [pid 6020] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=944, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./314", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./314", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./314/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./314/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./314/cgroup.cpu") = 0 [pid 5063] umount2("./314/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./314/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./314/binderfs") = 0 [pid 5063] umount2("./314/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./314/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./314/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./314/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./314/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./314/file0") = 0 [pid 5063] umount2("./314/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./314/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./314/cgroup") = 0 [pid 5063] umount2("./314/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./314/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./314/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./314") = 0 [pid 5063] mkdir("./315", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6023 attached , child_tidptr=0x5555560b8690) = 947 [pid 6023] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6023] chdir("./315") = 0 [pid 6023] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6023] setpgid(0, 0) = 0 [pid 6023] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6023] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6023] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6023] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6023] write(3, "1000", 4) = 4 [pid 6023] close(3) = 0 [pid 6023] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6023] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6023] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6023] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6023] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6023] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6023] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6023] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6024 attached => {parent_tid=[948]}, 88) = 948 [pid 6024] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6023] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6024] <... rseq resumed>) = 0 [pid 6024] set_robust_list(0x7eff0a34a9a0, 24 [pid 6023] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6024] <... set_robust_list resumed>) = 0 [pid 6024] rt_sigprocmask(SIG_SETMASK, [], [pid 6023] <... futex resumed>) = 0 [pid 6024] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6023] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6024] memfd_create("syzkaller", 0) = 3 [pid 6024] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6024] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6024] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6024] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6024] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6024] close(3) = 0 [pid 6024] mkdir("./file0", 0777) = 0 [pid 6024] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6024] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6024] chdir("./file0") = 0 [pid 6024] ioctl(4, LOOP_CLR_FD) = 0 [pid 6024] close(4) = 0 [pid 6024] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6024] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6023] <... futex resumed>) = 0 [ 236.081502][ T6024] loop0: detected capacity change from 0 to 4096 [ 236.101883][ T6024] ntfs: volume version 3.1. [pid 6023] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6024] <... futex resumed>) = 0 [pid 6023] <... futex resumed>) = 1 [pid 6024] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6023] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6024] <... openat resumed>) = 4 [pid 6024] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6023] <... futex resumed>) = 0 [pid 6024] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6023] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6024] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6024] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6023] <... futex resumed>) = 0 [pid 6023] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6023] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6023] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6023] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6023] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6023] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6025 attached [pid 6025] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6023] <... clone3 resumed> => {parent_tid=[949]}, 88) = 949 [pid 6025] <... rseq resumed>) = 0 [pid 6025] set_robust_list(0x7eff0a3299a0, 24 [pid 6023] rt_sigprocmask(SIG_SETMASK, [], [pid 6025] <... set_robust_list resumed>) = 0 [pid 6023] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6025] rt_sigprocmask(SIG_SETMASK, [], [pid 6023] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6025] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6023] <... futex resumed>) = 0 [pid 6025] creat("./file1", 000 [pid 6023] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6025] <... creat resumed>) = 5 [pid 6024] <... write resumed>) = 1048064 [pid 6025] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6024] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6024] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6025] <... futex resumed>) = 1 [pid 6023] <... futex resumed>) = 0 [pid 6025] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6023] close(3) = 0 [pid 6023] close(4) = 0 [pid 6023] close(5) = 0 [pid 6023] close(6) = -1 EBADF (Bad file descriptor) [pid 6023] close(7) = -1 EBADF (Bad file descriptor) [pid 6023] close(8) = -1 EBADF (Bad file descriptor) [pid 6023] close(9) = -1 EBADF (Bad file descriptor) [pid 6023] close(10) = -1 EBADF (Bad file descriptor) [pid 6023] close(11) = -1 EBADF (Bad file descriptor) [pid 6023] close(12) = -1 EBADF (Bad file descriptor) [pid 6023] close(13) = -1 EBADF (Bad file descriptor) [pid 6023] close(14) = -1 EBADF (Bad file descriptor) [pid 6023] close(15) = -1 EBADF (Bad file descriptor) [pid 6023] close(16) = -1 EBADF (Bad file descriptor) [pid 6023] close(17) = -1 EBADF (Bad file descriptor) [pid 6023] close(18) = -1 EBADF (Bad file descriptor) [pid 6023] close(19) = -1 EBADF (Bad file descriptor) [pid 6023] close(20) = -1 EBADF (Bad file descriptor) [pid 6023] close(21) = -1 EBADF (Bad file descriptor) [pid 6023] close(22) = -1 EBADF (Bad file descriptor) [pid 6023] close(23) = -1 EBADF (Bad file descriptor) [pid 6023] close(24) = -1 EBADF (Bad file descriptor) [pid 6023] close(25) = -1 EBADF (Bad file descriptor) [pid 6023] close(26) = -1 EBADF (Bad file descriptor) [pid 6023] close(27) = -1 EBADF (Bad file descriptor) [pid 6023] close(28) = -1 EBADF (Bad file descriptor) [pid 6023] close(29) = -1 EBADF (Bad file descriptor) [pid 6023] exit_group(0) = ? [pid 6024] <... futex resumed>) = ? [pid 6025] <... futex resumed>) = ? [pid 6024] +++ exited with 0 +++ [pid 6025] +++ exited with 0 +++ [pid 6023] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=947, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./315", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./315", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./315/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./315/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./315/cgroup.cpu") = 0 [pid 5063] umount2("./315/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./315/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./315/binderfs") = 0 [pid 5063] umount2("./315/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./315/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./315/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./315/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./315/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./315/file0") = 0 [pid 5063] umount2("./315/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./315/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./315/cgroup") = 0 [pid 5063] umount2("./315/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./315/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./315/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./315") = 0 [pid 5063] mkdir("./316", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 950 ./strace-static-x86_64: Process 6026 attached [pid 6026] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6026] chdir("./316") = 0 [pid 6026] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6026] setpgid(0, 0) = 0 [pid 6026] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6026] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6026] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6026] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6026] write(3, "1000", 4) = 4 [pid 6026] close(3) = 0 [pid 6026] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6026] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6026] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6026] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6026] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6026] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6026] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6026] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6027 attached => {parent_tid=[951]}, 88) = 951 [pid 6027] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6026] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6026] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6027] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6026] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6027] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6027] memfd_create("syzkaller", 0) = 3 [pid 6027] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6027] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6027] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6027] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6027] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6027] close(3) = 0 [pid 6027] mkdir("./file0", 0777) = 0 [pid 6027] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6027] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6027] chdir("./file0") = 0 [pid 6027] ioctl(4, LOOP_CLR_FD) = 0 [pid 6027] close(4) = 0 [pid 6027] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6026] <... futex resumed>) = 0 [pid 6027] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6026] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6027] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6026] <... futex resumed>) = 0 [pid 6027] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6026] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6027] <... openat resumed>) = 4 [ 236.601074][ T6027] loop0: detected capacity change from 0 to 4096 [ 236.615715][ T6027] ntfs: volume version 3.1. [pid 6027] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6026] <... futex resumed>) = 0 [pid 6027] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6026] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6027] <... futex resumed>) = 0 [pid 6026] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6027] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6026] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6026] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6026] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6026] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6026] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6026] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6028 attached => {parent_tid=[952]}, 88) = 952 [pid 6028] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6026] rt_sigprocmask(SIG_SETMASK, [], [pid 6028] <... rseq resumed>) = 0 [pid 6028] set_robust_list(0x7eff0a3299a0, 24 [pid 6026] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6028] <... set_robust_list resumed>) = 0 [pid 6028] rt_sigprocmask(SIG_SETMASK, [], [pid 6026] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6028] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6026] <... futex resumed>) = 0 [pid 6028] creat("./file1", 000 [pid 6026] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6028] <... creat resumed>) = 5 [pid 6028] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6026] <... futex resumed>) = 0 [pid 6027] <... write resumed>) = 1048064 [pid 6028] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6027] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6027] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6026] close(3) = 0 [pid 6026] close(4) = 0 [pid 6026] close(5) = 0 [pid 6026] close(6) = -1 EBADF (Bad file descriptor) [pid 6026] close(7) = -1 EBADF (Bad file descriptor) [pid 6026] close(8) = -1 EBADF (Bad file descriptor) [pid 6026] close(9) = -1 EBADF (Bad file descriptor) [pid 6026] close(10) = -1 EBADF (Bad file descriptor) [pid 6026] close(11) = -1 EBADF (Bad file descriptor) [pid 6026] close(12) = -1 EBADF (Bad file descriptor) [pid 6026] close(13) = -1 EBADF (Bad file descriptor) [pid 6026] close(14) = -1 EBADF (Bad file descriptor) [pid 6026] close(15) = -1 EBADF (Bad file descriptor) [pid 6026] close(16) = -1 EBADF (Bad file descriptor) [pid 6026] close(17) = -1 EBADF (Bad file descriptor) [pid 6026] close(18) = -1 EBADF (Bad file descriptor) [pid 6026] close(19) = -1 EBADF (Bad file descriptor) [pid 6026] close(20) = -1 EBADF (Bad file descriptor) [pid 6026] close(21) = -1 EBADF (Bad file descriptor) [pid 6026] close(22) = -1 EBADF (Bad file descriptor) [pid 6026] close(23) = -1 EBADF (Bad file descriptor) [pid 6026] close(24) = -1 EBADF (Bad file descriptor) [pid 6026] close(25) = -1 EBADF (Bad file descriptor) [pid 6026] close(26) = -1 EBADF (Bad file descriptor) [pid 6026] close(27) = -1 EBADF (Bad file descriptor) [pid 6026] close(28) = -1 EBADF (Bad file descriptor) [pid 6026] close(29) = -1 EBADF (Bad file descriptor) [pid 6026] exit_group(0 [pid 6027] <... futex resumed>) = ? [pid 6026] <... exit_group resumed>) = ? [pid 6028] <... futex resumed>) = ? [pid 6027] +++ exited with 0 +++ [pid 6028] +++ exited with 0 +++ [pid 6026] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=950, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./316", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./316", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./316/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./316/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./316/cgroup.cpu") = 0 [pid 5063] umount2("./316/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./316/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./316/binderfs") = 0 [pid 5063] umount2("./316/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./316/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./316/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./316/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./316/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./316/file0") = 0 [pid 5063] umount2("./316/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./316/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./316/cgroup") = 0 [pid 5063] umount2("./316/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./316/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./316/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./316") = 0 [pid 5063] mkdir("./317", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6029 attached , child_tidptr=0x5555560b8690) = 953 [pid 6029] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6029] chdir("./317") = 0 [pid 6029] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6029] setpgid(0, 0) = 0 [pid 6029] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6029] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6029] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6029] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6029] write(3, "1000", 4) = 4 [pid 6029] close(3) = 0 [pid 6029] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6029] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6029] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6029] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6029] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6029] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6029] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6029] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6030 attached => {parent_tid=[954]}, 88) = 954 [pid 6030] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6029] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6029] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6029] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6030] <... rseq resumed>) = 0 [pid 6030] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6030] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6030] memfd_create("syzkaller", 0) = 3 [pid 6030] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6030] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6030] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6030] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6030] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6030] close(3) = 0 [pid 6030] mkdir("./file0", 0777) = 0 [pid 6030] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6030] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6030] chdir("./file0") = 0 [pid 6030] ioctl(4, LOOP_CLR_FD) = 0 [pid 6030] close(4) = 0 [pid 6030] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6029] <... futex resumed>) = 0 [pid 6030] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6029] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6030] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6029] <... futex resumed>) = 0 [pid 6030] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 237.167869][ T6030] loop0: detected capacity change from 0 to 4096 [ 237.187519][ T6030] ntfs: volume version 3.1. [pid 6029] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6030] <... openat resumed>) = 4 [pid 6030] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6029] <... futex resumed>) = 0 [pid 6030] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6029] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6030] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6030] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6029] <... futex resumed>) = 0 [pid 6029] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6029] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6029] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6029] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6029] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6029] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6031 attached => {parent_tid=[955]}, 88) = 955 [pid 6031] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6029] rt_sigprocmask(SIG_SETMASK, [], [pid 6031] <... rseq resumed>) = 0 [pid 6029] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6031] set_robust_list(0x7eff0a3299a0, 24 [pid 6029] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6031] <... set_robust_list resumed>) = 0 [pid 6029] <... futex resumed>) = 0 [pid 6031] rt_sigprocmask(SIG_SETMASK, [], [pid 6029] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6031] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6031] creat("./file1", 000) = 5 [pid 6030] <... write resumed>) = 1048064 [pid 6030] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6030] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6031] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6029] <... futex resumed>) = 0 [pid 6031] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6029] close(3) = 0 [pid 6029] close(4) = 0 [pid 6029] close(5) = 0 [pid 6029] close(6) = -1 EBADF (Bad file descriptor) [pid 6029] close(7) = -1 EBADF (Bad file descriptor) [pid 6029] close(8) = -1 EBADF (Bad file descriptor) [pid 6029] close(9) = -1 EBADF (Bad file descriptor) [pid 6029] close(10) = -1 EBADF (Bad file descriptor) [pid 6029] close(11) = -1 EBADF (Bad file descriptor) [pid 6029] close(12) = -1 EBADF (Bad file descriptor) [pid 6029] close(13) = -1 EBADF (Bad file descriptor) [pid 6029] close(14) = -1 EBADF (Bad file descriptor) [pid 6029] close(15) = -1 EBADF (Bad file descriptor) [pid 6029] close(16) = -1 EBADF (Bad file descriptor) [pid 6029] close(17) = -1 EBADF (Bad file descriptor) [pid 6029] close(18) = -1 EBADF (Bad file descriptor) [pid 6029] close(19) = -1 EBADF (Bad file descriptor) [pid 6029] close(20) = -1 EBADF (Bad file descriptor) [pid 6029] close(21) = -1 EBADF (Bad file descriptor) [pid 6029] close(22) = -1 EBADF (Bad file descriptor) [pid 6029] close(23) = -1 EBADF (Bad file descriptor) [pid 6029] close(24) = -1 EBADF (Bad file descriptor) [pid 6029] close(25) = -1 EBADF (Bad file descriptor) [pid 6029] close(26) = -1 EBADF (Bad file descriptor) [pid 6029] close(27) = -1 EBADF (Bad file descriptor) [pid 6029] close(28) = -1 EBADF (Bad file descriptor) [pid 6029] close(29) = -1 EBADF (Bad file descriptor) [pid 6029] exit_group(0 [pid 6031] <... futex resumed>) = ? [pid 6030] <... futex resumed>) = ? [pid 6029] <... exit_group resumed>) = ? [pid 6031] +++ exited with 0 +++ [pid 6030] +++ exited with 0 +++ [pid 6029] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=953, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./317", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./317", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./317/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./317/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./317/cgroup.cpu") = 0 [pid 5063] umount2("./317/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./317/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./317/binderfs") = 0 [pid 5063] umount2("./317/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./317/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./317/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./317/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./317/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./317/file0") = 0 [pid 5063] umount2("./317/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./317/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./317/cgroup") = 0 [pid 5063] umount2("./317/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./317/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./317/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./317") = 0 [pid 5063] mkdir("./318", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6032 attached , child_tidptr=0x5555560b8690) = 956 [pid 6032] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6032] chdir("./318") = 0 [pid 6032] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6032] setpgid(0, 0) = 0 [pid 6032] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6032] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6032] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6032] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6032] write(3, "1000", 4) = 4 [pid 6032] close(3) = 0 [pid 6032] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6032] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6032] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6032] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6032] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6032] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6032] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6032] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6033 attached => {parent_tid=[957]}, 88) = 957 [pid 6033] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6032] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6032] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6032] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6033] <... rseq resumed>) = 0 [pid 6033] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6033] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6033] memfd_create("syzkaller", 0) = 3 [pid 6033] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6033] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6033] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6033] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6033] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6033] close(3) = 0 [pid 6033] mkdir("./file0", 0777) = 0 [pid 6033] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6033] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6033] chdir("./file0") = 0 [pid 6033] ioctl(4, LOOP_CLR_FD) = 0 [pid 6033] close(4) = 0 [pid 6033] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6032] <... futex resumed>) = 0 [pid 6032] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6032] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6033] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6033] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6033] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6032] <... futex resumed>) = 0 [pid 6033] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6032] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6033] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6032] <... futex resumed>) = 0 [ 237.681923][ T6033] loop0: detected capacity change from 0 to 4096 [ 237.703567][ T6033] ntfs: volume version 3.1. [pid 6032] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6032] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6032] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6032] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6032] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6032] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6032] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6034 attached [pid 6034] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6034] set_robust_list(0x7eff0a3299a0, 24 [pid 6032] <... clone3 resumed> => {parent_tid=[958]}, 88) = 958 [pid 6034] <... set_robust_list resumed>) = 0 [pid 6034] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6034] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6032] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6032] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6034] <... futex resumed>) = 0 [pid 6032] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6034] creat("./file1", 000) = 5 [pid 6033] <... write resumed>) = 1048064 [pid 6034] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6033] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6034] <... futex resumed>) = 1 [pid 6032] <... futex resumed>) = 0 [pid 6034] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6033] <... futex resumed>) = 0 [pid 6032] close(3 [pid 6033] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6032] <... close resumed>) = 0 [pid 6032] close(4) = 0 [pid 6032] close(5) = 0 [pid 6032] close(6) = -1 EBADF (Bad file descriptor) [pid 6032] close(7) = -1 EBADF (Bad file descriptor) [pid 6032] close(8) = -1 EBADF (Bad file descriptor) [pid 6032] close(9) = -1 EBADF (Bad file descriptor) [pid 6032] close(10) = -1 EBADF (Bad file descriptor) [pid 6032] close(11) = -1 EBADF (Bad file descriptor) [pid 6032] close(12) = -1 EBADF (Bad file descriptor) [pid 6032] close(13) = -1 EBADF (Bad file descriptor) [pid 6032] close(14) = -1 EBADF (Bad file descriptor) [pid 6032] close(15) = -1 EBADF (Bad file descriptor) [pid 6032] close(16) = -1 EBADF (Bad file descriptor) [pid 6032] close(17) = -1 EBADF (Bad file descriptor) [pid 6032] close(18) = -1 EBADF (Bad file descriptor) [pid 6032] close(19) = -1 EBADF (Bad file descriptor) [pid 6032] close(20) = -1 EBADF (Bad file descriptor) [pid 6032] close(21) = -1 EBADF (Bad file descriptor) [pid 6032] close(22) = -1 EBADF (Bad file descriptor) [pid 6032] close(23) = -1 EBADF (Bad file descriptor) [pid 6032] close(24) = -1 EBADF (Bad file descriptor) [pid 6032] close(25) = -1 EBADF (Bad file descriptor) [pid 6032] close(26) = -1 EBADF (Bad file descriptor) [pid 6032] close(27) = -1 EBADF (Bad file descriptor) [pid 6032] close(28) = -1 EBADF (Bad file descriptor) [pid 6032] close(29) = -1 EBADF (Bad file descriptor) [pid 6032] exit_group(0 [pid 6033] <... futex resumed>) = ? [pid 6032] <... exit_group resumed>) = ? [pid 6034] <... futex resumed>) = ? [pid 6033] +++ exited with 0 +++ [pid 6034] +++ exited with 0 +++ [pid 6032] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=956, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./318", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./318", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./318/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./318/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./318/cgroup.cpu") = 0 [pid 5063] umount2("./318/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./318/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./318/binderfs") = 0 [pid 5063] umount2("./318/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./318/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./318/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./318/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./318/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./318/file0") = 0 [pid 5063] umount2("./318/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./318/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./318/cgroup") = 0 [pid 5063] umount2("./318/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./318/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./318/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./318") = 0 [pid 5063] mkdir("./319", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6035 attached [pid 6035] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 959 [pid 6035] <... set_robust_list resumed>) = 0 [pid 6035] chdir("./319") = 0 [pid 6035] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6035] setpgid(0, 0) = 0 [pid 6035] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6035] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6035] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6035] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6035] write(3, "1000", 4) = 4 [pid 6035] close(3) = 0 [pid 6035] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6035] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6035] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6035] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6035] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6035] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6035] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6035] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6036 attached => {parent_tid=[960]}, 88) = 960 [pid 6036] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6035] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6036] <... rseq resumed>) = 0 [pid 6035] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6035] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6036] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6036] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6036] memfd_create("syzkaller", 0) = 3 [pid 6036] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6036] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6036] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6036] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6036] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6036] close(3) = 0 [pid 6036] mkdir("./file0", 0777) = 0 [pid 6036] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6036] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6036] chdir("./file0") = 0 [pid 6036] ioctl(4, LOOP_CLR_FD) = 0 [pid 6036] close(4) = 0 [pid 6036] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6035] <... futex resumed>) = 0 [pid 6036] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6035] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6035] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6036] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6036] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6036] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6036] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6035] <... futex resumed>) = 0 [pid 6035] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6035] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6036] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 238.221226][ T6036] loop0: detected capacity change from 0 to 4096 [ 238.252363][ T6036] ntfs: volume version 3.1. [pid 6036] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6035] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6035] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6035] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6035] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6035] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6035] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6037 attached [pid 6037] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6035] <... clone3 resumed> => {parent_tid=[961]}, 88) = 961 [pid 6037] set_robust_list(0x7eff0a3299a0, 24 [pid 6035] rt_sigprocmask(SIG_SETMASK, [], [pid 6037] <... set_robust_list resumed>) = 0 [pid 6035] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6037] rt_sigprocmask(SIG_SETMASK, [], [pid 6035] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6037] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6035] <... futex resumed>) = 0 [pid 6037] creat("./file1", 000 [pid 6035] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6037] <... creat resumed>) = 5 [pid 6036] <... write resumed>) = 1048064 [pid 6036] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6037] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6036] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6037] <... futex resumed>) = 1 [pid 6035] <... futex resumed>) = 0 [pid 6037] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6035] close(3) = 0 [pid 6035] close(4) = 0 [pid 6035] close(5) = 0 [pid 6035] close(6) = -1 EBADF (Bad file descriptor) [pid 6035] close(7) = -1 EBADF (Bad file descriptor) [pid 6035] close(8) = -1 EBADF (Bad file descriptor) [pid 6035] close(9) = -1 EBADF (Bad file descriptor) [pid 6035] close(10) = -1 EBADF (Bad file descriptor) [pid 6035] close(11) = -1 EBADF (Bad file descriptor) [pid 6035] close(12) = -1 EBADF (Bad file descriptor) [pid 6035] close(13) = -1 EBADF (Bad file descriptor) [pid 6035] close(14) = -1 EBADF (Bad file descriptor) [pid 6035] close(15) = -1 EBADF (Bad file descriptor) [pid 6035] close(16) = -1 EBADF (Bad file descriptor) [pid 6035] close(17) = -1 EBADF (Bad file descriptor) [pid 6035] close(18) = -1 EBADF (Bad file descriptor) [pid 6035] close(19) = -1 EBADF (Bad file descriptor) [pid 6035] close(20) = -1 EBADF (Bad file descriptor) [pid 6035] close(21) = -1 EBADF (Bad file descriptor) [pid 6035] close(22) = -1 EBADF (Bad file descriptor) [pid 6035] close(23) = -1 EBADF (Bad file descriptor) [pid 6035] close(24) = -1 EBADF (Bad file descriptor) [pid 6035] close(25) = -1 EBADF (Bad file descriptor) [pid 6035] close(26) = -1 EBADF (Bad file descriptor) [pid 6035] close(27) = -1 EBADF (Bad file descriptor) [pid 6035] close(28) = -1 EBADF (Bad file descriptor) [pid 6035] close(29) = -1 EBADF (Bad file descriptor) [pid 6035] exit_group(0 [pid 6036] <... futex resumed>) = ? [pid 6035] <... exit_group resumed>) = ? [pid 6037] <... futex resumed>) = ? [pid 6036] +++ exited with 0 +++ [pid 6037] +++ exited with 0 +++ [pid 6035] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=959, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5063] umount2("./319", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./319", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./319/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./319/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./319/cgroup.cpu") = 0 [pid 5063] umount2("./319/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./319/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./319/binderfs") = 0 [pid 5063] umount2("./319/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./319/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./319/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./319/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./319/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./319/file0") = 0 [pid 5063] umount2("./319/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./319/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./319/cgroup") = 0 [pid 5063] umount2("./319/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./319/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./319/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./319") = 0 [pid 5063] mkdir("./320", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6038 attached [pid 6038] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6038] chdir("./320") = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 962 [pid 6038] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6038] setpgid(0, 0) = 0 [pid 6038] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6038] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6038] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6038] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6038] write(3, "1000", 4) = 4 [pid 6038] close(3) = 0 [pid 6038] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6038] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6038] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6038] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6038] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6038] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6038] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6038] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6039 attached => {parent_tid=[963]}, 88) = 963 [pid 6039] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6038] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6038] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6038] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6039] <... rseq resumed>) = 0 [pid 6039] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6039] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6039] memfd_create("syzkaller", 0) = 3 [pid 6039] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6039] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6039] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6039] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6039] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6039] close(3) = 0 [pid 6039] mkdir("./file0", 0777) = 0 [ 238.765249][ T6039] loop0: detected capacity change from 0 to 4096 [ 238.774230][ T6039] __ntfs_warning: 190 callbacks suppressed [ 238.774238][ T6039] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 238.800763][ T6039] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 238.810258][ T6039] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 238.826094][ T6039] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 238.834835][ T6039] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 238.854796][ T6039] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 238.863553][ T6039] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 238.883708][ T6039] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 238.892483][ T6039] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [pid 6039] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6039] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6039] chdir("./file0") = 0 [pid 6039] ioctl(4, LOOP_CLR_FD) = 0 [pid 6039] close(4) = 0 [pid 6039] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6038] <... futex resumed>) = 0 [pid 6039] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6038] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6039] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6038] <... futex resumed>) = 0 [pid 6039] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6038] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6039] <... openat resumed>) = 4 [pid 6039] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6038] <... futex resumed>) = 0 [pid 6039] <... futex resumed>) = 1 [pid 6038] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6039] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6038] <... futex resumed>) = 0 [ 238.912455][ T6039] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 238.922858][ T6039] ntfs: volume version 3.1. [pid 6038] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6038] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6038] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6038] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6038] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6038] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6040 attached => {parent_tid=[964]}, 88) = 964 [pid 6040] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6038] rt_sigprocmask(SIG_SETMASK, [], [pid 6040] <... rseq resumed>) = 0 [pid 6039] <... write resumed>) = 1048064 [pid 6040] set_robust_list(0x7eff0a3299a0, 24 [pid 6039] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6038] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6040] <... set_robust_list resumed>) = 0 [pid 6039] <... futex resumed>) = 0 [pid 6040] rt_sigprocmask(SIG_SETMASK, [], [pid 6039] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6038] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6040] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6040] creat("./file1", 000 [pid 6038] <... futex resumed>) = 0 [pid 6038] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6040] <... creat resumed>) = 5 [pid 6040] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6038] <... futex resumed>) = 0 [pid 6040] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6038] close(3) = 0 [pid 6038] close(4) = 0 [pid 6038] close(5) = 0 [pid 6038] close(6) = -1 EBADF (Bad file descriptor) [pid 6038] close(7) = -1 EBADF (Bad file descriptor) [pid 6038] close(8) = -1 EBADF (Bad file descriptor) [pid 6038] close(9) = -1 EBADF (Bad file descriptor) [pid 6038] close(10) = -1 EBADF (Bad file descriptor) [pid 6038] close(11) = -1 EBADF (Bad file descriptor) [pid 6038] close(12) = -1 EBADF (Bad file descriptor) [pid 6038] close(13) = -1 EBADF (Bad file descriptor) [pid 6038] close(14) = -1 EBADF (Bad file descriptor) [pid 6038] close(15) = -1 EBADF (Bad file descriptor) [pid 6038] close(16) = -1 EBADF (Bad file descriptor) [pid 6038] close(17) = -1 EBADF (Bad file descriptor) [pid 6038] close(18) = -1 EBADF (Bad file descriptor) [pid 6038] close(19) = -1 EBADF (Bad file descriptor) [pid 6038] close(20) = -1 EBADF (Bad file descriptor) [pid 6038] close(21) = -1 EBADF (Bad file descriptor) [pid 6038] close(22) = -1 EBADF (Bad file descriptor) [pid 6038] close(23) = -1 EBADF (Bad file descriptor) [pid 6038] close(24) = -1 EBADF (Bad file descriptor) [pid 6038] close(25) = -1 EBADF (Bad file descriptor) [pid 6038] close(26) = -1 EBADF (Bad file descriptor) [pid 6038] close(27) = -1 EBADF (Bad file descriptor) [pid 6038] close(28) = -1 EBADF (Bad file descriptor) [pid 6038] close(29) = -1 EBADF (Bad file descriptor) [pid 6038] exit_group(0) = ? [pid 6040] <... futex resumed>) = ? [pid 6039] <... futex resumed>) = ? [pid 6039] +++ exited with 0 +++ [pid 6040] +++ exited with 0 +++ [pid 6038] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=962, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5063] umount2("./320", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./320", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./320/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./320/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./320/cgroup.cpu") = 0 [pid 5063] umount2("./320/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./320/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./320/binderfs") = 0 [pid 5063] umount2("./320/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./320/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./320/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./320/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./320/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./320/file0") = 0 [pid 5063] umount2("./320/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./320/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./320/cgroup") = 0 [pid 5063] umount2("./320/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./320/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./320/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./320") = 0 [pid 5063] mkdir("./321", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 965 ./strace-static-x86_64: Process 6041 attached [pid 6041] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6041] chdir("./321") = 0 [pid 6041] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6041] setpgid(0, 0) = 0 [pid 6041] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6041] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6041] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6041] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6041] write(3, "1000", 4) = 4 [pid 6041] close(3) = 0 [pid 6041] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6041] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6041] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6041] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6041] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6041] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6041] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6041] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6042 attached [pid 6042] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6041] <... clone3 resumed> => {parent_tid=[966]}, 88) = 966 [pid 6042] <... rseq resumed>) = 0 [pid 6041] rt_sigprocmask(SIG_SETMASK, [], [pid 6042] set_robust_list(0x7eff0a34a9a0, 24 [pid 6041] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6042] <... set_robust_list resumed>) = 0 [pid 6042] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6042] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6041] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6042] <... futex resumed>) = 0 [pid 6041] <... futex resumed>) = 1 [pid 6041] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6042] memfd_create("syzkaller", 0) = 3 [pid 6042] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6042] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6042] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6042] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6042] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6042] close(3) = 0 [pid 6042] mkdir("./file0", 0777) = 0 [pid 6042] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6042] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6042] chdir("./file0") = 0 [pid 6042] ioctl(4, LOOP_CLR_FD) = 0 [pid 6042] close(4) = 0 [pid 6042] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6042] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6041] <... futex resumed>) = 0 [pid 6041] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6042] <... futex resumed>) = 0 [pid 6041] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6042] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6042] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6041] <... futex resumed>) = 0 [pid 6042] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6041] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6042] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6041] <... futex resumed>) = 0 [pid 6042] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 239.579130][ T6042] loop0: detected capacity change from 0 to 4096 [ 239.600032][ T6042] ntfs: volume version 3.1. [pid 6041] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6041] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6041] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6041] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6041] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6041] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6043 attached [pid 6043] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6041] <... clone3 resumed> => {parent_tid=[967]}, 88) = 967 [pid 6043] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6041] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6043] rt_sigprocmask(SIG_SETMASK, [], [pid 6041] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6043] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6041] <... futex resumed>) = 0 [pid 6043] creat("./file1", 000 [pid 6042] <... write resumed>) = 1048064 [pid 6042] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6041] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6042] <... futex resumed>) = 0 [pid 6042] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6043] <... creat resumed>) = 5 [pid 6043] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6043] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6041] <... futex resumed>) = 0 [pid 6041] close(3) = 0 [pid 6041] close(4) = 0 [pid 6041] close(5) = 0 [pid 6041] close(6) = -1 EBADF (Bad file descriptor) [pid 6041] close(7) = -1 EBADF (Bad file descriptor) [pid 6041] close(8) = -1 EBADF (Bad file descriptor) [pid 6041] close(9) = -1 EBADF (Bad file descriptor) [pid 6041] close(10) = -1 EBADF (Bad file descriptor) [pid 6041] close(11) = -1 EBADF (Bad file descriptor) [pid 6041] close(12) = -1 EBADF (Bad file descriptor) [pid 6041] close(13) = -1 EBADF (Bad file descriptor) [pid 6041] close(14) = -1 EBADF (Bad file descriptor) [pid 6041] close(15) = -1 EBADF (Bad file descriptor) [pid 6041] close(16) = -1 EBADF (Bad file descriptor) [pid 6041] close(17) = -1 EBADF (Bad file descriptor) [pid 6041] close(18) = -1 EBADF (Bad file descriptor) [pid 6041] close(19) = -1 EBADF (Bad file descriptor) [pid 6041] close(20) = -1 EBADF (Bad file descriptor) [pid 6041] close(21) = -1 EBADF (Bad file descriptor) [pid 6041] close(22) = -1 EBADF (Bad file descriptor) [pid 6041] close(23) = -1 EBADF (Bad file descriptor) [pid 6041] close(24) = -1 EBADF (Bad file descriptor) [pid 6041] close(25) = -1 EBADF (Bad file descriptor) [pid 6041] close(26) = -1 EBADF (Bad file descriptor) [pid 6041] close(27) = -1 EBADF (Bad file descriptor) [pid 6041] close(28) = -1 EBADF (Bad file descriptor) [pid 6041] close(29) = -1 EBADF (Bad file descriptor) [pid 6041] exit_group(0) = ? [pid 6042] <... futex resumed>) = ? [pid 6043] <... futex resumed>) = ? [pid 6042] +++ exited with 0 +++ [pid 6043] +++ exited with 0 +++ [pid 6041] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=965, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./321", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./321", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./321/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./321/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./321/cgroup.cpu") = 0 [pid 5063] umount2("./321/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./321/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./321/binderfs") = 0 [pid 5063] umount2("./321/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./321/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./321/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./321/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./321/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./321/file0") = 0 [pid 5063] umount2("./321/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./321/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./321/cgroup") = 0 [pid 5063] umount2("./321/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./321/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./321/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./321") = 0 [pid 5063] mkdir("./322", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6044 attached , child_tidptr=0x5555560b8690) = 968 [pid 6044] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6044] chdir("./322") = 0 [pid 6044] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6044] setpgid(0, 0) = 0 [pid 6044] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6044] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6044] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6044] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6044] write(3, "1000", 4) = 4 [pid 6044] close(3) = 0 [pid 6044] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6044] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6044] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6044] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6044] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6044] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6044] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6045 attached => {parent_tid=[969]}, 88) = 969 [pid 6045] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6044] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6044] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6044] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6045] <... rseq resumed>) = 0 [pid 6045] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6045] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6045] memfd_create("syzkaller", 0) = 3 [pid 6045] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6045] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6045] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6045] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6045] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6045] close(3) = 0 [pid 6045] mkdir("./file0", 0777) = 0 [pid 6045] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6045] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6045] chdir("./file0") = 0 [pid 6045] ioctl(4, LOOP_CLR_FD) = 0 [pid 6045] close(4) = 0 [pid 6045] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6045] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6044] <... futex resumed>) = 0 [pid 6044] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6045] <... futex resumed>) = 0 [pid 6044] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6045] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6045] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6044] <... futex resumed>) = 0 [ 240.210538][ T6045] loop0: detected capacity change from 0 to 4096 [ 240.244099][ T6045] ntfs: volume version 3.1. [pid 6045] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6044] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6045] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6045] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6044] <... futex resumed>) = 0 [pid 6044] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6044] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6044] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6044] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6044] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6044] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6046 attached => {parent_tid=[970]}, 88) = 970 [pid 6044] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6046] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6044] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6046] <... rseq resumed>) = 0 [pid 6044] <... futex resumed>) = 0 [pid 6046] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6046] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6044] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6046] creat("./file1", 000) = 5 [pid 6045] <... write resumed>) = 1048064 [pid 6046] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6045] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6046] <... futex resumed>) = 1 [pid 6044] <... futex resumed>) = 0 [pid 6046] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6045] <... futex resumed>) = 0 [pid 6044] close(3) = 0 [pid 6044] close(4 [pid 6045] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6044] <... close resumed>) = 0 [pid 6044] close(5) = 0 [pid 6044] close(6) = -1 EBADF (Bad file descriptor) [pid 6044] close(7) = -1 EBADF (Bad file descriptor) [pid 6044] close(8) = -1 EBADF (Bad file descriptor) [pid 6044] close(9) = -1 EBADF (Bad file descriptor) [pid 6044] close(10) = -1 EBADF (Bad file descriptor) [pid 6044] close(11) = -1 EBADF (Bad file descriptor) [pid 6044] close(12) = -1 EBADF (Bad file descriptor) [pid 6044] close(13) = -1 EBADF (Bad file descriptor) [pid 6044] close(14) = -1 EBADF (Bad file descriptor) [pid 6044] close(15) = -1 EBADF (Bad file descriptor) [pid 6044] close(16) = -1 EBADF (Bad file descriptor) [pid 6044] close(17) = -1 EBADF (Bad file descriptor) [pid 6044] close(18) = -1 EBADF (Bad file descriptor) [pid 6044] close(19) = -1 EBADF (Bad file descriptor) [pid 6044] close(20) = -1 EBADF (Bad file descriptor) [pid 6044] close(21) = -1 EBADF (Bad file descriptor) [pid 6044] close(22) = -1 EBADF (Bad file descriptor) [pid 6044] close(23) = -1 EBADF (Bad file descriptor) [pid 6044] close(24) = -1 EBADF (Bad file descriptor) [pid 6044] close(25) = -1 EBADF (Bad file descriptor) [pid 6044] close(26) = -1 EBADF (Bad file descriptor) [pid 6044] close(27) = -1 EBADF (Bad file descriptor) [pid 6044] close(28) = -1 EBADF (Bad file descriptor) [pid 6044] close(29) = -1 EBADF (Bad file descriptor) [pid 6044] exit_group(0 [pid 6045] <... futex resumed>) = ? [pid 6044] <... exit_group resumed>) = ? [pid 6046] <... futex resumed>) = ? [pid 6045] +++ exited with 0 +++ [pid 6046] +++ exited with 0 +++ [pid 6044] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=968, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./322", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./322", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./322/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./322/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./322/cgroup.cpu") = 0 [pid 5063] umount2("./322/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./322/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./322/binderfs") = 0 [pid 5063] umount2("./322/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./322/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./322/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./322/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./322/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./322/file0") = 0 [pid 5063] umount2("./322/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./322/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./322/cgroup") = 0 [pid 5063] umount2("./322/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./322/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./322/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./322") = 0 [pid 5063] mkdir("./323", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 971 ./strace-static-x86_64: Process 6047 attached [pid 6047] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6047] chdir("./323") = 0 [pid 6047] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6047] setpgid(0, 0) = 0 [pid 6047] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6047] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6047] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6047] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6047] write(3, "1000", 4) = 4 [pid 6047] close(3) = 0 [pid 6047] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6047] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6047] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6047] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6047] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6047] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6047] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6047] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6048 attached => {parent_tid=[972]}, 88) = 972 [pid 6048] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6047] rt_sigprocmask(SIG_SETMASK, [], [pid 6048] <... rseq resumed>) = 0 [pid 6047] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6048] set_robust_list(0x7eff0a34a9a0, 24 [pid 6047] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6048] <... set_robust_list resumed>) = 0 [pid 6048] rt_sigprocmask(SIG_SETMASK, [], [pid 6047] <... futex resumed>) = 0 [pid 6048] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6047] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6048] memfd_create("syzkaller", 0) = 3 [pid 6048] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6048] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6048] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6048] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6048] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6048] close(3) = 0 [pid 6048] mkdir("./file0", 0777) = 0 [pid 6048] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6048] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6048] chdir("./file0") = 0 [pid 6048] ioctl(4, LOOP_CLR_FD) = 0 [pid 6048] close(4) = 0 [pid 6048] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6047] <... futex resumed>) = 0 [pid 6048] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6047] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6048] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6048] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6047] <... futex resumed>) = 0 [pid 6047] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6048] <... openat resumed>) = 4 [ 240.748078][ T6048] loop0: detected capacity change from 0 to 4096 [ 240.770119][ T6048] ntfs: volume version 3.1. [pid 6048] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6048] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6047] <... futex resumed>) = 0 [pid 6047] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6048] <... futex resumed>) = 0 [pid 6047] <... futex resumed>) = 1 [pid 6048] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6047] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6047] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6047] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6047] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6047] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6047] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6049 attached => {parent_tid=[973]}, 88) = 973 [pid 6049] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6049] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6049] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6049] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6047] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6047] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6049] <... futex resumed>) = 0 [pid 6047] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6049] creat("./file1", 000) = 5 [pid 6049] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6047] <... futex resumed>) = 0 [pid 6048] <... write resumed>) = 1048064 [pid 6049] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6048] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6048] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6047] close(3) = 0 [pid 6047] close(4) = 0 [pid 6047] close(5) = 0 [pid 6047] close(6) = -1 EBADF (Bad file descriptor) [pid 6047] close(7) = -1 EBADF (Bad file descriptor) [pid 6047] close(8) = -1 EBADF (Bad file descriptor) [pid 6047] close(9) = -1 EBADF (Bad file descriptor) [pid 6047] close(10) = -1 EBADF (Bad file descriptor) [pid 6047] close(11) = -1 EBADF (Bad file descriptor) [pid 6047] close(12) = -1 EBADF (Bad file descriptor) [pid 6047] close(13) = -1 EBADF (Bad file descriptor) [pid 6047] close(14) = -1 EBADF (Bad file descriptor) [pid 6047] close(15) = -1 EBADF (Bad file descriptor) [pid 6047] close(16) = -1 EBADF (Bad file descriptor) [pid 6047] close(17) = -1 EBADF (Bad file descriptor) [pid 6047] close(18) = -1 EBADF (Bad file descriptor) [pid 6047] close(19) = -1 EBADF (Bad file descriptor) [pid 6047] close(20) = -1 EBADF (Bad file descriptor) [pid 6047] close(21) = -1 EBADF (Bad file descriptor) [pid 6047] close(22) = -1 EBADF (Bad file descriptor) [pid 6047] close(23) = -1 EBADF (Bad file descriptor) [pid 6047] close(24) = -1 EBADF (Bad file descriptor) [pid 6047] close(25) = -1 EBADF (Bad file descriptor) [pid 6047] close(26) = -1 EBADF (Bad file descriptor) [pid 6047] close(27) = -1 EBADF (Bad file descriptor) [pid 6047] close(28) = -1 EBADF (Bad file descriptor) [pid 6047] close(29) = -1 EBADF (Bad file descriptor) [pid 6047] exit_group(0 [pid 6049] <... futex resumed>) = ? [pid 6048] <... futex resumed>) = ? [pid 6047] <... exit_group resumed>) = ? [pid 6049] +++ exited with 0 +++ [pid 6048] +++ exited with 0 +++ [pid 6047] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=971, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./323", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./323", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./323/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./323/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./323/cgroup.cpu") = 0 [pid 5063] umount2("./323/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./323/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./323/binderfs") = 0 [pid 5063] umount2("./323/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./323/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./323/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./323/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./323/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./323/file0") = 0 [pid 5063] umount2("./323/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./323/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./323/cgroup") = 0 [pid 5063] umount2("./323/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./323/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./323/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./323") = 0 [pid 5063] mkdir("./324", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6050 attached [pid 6050] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 974 [pid 6050] chdir("./324") = 0 [pid 6050] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6050] setpgid(0, 0) = 0 [pid 6050] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6050] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6050] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6050] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6050] write(3, "1000", 4) = 4 [pid 6050] close(3) = 0 [pid 6050] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6050] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6050] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6050] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6050] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6050] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6050] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6050] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6051 attached [pid 6051] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6050] <... clone3 resumed> => {parent_tid=[975]}, 88) = 975 [pid 6051] <... rseq resumed>) = 0 [pid 6050] rt_sigprocmask(SIG_SETMASK, [], [pid 6051] set_robust_list(0x7eff0a34a9a0, 24 [pid 6050] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6051] <... set_robust_list resumed>) = 0 [pid 6050] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6051] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6050] <... futex resumed>) = 0 [pid 6050] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6051] memfd_create("syzkaller", 0) = 3 [pid 6051] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6051] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6051] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6051] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6051] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6051] close(3) = 0 [pid 6051] mkdir("./file0", 0777) = 0 [pid 6051] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6051] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6051] chdir("./file0") = 0 [pid 6051] ioctl(4, LOOP_CLR_FD) = 0 [pid 6051] close(4) = 0 [pid 6051] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6050] <... futex resumed>) = 0 [pid 6051] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6050] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6051] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6050] <... futex resumed>) = 0 [ 241.293496][ T6051] loop0: detected capacity change from 0 to 4096 [ 241.318295][ T6051] ntfs: volume version 3.1. [pid 6050] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6051] <... openat resumed>) = 4 [pid 6051] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6050] <... futex resumed>) = 0 [pid 6051] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6050] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6051] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6050] <... futex resumed>) = 0 [pid 6050] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6050] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6050] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6050] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6050] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6050] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6052 attached => {parent_tid=[976]}, 88) = 976 [pid 6050] rt_sigprocmask(SIG_SETMASK, [], [pid 6052] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6050] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6052] <... rseq resumed>) = 0 [pid 6052] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6050] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6052] rt_sigprocmask(SIG_SETMASK, [], [pid 6050] <... futex resumed>) = 0 [pid 6050] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6052] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6052] creat("./file1", 000) = 5 [pid 6051] <... write resumed>) = 1048064 [pid 6052] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6051] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6052] <... futex resumed>) = 1 [pid 6051] <... futex resumed>) = 0 [pid 6050] <... futex resumed>) = 0 [pid 6052] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6051] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6050] close(3) = 0 [pid 6050] close(4) = 0 [pid 6050] close(5) = 0 [pid 6050] close(6) = -1 EBADF (Bad file descriptor) [pid 6050] close(7) = -1 EBADF (Bad file descriptor) [pid 6050] close(8) = -1 EBADF (Bad file descriptor) [pid 6050] close(9) = -1 EBADF (Bad file descriptor) [pid 6050] close(10) = -1 EBADF (Bad file descriptor) [pid 6050] close(11) = -1 EBADF (Bad file descriptor) [pid 6050] close(12) = -1 EBADF (Bad file descriptor) [pid 6050] close(13) = -1 EBADF (Bad file descriptor) [pid 6050] close(14) = -1 EBADF (Bad file descriptor) [pid 6050] close(15) = -1 EBADF (Bad file descriptor) [pid 6050] close(16) = -1 EBADF (Bad file descriptor) [pid 6050] close(17) = -1 EBADF (Bad file descriptor) [pid 6050] close(18) = -1 EBADF (Bad file descriptor) [pid 6050] close(19) = -1 EBADF (Bad file descriptor) [pid 6050] close(20) = -1 EBADF (Bad file descriptor) [pid 6050] close(21) = -1 EBADF (Bad file descriptor) [pid 6050] close(22) = -1 EBADF (Bad file descriptor) [pid 6050] close(23) = -1 EBADF (Bad file descriptor) [pid 6050] close(24) = -1 EBADF (Bad file descriptor) [pid 6050] close(25) = -1 EBADF (Bad file descriptor) [pid 6050] close(26) = -1 EBADF (Bad file descriptor) [pid 6050] close(27) = -1 EBADF (Bad file descriptor) [pid 6050] close(28) = -1 EBADF (Bad file descriptor) [pid 6050] close(29) = -1 EBADF (Bad file descriptor) [pid 6050] exit_group(0) = ? [pid 6052] <... futex resumed>) = ? [pid 6051] <... futex resumed>) = ? [pid 6052] +++ exited with 0 +++ [pid 6051] +++ exited with 0 +++ [pid 6050] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=974, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./324", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./324", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./324/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./324/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./324/cgroup.cpu") = 0 [pid 5063] umount2("./324/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./324/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./324/binderfs") = 0 [pid 5063] umount2("./324/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./324/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./324/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./324/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./324/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./324/file0") = 0 [pid 5063] umount2("./324/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./324/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./324/cgroup") = 0 [pid 5063] umount2("./324/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./324/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./324/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./324") = 0 [pid 5063] mkdir("./325", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6053 attached [pid 6053] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 977 [pid 6053] <... set_robust_list resumed>) = 0 [pid 6053] chdir("./325") = 0 [pid 6053] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6053] setpgid(0, 0) = 0 [pid 6053] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6053] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6053] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6053] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6053] write(3, "1000", 4) = 4 [pid 6053] close(3) = 0 [pid 6053] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6053] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6053] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6053] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6053] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6053] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6053] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6053] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6054 attached => {parent_tid=[978]}, 88) = 978 [pid 6053] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6053] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6053] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6054] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6054] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6054] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6054] memfd_create("syzkaller", 0) = 3 [pid 6054] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6054] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6054] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6054] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6054] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6054] close(3) = 0 [pid 6054] mkdir("./file0", 0777) = 0 [pid 6054] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6054] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6054] chdir("./file0") = 0 [pid 6054] ioctl(4, LOOP_CLR_FD) = 0 [pid 6054] close(4) = 0 [pid 6054] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6053] <... futex resumed>) = 0 [pid 6054] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6053] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6054] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6053] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6054] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [ 241.979485][ T6054] loop0: detected capacity change from 0 to 4096 [ 242.002807][ T6054] ntfs: volume version 3.1. [pid 6054] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6053] <... futex resumed>) = 0 [pid 6054] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6053] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6054] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6053] <... futex resumed>) = 0 [pid 6053] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6053] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6053] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6053] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6053] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6053] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6055 attached => {parent_tid=[979]}, 88) = 979 [pid 6055] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6053] rt_sigprocmask(SIG_SETMASK, [], [pid 6055] <... rseq resumed>) = 0 [pid 6055] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6055] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6053] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6055] creat("./file1", 000 [pid 6053] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6053] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6055] <... creat resumed>) = 5 [pid 6054] <... write resumed>) = 1048064 [pid 6055] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6054] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6055] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6054] <... futex resumed>) = 0 [pid 6053] <... futex resumed>) = 0 [pid 6054] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6053] close(3) = 0 [pid 6053] close(4) = 0 [pid 6053] close(5) = 0 [pid 6053] close(6) = -1 EBADF (Bad file descriptor) [pid 6053] close(7) = -1 EBADF (Bad file descriptor) [pid 6053] close(8) = -1 EBADF (Bad file descriptor) [pid 6053] close(9) = -1 EBADF (Bad file descriptor) [pid 6053] close(10) = -1 EBADF (Bad file descriptor) [pid 6053] close(11) = -1 EBADF (Bad file descriptor) [pid 6053] close(12) = -1 EBADF (Bad file descriptor) [pid 6053] close(13) = -1 EBADF (Bad file descriptor) [pid 6053] close(14) = -1 EBADF (Bad file descriptor) [pid 6053] close(15) = -1 EBADF (Bad file descriptor) [pid 6053] close(16) = -1 EBADF (Bad file descriptor) [pid 6053] close(17) = -1 EBADF (Bad file descriptor) [pid 6053] close(18) = -1 EBADF (Bad file descriptor) [pid 6053] close(19) = -1 EBADF (Bad file descriptor) [pid 6053] close(20) = -1 EBADF (Bad file descriptor) [pid 6053] close(21) = -1 EBADF (Bad file descriptor) [pid 6053] close(22) = -1 EBADF (Bad file descriptor) [pid 6053] close(23) = -1 EBADF (Bad file descriptor) [pid 6053] close(24) = -1 EBADF (Bad file descriptor) [pid 6053] close(25) = -1 EBADF (Bad file descriptor) [pid 6053] close(26) = -1 EBADF (Bad file descriptor) [pid 6053] close(27) = -1 EBADF (Bad file descriptor) [pid 6053] close(28) = -1 EBADF (Bad file descriptor) [pid 6053] close(29) = -1 EBADF (Bad file descriptor) [pid 6053] exit_group(0 [pid 6055] <... futex resumed>) = ? [pid 6054] <... futex resumed>) = ? [pid 6053] <... exit_group resumed>) = ? [pid 6055] +++ exited with 0 +++ [pid 6054] +++ exited with 0 +++ [pid 6053] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=977, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./325", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./325", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./325/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./325/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./325/cgroup.cpu") = 0 [pid 5063] umount2("./325/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./325/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./325/binderfs") = 0 [pid 5063] umount2("./325/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./325/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./325/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./325/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./325/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./325/file0") = 0 [pid 5063] umount2("./325/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./325/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./325/cgroup") = 0 [pid 5063] umount2("./325/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./325/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./325/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./325") = 0 [pid 5063] mkdir("./326", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6056 attached [pid 6056] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 980 [pid 6056] <... set_robust_list resumed>) = 0 [pid 6056] chdir("./326") = 0 [pid 6056] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6056] setpgid(0, 0) = 0 [pid 6056] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6056] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6056] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6056] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6056] write(3, "1000", 4) = 4 [pid 6056] close(3) = 0 [pid 6056] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6056] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6056] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6056] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6056] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6056] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6056] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6056] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6057 attached => {parent_tid=[981]}, 88) = 981 [pid 6057] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6056] rt_sigprocmask(SIG_SETMASK, [], [pid 6057] <... rseq resumed>) = 0 [pid 6056] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6056] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6057] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6056] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6057] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6057] memfd_create("syzkaller", 0) = 3 [pid 6057] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6057] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6057] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6057] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6057] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6057] close(3) = 0 [pid 6057] mkdir("./file0", 0777) = 0 [pid 6057] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6057] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6057] chdir("./file0") = 0 [pid 6057] ioctl(4, LOOP_CLR_FD) = 0 [pid 6057] close(4) = 0 [pid 6057] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6057] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6056] <... futex resumed>) = 0 [pid 6056] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6057] <... futex resumed>) = 0 [pid 6056] <... futex resumed>) = 1 [pid 6057] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6056] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6057] <... openat resumed>) = 4 [pid 6057] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6056] <... futex resumed>) = 0 [pid 6056] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6056] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 242.598227][ T6057] loop0: detected capacity change from 0 to 4096 [ 242.619284][ T6057] ntfs: volume version 3.1. [pid 6057] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6056] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6056] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6056] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6056] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6056] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6056] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6058 attached [pid 6058] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6058] set_robust_list(0x7eff0a3299a0, 24 [pid 6056] <... clone3 resumed> => {parent_tid=[982]}, 88) = 982 [pid 6056] rt_sigprocmask(SIG_SETMASK, [], [pid 6058] <... set_robust_list resumed>) = 0 [pid 6056] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6058] rt_sigprocmask(SIG_SETMASK, [], [pid 6056] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6058] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6058] creat("./file1", 000 [pid 6056] <... futex resumed>) = 0 [pid 6056] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6058] <... creat resumed>) = 5 [pid 6058] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6057] <... write resumed>) = 1048064 [pid 6058] <... futex resumed>) = 1 [pid 6056] <... futex resumed>) = 0 [pid 6058] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6057] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6056] close(3 [pid 6057] <... futex resumed>) = 0 [pid 6056] <... close resumed>) = 0 [pid 6057] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6056] close(4) = 0 [pid 6056] close(5) = 0 [pid 6056] close(6) = -1 EBADF (Bad file descriptor) [pid 6056] close(7) = -1 EBADF (Bad file descriptor) [pid 6056] close(8) = -1 EBADF (Bad file descriptor) [pid 6056] close(9) = -1 EBADF (Bad file descriptor) [pid 6056] close(10) = -1 EBADF (Bad file descriptor) [pid 6056] close(11) = -1 EBADF (Bad file descriptor) [pid 6056] close(12) = -1 EBADF (Bad file descriptor) [pid 6056] close(13) = -1 EBADF (Bad file descriptor) [pid 6056] close(14) = -1 EBADF (Bad file descriptor) [pid 6056] close(15) = -1 EBADF (Bad file descriptor) [pid 6056] close(16) = -1 EBADF (Bad file descriptor) [pid 6056] close(17) = -1 EBADF (Bad file descriptor) [pid 6056] close(18) = -1 EBADF (Bad file descriptor) [pid 6056] close(19) = -1 EBADF (Bad file descriptor) [pid 6056] close(20) = -1 EBADF (Bad file descriptor) [pid 6056] close(21) = -1 EBADF (Bad file descriptor) [pid 6056] close(22) = -1 EBADF (Bad file descriptor) [pid 6056] close(23) = -1 EBADF (Bad file descriptor) [pid 6056] close(24) = -1 EBADF (Bad file descriptor) [pid 6056] close(25) = -1 EBADF (Bad file descriptor) [pid 6056] close(26) = -1 EBADF (Bad file descriptor) [pid 6056] close(27) = -1 EBADF (Bad file descriptor) [pid 6056] close(28) = -1 EBADF (Bad file descriptor) [pid 6056] close(29) = -1 EBADF (Bad file descriptor) [pid 6056] exit_group(0) = ? [pid 6058] <... futex resumed>) = ? [pid 6057] <... futex resumed>) = ? [pid 6058] +++ exited with 0 +++ [pid 6057] +++ exited with 0 +++ [pid 6056] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=980, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./326", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./326", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./326/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./326/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./326/cgroup.cpu") = 0 [pid 5063] umount2("./326/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./326/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./326/binderfs") = 0 [pid 5063] umount2("./326/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./326/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./326/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./326/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./326/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./326/file0") = 0 [pid 5063] umount2("./326/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./326/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./326/cgroup") = 0 [pid 5063] umount2("./326/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./326/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./326/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./326") = 0 [pid 5063] mkdir("./327", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6059 attached [pid 6059] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 983 [pid 6059] <... set_robust_list resumed>) = 0 [pid 6059] chdir("./327") = 0 [pid 6059] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6059] setpgid(0, 0) = 0 [pid 6059] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6059] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6059] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6059] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6059] write(3, "1000", 4) = 4 [pid 6059] close(3) = 0 [pid 6059] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6059] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6059] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6059] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6059] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6059] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6059] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6059] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6060 attached => {parent_tid=[984]}, 88) = 984 [pid 6060] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6059] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6059] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6060] <... rseq resumed>) = 0 [pid 6060] set_robust_list(0x7eff0a34a9a0, 24 [pid 6059] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6060] <... set_robust_list resumed>) = 0 [pid 6060] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6060] memfd_create("syzkaller", 0) = 3 [pid 6060] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6060] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6060] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6060] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6060] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6060] close(3) = 0 [pid 6060] mkdir("./file0", 0777) = 0 [ 243.173076][ T6060] loop0: detected capacity change from 0 to 4096 [pid 6060] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6060] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6060] chdir("./file0") = 0 [pid 6060] ioctl(4, LOOP_CLR_FD) = 0 [pid 6060] close(4) = 0 [pid 6060] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6060] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6059] <... futex resumed>) = 0 [pid 6059] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6060] <... futex resumed>) = 0 [pid 6059] <... futex resumed>) = 1 [pid 6060] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 243.213888][ T6060] ntfs: volume version 3.1. [pid 6059] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6060] <... openat resumed>) = 4 [pid 6060] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6059] <... futex resumed>) = 0 [pid 6060] <... futex resumed>) = 1 [pid 6059] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6060] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6059] <... futex resumed>) = 0 [pid 6059] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6059] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6059] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6059] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6059] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6059] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6061 attached => {parent_tid=[985]}, 88) = 985 [pid 6061] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6059] rt_sigprocmask(SIG_SETMASK, [], [pid 6061] <... rseq resumed>) = 0 [pid 6059] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6061] set_robust_list(0x7eff0a3299a0, 24 [pid 6059] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6061] <... set_robust_list resumed>) = 0 [pid 6059] <... futex resumed>) = 0 [pid 6061] rt_sigprocmask(SIG_SETMASK, [], [pid 6059] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6061] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6061] creat("./file1", 000) = 5 [pid 6060] <... write resumed>) = 1048064 [pid 6061] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6059] <... futex resumed>) = 0 [pid 6061] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6060] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6060] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6059] close(3) = 0 [pid 6059] close(4) = 0 [pid 6059] close(5) = 0 [pid 6059] close(6) = -1 EBADF (Bad file descriptor) [pid 6059] close(7) = -1 EBADF (Bad file descriptor) [pid 6059] close(8) = -1 EBADF (Bad file descriptor) [pid 6059] close(9) = -1 EBADF (Bad file descriptor) [pid 6059] close(10) = -1 EBADF (Bad file descriptor) [pid 6059] close(11) = -1 EBADF (Bad file descriptor) [pid 6059] close(12) = -1 EBADF (Bad file descriptor) [pid 6059] close(13) = -1 EBADF (Bad file descriptor) [pid 6059] close(14) = -1 EBADF (Bad file descriptor) [pid 6059] close(15) = -1 EBADF (Bad file descriptor) [pid 6059] close(16) = -1 EBADF (Bad file descriptor) [pid 6059] close(17) = -1 EBADF (Bad file descriptor) [pid 6059] close(18) = -1 EBADF (Bad file descriptor) [pid 6059] close(19) = -1 EBADF (Bad file descriptor) [pid 6059] close(20) = -1 EBADF (Bad file descriptor) [pid 6059] close(21) = -1 EBADF (Bad file descriptor) [pid 6059] close(22) = -1 EBADF (Bad file descriptor) [pid 6059] close(23) = -1 EBADF (Bad file descriptor) [pid 6059] close(24) = -1 EBADF (Bad file descriptor) [pid 6059] close(25) = -1 EBADF (Bad file descriptor) [pid 6059] close(26) = -1 EBADF (Bad file descriptor) [pid 6059] close(27) = -1 EBADF (Bad file descriptor) [pid 6059] close(28) = -1 EBADF (Bad file descriptor) [pid 6059] close(29) = -1 EBADF (Bad file descriptor) [pid 6059] exit_group(0 [pid 6060] <... futex resumed>) = ? [pid 6059] <... exit_group resumed>) = ? [pid 6061] <... futex resumed>) = ? [pid 6060] +++ exited with 0 +++ [pid 6061] +++ exited with 0 +++ [pid 6059] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=983, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./327", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./327", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./327/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./327/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./327/cgroup.cpu") = 0 [pid 5063] umount2("./327/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./327/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./327/binderfs") = 0 [pid 5063] umount2("./327/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./327/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./327/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./327/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./327/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./327/file0") = 0 [pid 5063] umount2("./327/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./327/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./327/cgroup") = 0 [pid 5063] umount2("./327/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./327/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./327/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./327") = 0 [pid 5063] mkdir("./328", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6062 attached [pid 6062] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 986 [pid 6062] <... set_robust_list resumed>) = 0 [pid 6062] chdir("./328") = 0 [pid 6062] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6062] setpgid(0, 0) = 0 [pid 6062] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6062] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6062] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6062] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6062] write(3, "1000", 4) = 4 [pid 6062] close(3) = 0 [pid 6062] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6062] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6062] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6062] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6062] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6062] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6062] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6062] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6063 attached => {parent_tid=[987]}, 88) = 987 [pid 6063] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6062] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6062] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6062] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6063] <... rseq resumed>) = 0 [pid 6063] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6063] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6063] memfd_create("syzkaller", 0) = 3 [pid 6063] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6063] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6063] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6063] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6063] close(3) = 0 [pid 6063] mkdir("./file0", 0777) = 0 [pid 6063] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6063] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6063] chdir("./file0") = 0 [pid 6063] ioctl(4, LOOP_CLR_FD) = 0 [pid 6063] close(4) = 0 [pid 6063] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6062] <... futex resumed>) = 0 [pid 6063] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6062] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6063] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6062] <... futex resumed>) = 0 [pid 6063] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6062] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6063] <... openat resumed>) = 4 [pid 6063] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6062] <... futex resumed>) = 0 [pid 6063] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6062] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6063] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6062] <... futex resumed>) = 0 [ 243.704578][ T6063] loop0: detected capacity change from 0 to 4096 [ 243.732896][ T6063] ntfs: volume version 3.1. [pid 6062] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6062] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6062] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6062] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6062] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6062] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6064 attached => {parent_tid=[988]}, 88) = 988 [pid 6064] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6062] rt_sigprocmask(SIG_SETMASK, [], [pid 6064] <... rseq resumed>) = 0 [pid 6062] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6064] set_robust_list(0x7eff0a3299a0, 24 [pid 6062] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6064] <... set_robust_list resumed>) = 0 [pid 6062] <... futex resumed>) = 0 [pid 6064] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6062] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6064] creat("./file1", 000) = 5 [pid 6064] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6063] <... write resumed>) = 1048064 [pid 6064] <... futex resumed>) = 1 [pid 6062] <... futex resumed>) = 0 [pid 6064] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6063] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6063] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6062] close(3) = 0 [pid 6062] close(4) = 0 [pid 6062] close(5) = 0 [pid 6062] close(6) = -1 EBADF (Bad file descriptor) [pid 6062] close(7) = -1 EBADF (Bad file descriptor) [pid 6062] close(8) = -1 EBADF (Bad file descriptor) [pid 6062] close(9) = -1 EBADF (Bad file descriptor) [pid 6062] close(10) = -1 EBADF (Bad file descriptor) [pid 6062] close(11) = -1 EBADF (Bad file descriptor) [pid 6062] close(12) = -1 EBADF (Bad file descriptor) [pid 6062] close(13) = -1 EBADF (Bad file descriptor) [pid 6062] close(14) = -1 EBADF (Bad file descriptor) [pid 6062] close(15) = -1 EBADF (Bad file descriptor) [pid 6062] close(16) = -1 EBADF (Bad file descriptor) [pid 6062] close(17) = -1 EBADF (Bad file descriptor) [pid 6062] close(18) = -1 EBADF (Bad file descriptor) [pid 6062] close(19) = -1 EBADF (Bad file descriptor) [pid 6062] close(20) = -1 EBADF (Bad file descriptor) [pid 6062] close(21) = -1 EBADF (Bad file descriptor) [pid 6062] close(22) = -1 EBADF (Bad file descriptor) [pid 6062] close(23) = -1 EBADF (Bad file descriptor) [pid 6062] close(24) = -1 EBADF (Bad file descriptor) [pid 6062] close(25) = -1 EBADF (Bad file descriptor) [pid 6062] close(26) = -1 EBADF (Bad file descriptor) [pid 6062] close(27) = -1 EBADF (Bad file descriptor) [pid 6062] close(28) = -1 EBADF (Bad file descriptor) [pid 6062] close(29) = -1 EBADF (Bad file descriptor) [pid 6062] exit_group(0) = ? [pid 6064] <... futex resumed>) = ? [pid 6063] <... futex resumed>) = ? [pid 6063] +++ exited with 0 +++ [pid 6064] +++ exited with 0 +++ [pid 6062] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=986, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./328", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./328", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./328/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./328/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./328/cgroup.cpu") = 0 [pid 5063] umount2("./328/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./328/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./328/binderfs") = 0 [pid 5063] umount2("./328/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./328/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./328/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./328/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./328/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./328/file0") = 0 [pid 5063] umount2("./328/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./328/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./328/cgroup") = 0 [pid 5063] umount2("./328/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./328/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./328/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./328") = 0 [pid 5063] mkdir("./329", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6065 attached [pid 6065] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 989 [pid 6065] <... set_robust_list resumed>) = 0 [pid 6065] chdir("./329") = 0 [pid 6065] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6065] setpgid(0, 0) = 0 [pid 6065] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6065] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6065] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6065] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6065] write(3, "1000", 4) = 4 [pid 6065] close(3) = 0 [pid 6065] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6065] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6065] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6065] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6065] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6065] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6065] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6065] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6066 attached => {parent_tid=[990]}, 88) = 990 [pid 6066] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6065] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6065] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6066] <... rseq resumed>) = 0 [pid 6066] set_robust_list(0x7eff0a34a9a0, 24 [pid 6065] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6066] <... set_robust_list resumed>) = 0 [pid 6066] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6066] memfd_create("syzkaller", 0) = 3 [pid 6066] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6066] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6066] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6066] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6066] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6066] close(3) = 0 [pid 6066] mkdir("./file0", 0777) = 0 [ 244.324834][ T6066] loop0: detected capacity change from 0 to 4096 [ 244.360336][ T6066] __ntfs_warning: 170 callbacks suppressed [ 244.360346][ T6066] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 244.386912][ T6066] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 244.396378][ T6066] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 244.412348][ T6066] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 244.421056][ T6066] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 244.441024][ T6066] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 244.449779][ T6066] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [pid 6066] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6066] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6066] chdir("./file0") = 0 [pid 6066] ioctl(4, LOOP_CLR_FD) = 0 [pid 6066] close(4) = 0 [pid 6066] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6065] <... futex resumed>) = 0 [ 244.469932][ T6066] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 244.478681][ T6066] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 244.498660][ T6066] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 244.509255][ T6066] ntfs: volume version 3.1. [pid 6066] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6065] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6065] <... futex resumed>) = 0 [pid 6066] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6065] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6066] <... openat resumed>) = 4 [pid 6066] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6065] <... futex resumed>) = 0 [pid 6066] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6065] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6066] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6065] <... futex resumed>) = 0 [pid 6066] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6065] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6065] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6065] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6065] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6065] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6065] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6067 attached [pid 6067] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6065] <... clone3 resumed> => {parent_tid=[991]}, 88) = 991 [pid 6067] set_robust_list(0x7eff0a3299a0, 24 [pid 6065] rt_sigprocmask(SIG_SETMASK, [], [pid 6067] <... set_robust_list resumed>) = 0 [pid 6065] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6067] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6065] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6067] creat("./file1", 000 [pid 6065] <... futex resumed>) = 0 [pid 6067] <... creat resumed>) = 5 [pid 6066] <... write resumed>) = 1048064 [pid 6065] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6067] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6066] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6067] <... futex resumed>) = 0 [pid 6066] <... futex resumed>) = 0 [pid 6065] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6067] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6065] close(3 [pid 6066] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6065] <... close resumed>) = 0 [pid 6065] close(4) = 0 [pid 6065] close(5) = 0 [pid 6065] close(6) = -1 EBADF (Bad file descriptor) [pid 6065] close(7) = -1 EBADF (Bad file descriptor) [pid 6065] close(8) = -1 EBADF (Bad file descriptor) [pid 6065] close(9) = -1 EBADF (Bad file descriptor) [pid 6065] close(10) = -1 EBADF (Bad file descriptor) [pid 6065] close(11) = -1 EBADF (Bad file descriptor) [pid 6065] close(12) = -1 EBADF (Bad file descriptor) [pid 6065] close(13) = -1 EBADF (Bad file descriptor) [pid 6065] close(14) = -1 EBADF (Bad file descriptor) [pid 6065] close(15) = -1 EBADF (Bad file descriptor) [pid 6065] close(16) = -1 EBADF (Bad file descriptor) [pid 6065] close(17) = -1 EBADF (Bad file descriptor) [pid 6065] close(18) = -1 EBADF (Bad file descriptor) [pid 6065] close(19) = -1 EBADF (Bad file descriptor) [pid 6065] close(20) = -1 EBADF (Bad file descriptor) [pid 6065] close(21) = -1 EBADF (Bad file descriptor) [pid 6065] close(22) = -1 EBADF (Bad file descriptor) [pid 6065] close(23) = -1 EBADF (Bad file descriptor) [pid 6065] close(24) = -1 EBADF (Bad file descriptor) [pid 6065] close(25) = -1 EBADF (Bad file descriptor) [pid 6065] close(26) = -1 EBADF (Bad file descriptor) [pid 6065] close(27) = -1 EBADF (Bad file descriptor) [pid 6065] close(28) = -1 EBADF (Bad file descriptor) [pid 6065] close(29) = -1 EBADF (Bad file descriptor) [pid 6065] exit_group(0) = ? [pid 6066] <... futex resumed>) = ? [pid 6067] <... futex resumed>) = ? [pid 6066] +++ exited with 0 +++ [pid 6067] +++ exited with 0 +++ [pid 6065] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=989, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./329", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./329", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./329/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./329/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./329/cgroup.cpu") = 0 [pid 5063] umount2("./329/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./329/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./329/binderfs") = 0 [pid 5063] umount2("./329/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./329/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./329/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./329/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./329/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./329/file0") = 0 [pid 5063] umount2("./329/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./329/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./329/cgroup") = 0 [pid 5063] umount2("./329/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./329/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./329/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./329") = 0 [pid 5063] mkdir("./330", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6068 attached [pid 6068] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 992 [pid 6068] <... set_robust_list resumed>) = 0 [pid 6068] chdir("./330") = 0 [pid 6068] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6068] setpgid(0, 0) = 0 [pid 6068] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6068] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6068] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6068] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6068] write(3, "1000", 4) = 4 [pid 6068] close(3) = 0 [pid 6068] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6068] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6068] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6068] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6068] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6068] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6068] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6068] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[993]}, 88) = 993 ./strace-static-x86_64: Process 6069 attached [pid 6068] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6068] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6069] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6068] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6069] <... rseq resumed>) = 0 [pid 6069] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6069] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6069] memfd_create("syzkaller", 0) = 3 [pid 6069] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6069] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6069] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6069] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6069] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6069] close(3) = 0 [pid 6069] mkdir("./file0", 0777) = 0 [pid 6069] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6069] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6069] chdir("./file0") = 0 [pid 6069] ioctl(4, LOOP_CLR_FD) = 0 [pid 6069] close(4) = 0 [pid 6069] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6068] <... futex resumed>) = 0 [pid 6068] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6069] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6068] <... futex resumed>) = 0 [ 245.098125][ T6069] loop0: detected capacity change from 0 to 4096 [ 245.129078][ T6069] ntfs: volume version 3.1. [pid 6068] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6069] <... openat resumed>) = 4 [pid 6069] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6068] <... futex resumed>) = 0 [pid 6069] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6068] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6068] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6068] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6068] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6068] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6068] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6068] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6070 attached [pid 6070] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6068] <... clone3 resumed> => {parent_tid=[994]}, 88) = 994 [pid 6070] set_robust_list(0x7eff0a3299a0, 24 [pid 6068] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6068] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6070] <... set_robust_list resumed>) = 0 [pid 6068] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6070] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6070] creat("./file1", 000) = 5 [pid 6070] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6069] <... write resumed>) = 1048064 [pid 6069] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6070] <... futex resumed>) = 1 [pid 6068] <... futex resumed>) = 0 [pid 6070] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6068] close(3 [pid 6069] <... futex resumed>) = 0 [pid 6068] <... close resumed>) = 0 [pid 6069] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6068] close(4) = 0 [pid 6068] close(5) = 0 [pid 6068] close(6) = -1 EBADF (Bad file descriptor) [pid 6068] close(7) = -1 EBADF (Bad file descriptor) [pid 6068] close(8) = -1 EBADF (Bad file descriptor) [pid 6068] close(9) = -1 EBADF (Bad file descriptor) [pid 6068] close(10) = -1 EBADF (Bad file descriptor) [pid 6068] close(11) = -1 EBADF (Bad file descriptor) [pid 6068] close(12) = -1 EBADF (Bad file descriptor) [pid 6068] close(13) = -1 EBADF (Bad file descriptor) [pid 6068] close(14) = -1 EBADF (Bad file descriptor) [pid 6068] close(15) = -1 EBADF (Bad file descriptor) [pid 6068] close(16) = -1 EBADF (Bad file descriptor) [pid 6068] close(17) = -1 EBADF (Bad file descriptor) [pid 6068] close(18) = -1 EBADF (Bad file descriptor) [pid 6068] close(19) = -1 EBADF (Bad file descriptor) [pid 6068] close(20) = -1 EBADF (Bad file descriptor) [pid 6068] close(21) = -1 EBADF (Bad file descriptor) [pid 6068] close(22) = -1 EBADF (Bad file descriptor) [pid 6068] close(23) = -1 EBADF (Bad file descriptor) [pid 6068] close(24) = -1 EBADF (Bad file descriptor) [pid 6068] close(25) = -1 EBADF (Bad file descriptor) [pid 6068] close(26) = -1 EBADF (Bad file descriptor) [pid 6068] close(27) = -1 EBADF (Bad file descriptor) [pid 6068] close(28) = -1 EBADF (Bad file descriptor) [pid 6068] close(29) = -1 EBADF (Bad file descriptor) [pid 6068] exit_group(0) = ? [pid 6069] <... futex resumed>) = ? [pid 6069] +++ exited with 0 +++ [pid 6070] <... futex resumed>) = ? [pid 6070] +++ exited with 0 +++ [pid 6068] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=992, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./330", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./330", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./330/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./330/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./330/cgroup.cpu") = 0 [pid 5063] umount2("./330/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./330/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./330/binderfs") = 0 [pid 5063] umount2("./330/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./330/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./330/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./330/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./330/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./330/file0") = 0 [pid 5063] umount2("./330/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./330/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./330/cgroup") = 0 [pid 5063] umount2("./330/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./330/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./330/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./330") = 0 [pid 5063] mkdir("./331", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6071 attached [pid 6071] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 995 [pid 6071] <... set_robust_list resumed>) = 0 [pid 6071] chdir("./331") = 0 [pid 6071] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6071] setpgid(0, 0) = 0 [pid 6071] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6071] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6071] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6071] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6071] write(3, "1000", 4) = 4 [pid 6071] close(3) = 0 [pid 6071] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6071] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6071] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6071] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6071] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6071] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6071] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6071] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6072 attached [pid 6072] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6072] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6071] <... clone3 resumed> => {parent_tid=[996]}, 88) = 996 [pid 6072] rt_sigprocmask(SIG_SETMASK, [], [pid 6071] rt_sigprocmask(SIG_SETMASK, [], [pid 6072] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6071] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6072] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6071] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6072] memfd_create("syzkaller", 0) = 3 [pid 6071] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6072] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6072] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6072] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6072] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6072] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6072] close(3) = 0 [pid 6072] mkdir("./file0", 0777) = 0 [pid 6072] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6072] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6072] chdir("./file0") = 0 [pid 6072] ioctl(4, LOOP_CLR_FD) = 0 [pid 6072] close(4) = 0 [pid 6072] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6072] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6071] <... futex resumed>) = 0 [pid 6071] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6072] <... futex resumed>) = 0 [pid 6072] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6071] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6072] <... openat resumed>) = 4 [pid 6072] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6072] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6071] <... futex resumed>) = 0 [ 245.690972][ T6072] loop0: detected capacity change from 0 to 4096 [ 245.711807][ T6072] ntfs: volume version 3.1. [pid 6071] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6072] <... futex resumed>) = 0 [pid 6071] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6072] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6071] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6071] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6071] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6071] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6071] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6071] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6071] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6073 attached [pid 6073] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6071] <... clone3 resumed> => {parent_tid=[997]}, 88) = 997 [pid 6073] <... rseq resumed>) = 0 [pid 6071] rt_sigprocmask(SIG_SETMASK, [], [pid 6073] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6071] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6073] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6071] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6073] creat("./file1", 000 [pid 6071] <... futex resumed>) = 0 [pid 6073] <... creat resumed>) = 5 [pid 6072] <... write resumed>) = 1048064 [pid 6071] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6073] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6072] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6073] <... futex resumed>) = 0 [pid 6072] <... futex resumed>) = 0 [pid 6073] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6071] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6071] close(3 [pid 6072] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6071] <... close resumed>) = 0 [pid 6071] close(4) = 0 [pid 6071] close(5) = 0 [pid 6071] close(6) = -1 EBADF (Bad file descriptor) [pid 6071] close(7) = -1 EBADF (Bad file descriptor) [pid 6071] close(8) = -1 EBADF (Bad file descriptor) [pid 6071] close(9) = -1 EBADF (Bad file descriptor) [pid 6071] close(10) = -1 EBADF (Bad file descriptor) [pid 6071] close(11) = -1 EBADF (Bad file descriptor) [pid 6071] close(12) = -1 EBADF (Bad file descriptor) [pid 6071] close(13) = -1 EBADF (Bad file descriptor) [pid 6071] close(14) = -1 EBADF (Bad file descriptor) [pid 6071] close(15) = -1 EBADF (Bad file descriptor) [pid 6071] close(16) = -1 EBADF (Bad file descriptor) [pid 6071] close(17) = -1 EBADF (Bad file descriptor) [pid 6071] close(18) = -1 EBADF (Bad file descriptor) [pid 6071] close(19) = -1 EBADF (Bad file descriptor) [pid 6071] close(20) = -1 EBADF (Bad file descriptor) [pid 6071] close(21) = -1 EBADF (Bad file descriptor) [pid 6071] close(22) = -1 EBADF (Bad file descriptor) [pid 6071] close(23) = -1 EBADF (Bad file descriptor) [pid 6071] close(24) = -1 EBADF (Bad file descriptor) [pid 6071] close(25) = -1 EBADF (Bad file descriptor) [pid 6071] close(26) = -1 EBADF (Bad file descriptor) [pid 6071] close(27) = -1 EBADF (Bad file descriptor) [pid 6071] close(28) = -1 EBADF (Bad file descriptor) [pid 6071] close(29) = -1 EBADF (Bad file descriptor) [pid 6071] exit_group(0 [pid 6073] <... futex resumed>) = ? [pid 6071] <... exit_group resumed>) = ? [pid 6073] +++ exited with 0 +++ [pid 6072] <... futex resumed>) = ? [pid 6072] +++ exited with 0 +++ [pid 6071] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=995, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./331", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./331", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./331/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./331/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./331/cgroup.cpu") = 0 [pid 5063] umount2("./331/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./331/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./331/binderfs") = 0 [pid 5063] umount2("./331/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./331/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./331/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./331/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./331/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./331/file0") = 0 [pid 5063] umount2("./331/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./331/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./331/cgroup") = 0 [pid 5063] umount2("./331/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./331/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./331/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./331") = 0 [pid 5063] mkdir("./332", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6074 attached [pid 6074] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 998 [pid 6074] <... set_robust_list resumed>) = 0 [pid 6074] chdir("./332") = 0 [pid 6074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6074] setpgid(0, 0) = 0 [pid 6074] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6074] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6074] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6074] write(3, "1000", 4) = 4 [pid 6074] close(3) = 0 [pid 6074] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6074] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6074] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6074] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6074] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6074] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6074] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6075 attached [pid 6075] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6074] <... clone3 resumed> => {parent_tid=[999]}, 88) = 999 [pid 6075] <... rseq resumed>) = 0 [pid 6074] rt_sigprocmask(SIG_SETMASK, [], [pid 6075] set_robust_list(0x7eff0a34a9a0, 24 [pid 6074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6075] <... set_robust_list resumed>) = 0 [pid 6074] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6075] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6074] <... futex resumed>) = 0 [pid 6074] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6075] memfd_create("syzkaller", 0) = 3 [pid 6075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6075] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6075] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6075] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6075] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6075] close(3) = 0 [pid 6075] mkdir("./file0", 0777) = 0 [pid 6075] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6075] chdir("./file0") = 0 [pid 6075] ioctl(4, LOOP_CLR_FD) = 0 [pid 6075] close(4) = 0 [ 246.279672][ T6075] loop0: detected capacity change from 0 to 4096 [ 246.310150][ T6075] ntfs: volume version 3.1. [pid 6075] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6075] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6074] <... futex resumed>) = 0 [pid 6074] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6075] <... futex resumed>) = 0 [pid 6074] <... futex resumed>) = 1 [pid 6075] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6074] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6075] <... openat resumed>) = 4 [pid 6075] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6074] <... futex resumed>) = 0 [pid 6074] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6074] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6075] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6074] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6074] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6074] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6074] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6074] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6074] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6076 attached => {parent_tid=[1000]}, 88) = 1000 [pid 6076] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6074] rt_sigprocmask(SIG_SETMASK, [], [pid 6076] <... rseq resumed>) = 0 [pid 6076] set_robust_list(0x7eff0a3299a0, 24 [pid 6074] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6076] <... set_robust_list resumed>) = 0 [pid 6074] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6076] rt_sigprocmask(SIG_SETMASK, [], [pid 6074] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6076] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6076] creat("./file1", 000) = 5 [pid 6075] <... write resumed>) = 1048064 [pid 6076] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6075] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6076] <... futex resumed>) = 1 [pid 6074] <... futex resumed>) = 0 [pid 6075] <... futex resumed>) = 0 [pid 6076] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6075] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6074] close(3) = 0 [pid 6074] close(4) = 0 [pid 6074] close(5) = 0 [pid 6074] close(6) = -1 EBADF (Bad file descriptor) [pid 6074] close(7) = -1 EBADF (Bad file descriptor) [pid 6074] close(8) = -1 EBADF (Bad file descriptor) [pid 6074] close(9) = -1 EBADF (Bad file descriptor) [pid 6074] close(10) = -1 EBADF (Bad file descriptor) [pid 6074] close(11) = -1 EBADF (Bad file descriptor) [pid 6074] close(12) = -1 EBADF (Bad file descriptor) [pid 6074] close(13) = -1 EBADF (Bad file descriptor) [pid 6074] close(14) = -1 EBADF (Bad file descriptor) [pid 6074] close(15) = -1 EBADF (Bad file descriptor) [pid 6074] close(16) = -1 EBADF (Bad file descriptor) [pid 6074] close(17) = -1 EBADF (Bad file descriptor) [pid 6074] close(18) = -1 EBADF (Bad file descriptor) [pid 6074] close(19) = -1 EBADF (Bad file descriptor) [pid 6074] close(20) = -1 EBADF (Bad file descriptor) [pid 6074] close(21) = -1 EBADF (Bad file descriptor) [pid 6074] close(22) = -1 EBADF (Bad file descriptor) [pid 6074] close(23) = -1 EBADF (Bad file descriptor) [pid 6074] close(24) = -1 EBADF (Bad file descriptor) [pid 6074] close(25) = -1 EBADF (Bad file descriptor) [pid 6074] close(26) = -1 EBADF (Bad file descriptor) [pid 6074] close(27) = -1 EBADF (Bad file descriptor) [pid 6074] close(28) = -1 EBADF (Bad file descriptor) [pid 6074] close(29) = -1 EBADF (Bad file descriptor) [pid 6074] exit_group(0) = ? [pid 6075] <... futex resumed>) = ? [pid 6076] <... futex resumed>) = ? [pid 6075] +++ exited with 0 +++ [pid 6076] +++ exited with 0 +++ [pid 6074] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=998, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./332", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./332", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./332/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./332/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./332/cgroup.cpu") = 0 [pid 5063] umount2("./332/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./332/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./332/binderfs") = 0 [pid 5063] umount2("./332/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./332/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./332/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./332/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./332/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./332/file0") = 0 [pid 5063] umount2("./332/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./332/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./332/cgroup") = 0 [pid 5063] umount2("./332/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./332/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./332/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./332") = 0 [pid 5063] mkdir("./333", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6077 attached , child_tidptr=0x5555560b8690) = 1001 [pid 6077] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6077] chdir("./333") = 0 [pid 6077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6077] setpgid(0, 0) = 0 [pid 6077] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6077] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6077] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6077] write(3, "1000", 4) = 4 [pid 6077] close(3) = 0 [pid 6077] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6077] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6077] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6077] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6077] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6077] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6077] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6078 attached => {parent_tid=[1002]}, 88) = 1002 [pid 6078] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6077] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6077] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6077] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6078] <... rseq resumed>) = 0 [pid 6078] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6078] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6078] memfd_create("syzkaller", 0) = 3 [pid 6078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6078] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6078] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6078] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6078] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6078] close(3) = 0 [pid 6078] mkdir("./file0", 0777) = 0 [pid 6078] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6078] chdir("./file0") = 0 [pid 6078] ioctl(4, LOOP_CLR_FD) = 0 [pid 6078] close(4) = 0 [ 246.927061][ T6078] loop0: detected capacity change from 0 to 4096 [ 246.956595][ T6078] ntfs: volume version 3.1. [pid 6078] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6077] <... futex resumed>) = 0 [pid 6078] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6077] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6078] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6077] <... futex resumed>) = 0 [pid 6078] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6077] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6078] <... openat resumed>) = 4 [pid 6078] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6077] <... futex resumed>) = 0 [pid 6078] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6077] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6078] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6077] <... futex resumed>) = 0 [pid 6077] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6077] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6077] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6077] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6077] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6077] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6079 attached [pid 6079] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6077] <... clone3 resumed> => {parent_tid=[1003]}, 88) = 1003 [pid 6079] <... rseq resumed>) = 0 [pid 6079] set_robust_list(0x7eff0a3299a0, 24 [pid 6077] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6077] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6079] <... set_robust_list resumed>) = 0 [pid 6077] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6079] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6079] creat("./file1", 000) = 5 [pid 6078] <... write resumed>) = 1048064 [pid 6079] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6078] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6079] <... futex resumed>) = 1 [pid 6078] <... futex resumed>) = 0 [pid 6077] <... futex resumed>) = 0 [pid 6079] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6077] close(3 [pid 6078] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6077] <... close resumed>) = 0 [pid 6077] close(4) = 0 [pid 6077] close(5) = 0 [pid 6077] close(6) = -1 EBADF (Bad file descriptor) [pid 6077] close(7) = -1 EBADF (Bad file descriptor) [pid 6077] close(8) = -1 EBADF (Bad file descriptor) [pid 6077] close(9) = -1 EBADF (Bad file descriptor) [pid 6077] close(10) = -1 EBADF (Bad file descriptor) [pid 6077] close(11) = -1 EBADF (Bad file descriptor) [pid 6077] close(12) = -1 EBADF (Bad file descriptor) [pid 6077] close(13) = -1 EBADF (Bad file descriptor) [pid 6077] close(14) = -1 EBADF (Bad file descriptor) [pid 6077] close(15) = -1 EBADF (Bad file descriptor) [pid 6077] close(16) = -1 EBADF (Bad file descriptor) [pid 6077] close(17) = -1 EBADF (Bad file descriptor) [pid 6077] close(18) = -1 EBADF (Bad file descriptor) [pid 6077] close(19) = -1 EBADF (Bad file descriptor) [pid 6077] close(20) = -1 EBADF (Bad file descriptor) [pid 6077] close(21) = -1 EBADF (Bad file descriptor) [pid 6077] close(22) = -1 EBADF (Bad file descriptor) [pid 6077] close(23) = -1 EBADF (Bad file descriptor) [pid 6077] close(24) = -1 EBADF (Bad file descriptor) [pid 6077] close(25) = -1 EBADF (Bad file descriptor) [pid 6077] close(26) = -1 EBADF (Bad file descriptor) [pid 6077] close(27) = -1 EBADF (Bad file descriptor) [pid 6077] close(28) = -1 EBADF (Bad file descriptor) [pid 6077] close(29) = -1 EBADF (Bad file descriptor) [pid 6077] exit_group(0) = ? [pid 6079] <... futex resumed>) = ? [pid 6078] <... futex resumed>) = ? [pid 6079] +++ exited with 0 +++ [pid 6078] +++ exited with 0 +++ [pid 6077] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1001, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./333", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./333", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./333/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./333/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./333/cgroup.cpu") = 0 [pid 5063] umount2("./333/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./333/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./333/binderfs") = 0 [pid 5063] umount2("./333/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./333/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./333/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./333/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./333/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./333/file0") = 0 [pid 5063] umount2("./333/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./333/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./333/cgroup") = 0 [pid 5063] umount2("./333/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./333/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./333/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./333") = 0 [pid 5063] mkdir("./334", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6080 attached [pid 6080] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1004 [pid 6080] <... set_robust_list resumed>) = 0 [pid 6080] chdir("./334") = 0 [pid 6080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6080] setpgid(0, 0) = 0 [pid 6080] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6080] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6080] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6080] write(3, "1000", 4) = 4 [pid 6080] close(3) = 0 [pid 6080] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6080] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6080] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6080] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6080] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6080] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6080] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6081 attached [pid 6081] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6080] <... clone3 resumed> => {parent_tid=[1005]}, 88) = 1005 [pid 6081] set_robust_list(0x7eff0a34a9a0, 24 [pid 6080] rt_sigprocmask(SIG_SETMASK, [], [pid 6081] <... set_robust_list resumed>) = 0 [pid 6080] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6081] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6080] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6081] memfd_create("syzkaller", 0 [pid 6080] <... futex resumed>) = 0 [pid 6081] <... memfd_create resumed>) = 3 [pid 6080] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6081] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6081] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6081] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6081] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6081] close(3) = 0 [pid 6081] mkdir("./file0", 0777) = 0 [pid 6081] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6081] chdir("./file0") = 0 [pid 6081] ioctl(4, LOOP_CLR_FD) = 0 [pid 6081] close(4) = 0 [pid 6081] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6081] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6080] <... futex resumed>) = 0 [ 247.498216][ T6081] loop0: detected capacity change from 0 to 4096 [ 247.519117][ T6081] ntfs: volume version 3.1. [pid 6080] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6081] <... futex resumed>) = 0 [pid 6080] <... futex resumed>) = 1 [pid 6081] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6080] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6081] <... openat resumed>) = 4 [pid 6081] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6080] <... futex resumed>) = 0 [pid 6080] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6080] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6081] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6080] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6080] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6080] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6080] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6080] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6080] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6082 attached [pid 6082] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6080] <... clone3 resumed> => {parent_tid=[1006]}, 88) = 1006 [pid 6082] <... rseq resumed>) = 0 [pid 6080] rt_sigprocmask(SIG_SETMASK, [], [pid 6082] set_robust_list(0x7eff0a3299a0, 24 [pid 6080] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6082] <... set_robust_list resumed>) = 0 [pid 6082] rt_sigprocmask(SIG_SETMASK, [], [pid 6080] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6082] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6082] creat("./file1", 000 [pid 6080] <... futex resumed>) = 0 [pid 6080] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6082] <... creat resumed>) = 5 [pid 6081] <... write resumed>) = 1048064 [pid 6082] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6080] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6081] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6082] <... futex resumed>) = 0 [pid 6081] <... futex resumed>) = 0 [pid 6082] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6081] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6080] close(3) = 0 [pid 6080] close(4) = 0 [pid 6080] close(5) = 0 [pid 6080] close(6) = -1 EBADF (Bad file descriptor) [pid 6080] close(7) = -1 EBADF (Bad file descriptor) [pid 6080] close(8) = -1 EBADF (Bad file descriptor) [pid 6080] close(9) = -1 EBADF (Bad file descriptor) [pid 6080] close(10) = -1 EBADF (Bad file descriptor) [pid 6080] close(11) = -1 EBADF (Bad file descriptor) [pid 6080] close(12) = -1 EBADF (Bad file descriptor) [pid 6080] close(13) = -1 EBADF (Bad file descriptor) [pid 6080] close(14) = -1 EBADF (Bad file descriptor) [pid 6080] close(15) = -1 EBADF (Bad file descriptor) [pid 6080] close(16) = -1 EBADF (Bad file descriptor) [pid 6080] close(17) = -1 EBADF (Bad file descriptor) [pid 6080] close(18) = -1 EBADF (Bad file descriptor) [pid 6080] close(19) = -1 EBADF (Bad file descriptor) [pid 6080] close(20) = -1 EBADF (Bad file descriptor) [pid 6080] close(21) = -1 EBADF (Bad file descriptor) [pid 6080] close(22) = -1 EBADF (Bad file descriptor) [pid 6080] close(23) = -1 EBADF (Bad file descriptor) [pid 6080] close(24) = -1 EBADF (Bad file descriptor) [pid 6080] close(25) = -1 EBADF (Bad file descriptor) [pid 6080] close(26) = -1 EBADF (Bad file descriptor) [pid 6080] close(27) = -1 EBADF (Bad file descriptor) [pid 6080] close(28) = -1 EBADF (Bad file descriptor) [pid 6080] close(29) = -1 EBADF (Bad file descriptor) [pid 6080] exit_group(0) = ? [pid 6081] <... futex resumed>) = ? [pid 6082] <... futex resumed>) = ? [pid 6082] +++ exited with 0 +++ [pid 6081] +++ exited with 0 +++ [pid 6080] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1004, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./334", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./334", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./334/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./334/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./334/cgroup.cpu") = 0 [pid 5063] umount2("./334/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./334/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./334/binderfs") = 0 [pid 5063] umount2("./334/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./334/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./334/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./334/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./334/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./334/file0") = 0 [pid 5063] umount2("./334/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./334/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./334/cgroup") = 0 [pid 5063] umount2("./334/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./334/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./334/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./334") = 0 [pid 5063] mkdir("./335", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6083 attached [pid 6083] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6083] chdir("./335" [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1007 [pid 6083] <... chdir resumed>) = 0 [pid 6083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6083] setpgid(0, 0) = 0 [pid 6083] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6083] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6083] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6083] write(3, "1000", 4) = 4 [pid 6083] close(3) = 0 [pid 6083] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6083] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6083] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6083] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6083] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6083] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6083] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6083] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6084 attached => {parent_tid=[1008]}, 88) = 1008 [pid 6084] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6084] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6084] rt_sigprocmask(SIG_SETMASK, [], [pid 6083] rt_sigprocmask(SIG_SETMASK, [], [pid 6084] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6083] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6084] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6083] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6084] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6083] <... futex resumed>) = 0 [pid 6083] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6084] memfd_create("syzkaller", 0) = 3 [pid 6084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6084] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6084] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6084] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6084] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6084] close(3) = 0 [pid 6084] mkdir("./file0", 0777) = 0 [pid 6084] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6084] chdir("./file0") = 0 [pid 6084] ioctl(4, LOOP_CLR_FD) = 0 [pid 6084] close(4) = 0 [pid 6084] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6084] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6083] <... futex resumed>) = 0 [pid 6083] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6084] <... futex resumed>) = 0 [pid 6084] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 248.048028][ T6084] loop0: detected capacity change from 0 to 4096 [ 248.071705][ T6084] ntfs: volume version 3.1. [pid 6083] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6084] <... openat resumed>) = 4 [pid 6084] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6084] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6083] <... futex resumed>) = 0 [pid 6083] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6084] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6083] <... futex resumed>) = 0 [pid 6084] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6083] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6083] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6083] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6083] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6083] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6083] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6085 attached => {parent_tid=[1009]}, 88) = 1009 [pid 6085] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6083] rt_sigprocmask(SIG_SETMASK, [], [pid 6085] <... rseq resumed>) = 0 [pid 6085] set_robust_list(0x7eff0a3299a0, 24 [pid 6083] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6085] <... set_robust_list resumed>) = 0 [pid 6083] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6085] rt_sigprocmask(SIG_SETMASK, [], [pid 6083] <... futex resumed>) = 0 [pid 6085] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6083] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6085] creat("./file1", 000) = 5 [pid 6085] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6084] <... write resumed>) = 1048064 [pid 6085] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6083] <... futex resumed>) = 0 [pid 6084] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6084] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6083] close(3) = 0 [pid 6083] close(4) = 0 [pid 6083] close(5) = 0 [pid 6083] close(6) = -1 EBADF (Bad file descriptor) [pid 6083] close(7) = -1 EBADF (Bad file descriptor) [pid 6083] close(8) = -1 EBADF (Bad file descriptor) [pid 6083] close(9) = -1 EBADF (Bad file descriptor) [pid 6083] close(10) = -1 EBADF (Bad file descriptor) [pid 6083] close(11) = -1 EBADF (Bad file descriptor) [pid 6083] close(12) = -1 EBADF (Bad file descriptor) [pid 6083] close(13) = -1 EBADF (Bad file descriptor) [pid 6083] close(14) = -1 EBADF (Bad file descriptor) [pid 6083] close(15) = -1 EBADF (Bad file descriptor) [pid 6083] close(16) = -1 EBADF (Bad file descriptor) [pid 6083] close(17) = -1 EBADF (Bad file descriptor) [pid 6083] close(18) = -1 EBADF (Bad file descriptor) [pid 6083] close(19) = -1 EBADF (Bad file descriptor) [pid 6083] close(20) = -1 EBADF (Bad file descriptor) [pid 6083] close(21) = -1 EBADF (Bad file descriptor) [pid 6083] close(22) = -1 EBADF (Bad file descriptor) [pid 6083] close(23) = -1 EBADF (Bad file descriptor) [pid 6083] close(24) = -1 EBADF (Bad file descriptor) [pid 6083] close(25) = -1 EBADF (Bad file descriptor) [pid 6083] close(26) = -1 EBADF (Bad file descriptor) [pid 6083] close(27) = -1 EBADF (Bad file descriptor) [pid 6083] close(28) = -1 EBADF (Bad file descriptor) [pid 6083] close(29) = -1 EBADF (Bad file descriptor) [pid 6083] exit_group(0 [pid 6084] <... futex resumed>) = ? [pid 6083] <... exit_group resumed>) = ? [pid 6085] <... futex resumed>) = ? [pid 6084] +++ exited with 0 +++ [pid 6085] +++ exited with 0 +++ [pid 6083] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1007, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./335", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./335", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./335/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./335/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./335/cgroup.cpu") = 0 [pid 5063] umount2("./335/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./335/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./335/binderfs") = 0 [pid 5063] umount2("./335/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./335/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./335/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./335/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./335/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./335/file0") = 0 [pid 5063] umount2("./335/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./335/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./335/cgroup") = 0 [pid 5063] umount2("./335/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./335/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./335/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./335") = 0 [pid 5063] mkdir("./336", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6086 attached , child_tidptr=0x5555560b8690) = 1010 [pid 6086] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6086] chdir("./336") = 0 [pid 6086] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6086] setpgid(0, 0) = 0 [pid 6086] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6086] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6086] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6086] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6086] write(3, "1000", 4) = 4 [pid 6086] close(3) = 0 [pid 6086] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6086] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6086] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6086] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6086] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6086] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6086] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6086] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6087 attached => {parent_tid=[1011]}, 88) = 1011 [pid 6087] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6086] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6086] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6086] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6087] <... rseq resumed>) = 0 [pid 6087] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6087] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6087] memfd_create("syzkaller", 0) = 3 [pid 6087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6087] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6087] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6087] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6087] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6087] close(3) = 0 [pid 6087] mkdir("./file0", 0777) = 0 [pid 6087] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6087] chdir("./file0") = 0 [pid 6087] ioctl(4, LOOP_CLR_FD) = 0 [pid 6087] close(4) = 0 [ 248.737484][ T6087] loop0: detected capacity change from 0 to 4096 [ 248.758028][ T6087] ntfs: volume version 3.1. [pid 6087] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6086] <... futex resumed>) = 0 [pid 6086] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6086] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6087] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6087] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6086] <... futex resumed>) = 0 [pid 6087] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6086] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6087] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6086] <... futex resumed>) = 0 [pid 6087] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6086] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6086] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6086] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6086] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6086] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6086] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6088 attached [pid 6088] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6086] <... clone3 resumed> => {parent_tid=[1012]}, 88) = 1012 [pid 6088] <... rseq resumed>) = 0 [pid 6086] rt_sigprocmask(SIG_SETMASK, [], [pid 6088] set_robust_list(0x7eff0a3299a0, 24 [pid 6086] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6088] <... set_robust_list resumed>) = 0 [pid 6088] rt_sigprocmask(SIG_SETMASK, [], [pid 6086] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6088] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6088] creat("./file1", 000 [pid 6086] <... futex resumed>) = 0 [pid 6086] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6088] <... creat resumed>) = 5 [pid 6087] <... write resumed>) = 1048064 [pid 6088] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6086] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6088] <... futex resumed>) = 0 [pid 6087] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6086] close(3 [pid 6088] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6087] <... futex resumed>) = 0 [pid 6086] <... close resumed>) = 0 [pid 6087] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6086] close(4) = 0 [pid 6086] close(5) = 0 [pid 6086] close(6) = -1 EBADF (Bad file descriptor) [pid 6086] close(7) = -1 EBADF (Bad file descriptor) [pid 6086] close(8) = -1 EBADF (Bad file descriptor) [pid 6086] close(9) = -1 EBADF (Bad file descriptor) [pid 6086] close(10) = -1 EBADF (Bad file descriptor) [pid 6086] close(11) = -1 EBADF (Bad file descriptor) [pid 6086] close(12) = -1 EBADF (Bad file descriptor) [pid 6086] close(13) = -1 EBADF (Bad file descriptor) [pid 6086] close(14) = -1 EBADF (Bad file descriptor) [pid 6086] close(15) = -1 EBADF (Bad file descriptor) [pid 6086] close(16) = -1 EBADF (Bad file descriptor) [pid 6086] close(17) = -1 EBADF (Bad file descriptor) [pid 6086] close(18) = -1 EBADF (Bad file descriptor) [pid 6086] close(19) = -1 EBADF (Bad file descriptor) [pid 6086] close(20) = -1 EBADF (Bad file descriptor) [pid 6086] close(21) = -1 EBADF (Bad file descriptor) [pid 6086] close(22) = -1 EBADF (Bad file descriptor) [pid 6086] close(23) = -1 EBADF (Bad file descriptor) [pid 6086] close(24) = -1 EBADF (Bad file descriptor) [pid 6086] close(25) = -1 EBADF (Bad file descriptor) [pid 6086] close(26) = -1 EBADF (Bad file descriptor) [pid 6086] close(27) = -1 EBADF (Bad file descriptor) [pid 6086] close(28) = -1 EBADF (Bad file descriptor) [pid 6086] close(29) = -1 EBADF (Bad file descriptor) [pid 6086] exit_group(0 [pid 6087] <... futex resumed>) = ? [pid 6086] <... exit_group resumed>) = ? [pid 6088] <... futex resumed>) = ? [pid 6087] +++ exited with 0 +++ [pid 6088] +++ exited with 0 +++ [pid 6086] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1010, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./336", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./336", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./336/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./336/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./336/cgroup.cpu") = 0 [pid 5063] umount2("./336/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./336/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./336/binderfs") = 0 [pid 5063] umount2("./336/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./336/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./336/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./336/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./336/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./336/file0") = 0 [pid 5063] umount2("./336/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./336/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./336/cgroup") = 0 [pid 5063] umount2("./336/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./336/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./336/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./336") = 0 [pid 5063] mkdir("./337", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6089 attached , child_tidptr=0x5555560b8690) = 1013 [pid 6089] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6089] chdir("./337") = 0 [pid 6089] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6089] setpgid(0, 0) = 0 [pid 6089] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6089] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6089] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6089] write(3, "1000", 4) = 4 [pid 6089] close(3) = 0 [pid 6089] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6089] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6089] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6089] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6089] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6089] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6089] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6090 attached => {parent_tid=[1014]}, 88) = 1014 [pid 6090] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6089] rt_sigprocmask(SIG_SETMASK, [], [pid 6090] <... rseq resumed>) = 0 [pid 6089] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6090] set_robust_list(0x7eff0a34a9a0, 24 [pid 6089] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6090] <... set_robust_list resumed>) = 0 [pid 6089] <... futex resumed>) = 0 [pid 6090] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6089] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6090] memfd_create("syzkaller", 0) = 3 [pid 6090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6090] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6090] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6090] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6090] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6090] close(3) = 0 [pid 6090] mkdir("./file0", 0777) = 0 [pid 6090] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6090] chdir("./file0") = 0 [pid 6090] ioctl(4, LOOP_CLR_FD) = 0 [pid 6090] close(4) = 0 [pid 6090] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6089] <... futex resumed>) = 0 [pid 6090] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6089] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6090] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6089] <... futex resumed>) = 0 [pid 6090] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6089] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6090] <... openat resumed>) = 4 [pid 6090] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6090] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6089] <... futex resumed>) = 0 [pid 6090] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6089] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6090] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6089] <... futex resumed>) = 0 [ 249.292119][ T6090] loop0: detected capacity change from 0 to 4096 [ 249.321851][ T6090] ntfs: volume version 3.1. [pid 6089] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6089] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6089] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6089] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6089] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6089] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6091 attached => {parent_tid=[1015]}, 88) = 1015 [pid 6091] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6089] rt_sigprocmask(SIG_SETMASK, [], [pid 6091] <... rseq resumed>) = 0 [pid 6091] set_robust_list(0x7eff0a3299a0, 24 [pid 6089] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6091] <... set_robust_list resumed>) = 0 [pid 6091] rt_sigprocmask(SIG_SETMASK, [], [pid 6089] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6091] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6091] creat("./file1", 000 [pid 6089] <... futex resumed>) = 0 [pid 6091] <... creat resumed>) = 5 [pid 6090] <... write resumed>) = 1048064 [pid 6089] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6091] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6089] <... futex resumed>) = 0 [pid 6090] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6090] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6091] <... futex resumed>) = 1 [pid 6091] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6089] close(3) = 0 [pid 6089] close(4) = 0 [pid 6089] close(5) = 0 [pid 6089] close(6) = -1 EBADF (Bad file descriptor) [pid 6089] close(7) = -1 EBADF (Bad file descriptor) [pid 6089] close(8) = -1 EBADF (Bad file descriptor) [pid 6089] close(9) = -1 EBADF (Bad file descriptor) [pid 6089] close(10) = -1 EBADF (Bad file descriptor) [pid 6089] close(11) = -1 EBADF (Bad file descriptor) [pid 6089] close(12) = -1 EBADF (Bad file descriptor) [pid 6089] close(13) = -1 EBADF (Bad file descriptor) [pid 6089] close(14) = -1 EBADF (Bad file descriptor) [pid 6089] close(15) = -1 EBADF (Bad file descriptor) [pid 6089] close(16) = -1 EBADF (Bad file descriptor) [pid 6089] close(17) = -1 EBADF (Bad file descriptor) [pid 6089] close(18) = -1 EBADF (Bad file descriptor) [pid 6089] close(19) = -1 EBADF (Bad file descriptor) [pid 6089] close(20) = -1 EBADF (Bad file descriptor) [pid 6089] close(21) = -1 EBADF (Bad file descriptor) [pid 6089] close(22) = -1 EBADF (Bad file descriptor) [pid 6089] close(23) = -1 EBADF (Bad file descriptor) [pid 6089] close(24) = -1 EBADF (Bad file descriptor) [pid 6089] close(25) = -1 EBADF (Bad file descriptor) [pid 6089] close(26) = -1 EBADF (Bad file descriptor) [pid 6089] close(27) = -1 EBADF (Bad file descriptor) [pid 6089] close(28) = -1 EBADF (Bad file descriptor) [pid 6089] close(29) = -1 EBADF (Bad file descriptor) [pid 6089] exit_group(0 [pid 6091] <... futex resumed>) = ? [pid 6090] <... futex resumed>) = ? [pid 6089] <... exit_group resumed>) = ? [pid 6091] +++ exited with 0 +++ [pid 6090] +++ exited with 0 +++ [pid 6089] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1013, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./337", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./337", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./337/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./337/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./337/cgroup.cpu") = 0 [pid 5063] umount2("./337/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./337/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./337/binderfs") = 0 [pid 5063] umount2("./337/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./337/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./337/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./337/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./337/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./337/file0") = 0 [pid 5063] umount2("./337/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./337/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./337/cgroup") = 0 [pid 5063] umount2("./337/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./337/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./337/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./337") = 0 [pid 5063] mkdir("./338", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6092 attached , child_tidptr=0x5555560b8690) = 1016 [pid 6092] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6092] chdir("./338") = 0 [pid 6092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6092] setpgid(0, 0) = 0 [pid 6092] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6092] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6092] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6092] write(3, "1000", 4) = 4 [pid 6092] close(3) = 0 [pid 6092] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6092] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6092] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6092] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6092] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6092] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6092] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6093 attached => {parent_tid=[1017]}, 88) = 1017 [pid 6093] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6092] rt_sigprocmask(SIG_SETMASK, [], [pid 6093] <... rseq resumed>) = 0 [pid 6093] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6093] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6092] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6093] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6092] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6093] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6092] <... futex resumed>) = 0 [pid 6092] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6093] memfd_create("syzkaller", 0) = 3 [pid 6093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6093] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6093] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6093] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6093] close(3) = 0 [pid 6093] mkdir("./file0", 0777) = 0 [ 249.919300][ T6093] loop0: detected capacity change from 0 to 4096 [ 249.943072][ T6093] __ntfs_warning: 170 callbacks suppressed [ 249.943095][ T6093] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 249.970515][ T6093] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 249.980771][ T6093] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 249.997534][ T6093] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 250.006280][ T6093] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 250.026201][ T6093] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 250.035070][ T6093] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 250.055263][ T6093] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6093] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6093] chdir("./file0") = 0 [pid 6093] ioctl(4, LOOP_CLR_FD) = 0 [pid 6093] close(4) = 0 [pid 6093] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6092] <... futex resumed>) = 0 [pid 6092] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6093] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6092] <... futex resumed>) = 0 [ 250.064142][ T6093] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 250.084162][ T6093] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 250.094943][ T6093] ntfs: volume version 3.1. [pid 6092] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6093] <... openat resumed>) = 4 [pid 6093] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6092] <... futex resumed>) = 0 [pid 6093] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6092] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6093] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6092] <... futex resumed>) = 0 [pid 6092] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6092] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6092] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6092] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6092] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6092] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6094 attached [pid 6094] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6092] <... clone3 resumed> => {parent_tid=[1018]}, 88) = 1018 [pid 6094] <... rseq resumed>) = 0 [pid 6094] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6094] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6094] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6092] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6092] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6094] <... futex resumed>) = 0 [pid 6094] creat("./file1", 000 [pid 6092] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6093] <... write resumed>) = 1048064 [pid 6093] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6094] <... creat resumed>) = 5 [pid 6093] <... futex resumed>) = 0 [pid 6093] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6094] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6092] <... futex resumed>) = 0 [pid 6094] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6092] close(3) = 0 [pid 6092] close(4) = 0 [pid 6092] close(5) = 0 [pid 6092] close(6) = -1 EBADF (Bad file descriptor) [pid 6092] close(7) = -1 EBADF (Bad file descriptor) [pid 6092] close(8) = -1 EBADF (Bad file descriptor) [pid 6092] close(9) = -1 EBADF (Bad file descriptor) [pid 6092] close(10) = -1 EBADF (Bad file descriptor) [pid 6092] close(11) = -1 EBADF (Bad file descriptor) [pid 6092] close(12) = -1 EBADF (Bad file descriptor) [pid 6092] close(13) = -1 EBADF (Bad file descriptor) [pid 6092] close(14) = -1 EBADF (Bad file descriptor) [pid 6092] close(15) = -1 EBADF (Bad file descriptor) [pid 6092] close(16) = -1 EBADF (Bad file descriptor) [pid 6092] close(17) = -1 EBADF (Bad file descriptor) [pid 6092] close(18) = -1 EBADF (Bad file descriptor) [pid 6092] close(19) = -1 EBADF (Bad file descriptor) [pid 6092] close(20) = -1 EBADF (Bad file descriptor) [pid 6092] close(21) = -1 EBADF (Bad file descriptor) [pid 6092] close(22) = -1 EBADF (Bad file descriptor) [pid 6092] close(23) = -1 EBADF (Bad file descriptor) [pid 6092] close(24) = -1 EBADF (Bad file descriptor) [pid 6092] close(25) = -1 EBADF (Bad file descriptor) [pid 6092] close(26) = -1 EBADF (Bad file descriptor) [pid 6092] close(27) = -1 EBADF (Bad file descriptor) [pid 6092] close(28) = -1 EBADF (Bad file descriptor) [pid 6092] close(29) = -1 EBADF (Bad file descriptor) [pid 6092] exit_group(0 [pid 6093] <... futex resumed>) = ? [pid 6092] <... exit_group resumed>) = ? [pid 6094] <... futex resumed>) = ? [pid 6093] +++ exited with 0 +++ [pid 6094] +++ exited with 0 +++ [pid 6092] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1016, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5063] umount2("./338", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./338", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./338/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./338/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./338/cgroup.cpu") = 0 [pid 5063] umount2("./338/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./338/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./338/binderfs") = 0 [pid 5063] umount2("./338/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./338/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./338/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./338/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./338/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./338/file0") = 0 [pid 5063] umount2("./338/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./338/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./338/cgroup") = 0 [pid 5063] umount2("./338/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./338/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./338/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./338") = 0 [pid 5063] mkdir("./339", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6095 attached , child_tidptr=0x5555560b8690) = 1019 [pid 6095] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6095] chdir("./339") = 0 [pid 6095] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6095] setpgid(0, 0) = 0 [pid 6095] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6095] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6095] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6095] write(3, "1000", 4) = 4 [pid 6095] close(3) = 0 [pid 6095] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6095] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6095] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6095] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6095] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6095] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6095] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6095] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6096 attached => {parent_tid=[1020]}, 88) = 1020 [pid 6095] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6095] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6095] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6096] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6096] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6096] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6096] memfd_create("syzkaller", 0) = 3 [pid 6096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6096] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6096] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6096] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6096] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6096] close(3) = 0 [pid 6096] mkdir("./file0", 0777) = 0 [pid 6096] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6096] chdir("./file0") = 0 [pid 6096] ioctl(4, LOOP_CLR_FD) = 0 [pid 6096] close(4) = 0 [pid 6096] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6095] <... futex resumed>) = 0 [pid 6096] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6095] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6095] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6096] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6096] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6096] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6096] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6095] <... futex resumed>) = 0 [ 250.750040][ T6096] loop0: detected capacity change from 0 to 4096 [ 250.770988][ T6096] ntfs: volume version 3.1. [pid 6095] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6095] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6096] <... futex resumed>) = 0 [pid 6096] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6095] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6095] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6095] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6095] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6095] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6095] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6097 attached [pid 6097] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6095] <... clone3 resumed> => {parent_tid=[1021]}, 88) = 1021 [pid 6095] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6095] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6097] <... rseq resumed>) = 0 [pid 6095] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6097] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6097] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6097] creat("./file1", 000) = 5 [pid 6097] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6096] <... write resumed>) = 1048064 [pid 6095] <... futex resumed>) = 0 [pid 6097] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6096] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6095] close(3) = 0 [pid 6095] close(4) = 0 [pid 6095] close(5 [pid 6096] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6095] <... close resumed>) = 0 [pid 6095] close(6) = -1 EBADF (Bad file descriptor) [pid 6095] close(7) = -1 EBADF (Bad file descriptor) [pid 6095] close(8) = -1 EBADF (Bad file descriptor) [pid 6095] close(9) = -1 EBADF (Bad file descriptor) [pid 6095] close(10) = -1 EBADF (Bad file descriptor) [pid 6095] close(11) = -1 EBADF (Bad file descriptor) [pid 6095] close(12) = -1 EBADF (Bad file descriptor) [pid 6095] close(13) = -1 EBADF (Bad file descriptor) [pid 6095] close(14) = -1 EBADF (Bad file descriptor) [pid 6095] close(15) = -1 EBADF (Bad file descriptor) [pid 6095] close(16) = -1 EBADF (Bad file descriptor) [pid 6095] close(17) = -1 EBADF (Bad file descriptor) [pid 6095] close(18) = -1 EBADF (Bad file descriptor) [pid 6095] close(19) = -1 EBADF (Bad file descriptor) [pid 6095] close(20) = -1 EBADF (Bad file descriptor) [pid 6095] close(21) = -1 EBADF (Bad file descriptor) [pid 6095] close(22) = -1 EBADF (Bad file descriptor) [pid 6095] close(23) = -1 EBADF (Bad file descriptor) [pid 6095] close(24) = -1 EBADF (Bad file descriptor) [pid 6095] close(25) = -1 EBADF (Bad file descriptor) [pid 6095] close(26) = -1 EBADF (Bad file descriptor) [pid 6095] close(27) = -1 EBADF (Bad file descriptor) [pid 6095] close(28) = -1 EBADF (Bad file descriptor) [pid 6095] close(29) = -1 EBADF (Bad file descriptor) [pid 6095] exit_group(0 [pid 6096] <... futex resumed>) = ? [pid 6097] <... futex resumed>) = ? [pid 6095] <... exit_group resumed>) = ? [pid 6096] +++ exited with 0 +++ [pid 6097] +++ exited with 0 +++ [pid 6095] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1019, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./339", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./339", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./339/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./339/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./339/cgroup.cpu") = 0 [pid 5063] umount2("./339/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./339/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./339/binderfs") = 0 [pid 5063] umount2("./339/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./339/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./339/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./339/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./339/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./339/file0") = 0 [pid 5063] umount2("./339/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./339/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./339/cgroup") = 0 [pid 5063] umount2("./339/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./339/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./339/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./339") = 0 [pid 5063] mkdir("./340", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6098 attached , child_tidptr=0x5555560b8690) = 1022 [pid 6098] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6098] chdir("./340") = 0 [pid 6098] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6098] setpgid(0, 0) = 0 [pid 6098] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6098] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6098] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6098] write(3, "1000", 4) = 4 [pid 6098] close(3) = 0 [pid 6098] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6098] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6098] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6098] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6098] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6098] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6098] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6098] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6099 attached => {parent_tid=[1023]}, 88) = 1023 [pid 6099] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6098] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6098] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6098] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6099] <... rseq resumed>) = 0 [pid 6099] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6099] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6099] memfd_create("syzkaller", 0) = 3 [pid 6099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6099] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6099] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6099] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6099] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6099] close(3) = 0 [pid 6099] mkdir("./file0", 0777) = 0 [pid 6099] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6099] chdir("./file0") = 0 [pid 6099] ioctl(4, LOOP_CLR_FD) = 0 [pid 6099] close(4) = 0 [pid 6099] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6099] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6098] <... futex resumed>) = 0 [pid 6098] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6099] <... futex resumed>) = 0 [pid 6098] <... futex resumed>) = 1 [pid 6099] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6098] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6099] <... openat resumed>) = 4 [pid 6099] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6098] <... futex resumed>) = 0 [pid 6099] <... futex resumed>) = 1 [pid 6099] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6098] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6099] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6098] <... futex resumed>) = 0 [pid 6098] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 251.356829][ T6099] loop0: detected capacity change from 0 to 4096 [ 251.386579][ T6099] ntfs: volume version 3.1. [pid 6099] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6098] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6098] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6098] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6098] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6098] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6098] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6100 attached [pid 6100] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6100] set_robust_list(0x7eff0a3299a0, 24 [pid 6098] <... clone3 resumed> => {parent_tid=[1024]}, 88) = 1024 [pid 6100] <... set_robust_list resumed>) = 0 [pid 6098] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6100] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6098] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6100] creat("./file1", 000 [pid 6098] <... futex resumed>) = 0 [pid 6098] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6100] <... creat resumed>) = 5 [pid 6100] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6099] <... write resumed>) = 1048064 [pid 6100] <... futex resumed>) = 1 [pid 6099] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6098] <... futex resumed>) = 0 [pid 6100] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6098] close(3) = 0 [pid 6098] close(4 [pid 6099] <... futex resumed>) = 0 [pid 6099] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6098] <... close resumed>) = 0 [pid 6098] close(5) = 0 [pid 6098] close(6) = -1 EBADF (Bad file descriptor) [pid 6098] close(7) = -1 EBADF (Bad file descriptor) [pid 6098] close(8) = -1 EBADF (Bad file descriptor) [pid 6098] close(9) = -1 EBADF (Bad file descriptor) [pid 6098] close(10) = -1 EBADF (Bad file descriptor) [pid 6098] close(11) = -1 EBADF (Bad file descriptor) [pid 6098] close(12) = -1 EBADF (Bad file descriptor) [pid 6098] close(13) = -1 EBADF (Bad file descriptor) [pid 6098] close(14) = -1 EBADF (Bad file descriptor) [pid 6098] close(15) = -1 EBADF (Bad file descriptor) [pid 6098] close(16) = -1 EBADF (Bad file descriptor) [pid 6098] close(17) = -1 EBADF (Bad file descriptor) [pid 6098] close(18) = -1 EBADF (Bad file descriptor) [pid 6098] close(19) = -1 EBADF (Bad file descriptor) [pid 6098] close(20) = -1 EBADF (Bad file descriptor) [pid 6098] close(21) = -1 EBADF (Bad file descriptor) [pid 6098] close(22) = -1 EBADF (Bad file descriptor) [pid 6098] close(23) = -1 EBADF (Bad file descriptor) [pid 6098] close(24) = -1 EBADF (Bad file descriptor) [pid 6098] close(25) = -1 EBADF (Bad file descriptor) [pid 6098] close(26) = -1 EBADF (Bad file descriptor) [pid 6098] close(27) = -1 EBADF (Bad file descriptor) [pid 6098] close(28) = -1 EBADF (Bad file descriptor) [pid 6098] close(29) = -1 EBADF (Bad file descriptor) [pid 6098] exit_group(0 [pid 6099] <... futex resumed>) = ? [pid 6100] <... futex resumed>) = ? [pid 6098] <... exit_group resumed>) = ? [pid 6100] +++ exited with 0 +++ [pid 6099] +++ exited with 0 +++ [pid 6098] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1022, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./340", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./340", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./340/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./340/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./340/cgroup.cpu") = 0 [pid 5063] umount2("./340/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./340/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./340/binderfs") = 0 [pid 5063] umount2("./340/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./340/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./340/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./340/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./340/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./340/file0") = 0 [pid 5063] umount2("./340/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./340/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./340/cgroup") = 0 [pid 5063] umount2("./340/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./340/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./340/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./340") = 0 [pid 5063] mkdir("./341", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6101 attached [pid 6101] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1025 [pid 6101] <... set_robust_list resumed>) = 0 [pid 6101] chdir("./341") = 0 [pid 6101] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6101] setpgid(0, 0) = 0 [pid 6101] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6101] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6101] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6101] write(3, "1000", 4) = 4 [pid 6101] close(3) = 0 [pid 6101] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6101] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6101] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6101] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6101] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6101] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6101] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6101] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6102 attached => {parent_tid=[1026]}, 88) = 1026 [pid 6102] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6101] rt_sigprocmask(SIG_SETMASK, [], [pid 6102] <... rseq resumed>) = 0 [pid 6101] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6101] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6102] set_robust_list(0x7eff0a34a9a0, 24 [pid 6101] <... futex resumed>) = 0 [pid 6102] <... set_robust_list resumed>) = 0 [pid 6102] rt_sigprocmask(SIG_SETMASK, [], [pid 6101] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6102] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6102] memfd_create("syzkaller", 0) = 3 [pid 6102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6102] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6102] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6102] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6102] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6102] close(3) = 0 [pid 6102] mkdir("./file0", 0777) = 0 [pid 6102] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6102] chdir("./file0") = 0 [pid 6102] ioctl(4, LOOP_CLR_FD) = 0 [pid 6102] close(4) = 0 [pid 6102] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6101] <... futex resumed>) = 0 [pid 6102] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6101] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6102] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6101] <... futex resumed>) = 0 [pid 6102] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 251.879281][ T6102] loop0: detected capacity change from 0 to 4096 [ 251.910019][ T6102] ntfs: volume version 3.1. [pid 6101] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6102] <... openat resumed>) = 4 [pid 6102] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6101] <... futex resumed>) = 0 [pid 6102] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6101] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6102] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6101] <... futex resumed>) = 0 [pid 6101] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6102] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6101] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6101] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6101] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6101] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6101] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6101] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6101] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6103 attached [pid 6103] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6101] <... clone3 resumed> => {parent_tid=[1027]}, 88) = 1027 [pid 6103] <... rseq resumed>) = 0 [pid 6103] set_robust_list(0x7eff0a3299a0, 24 [pid 6101] rt_sigprocmask(SIG_SETMASK, [], [pid 6103] <... set_robust_list resumed>) = 0 [pid 6103] rt_sigprocmask(SIG_SETMASK, [], [pid 6101] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6103] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6101] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6103] creat("./file1", 000 [pid 6101] <... futex resumed>) = 0 [pid 6101] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6103] <... creat resumed>) = 5 [pid 6102] <... write resumed>) = 1048064 [pid 6103] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6102] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6101] <... futex resumed>) = 0 [pid 6103] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6102] <... futex resumed>) = 0 [pid 6101] close(3) = 0 [pid 6102] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6101] close(4) = 0 [pid 6101] close(5) = 0 [pid 6101] close(6) = -1 EBADF (Bad file descriptor) [pid 6101] close(7) = -1 EBADF (Bad file descriptor) [pid 6101] close(8) = -1 EBADF (Bad file descriptor) [pid 6101] close(9) = -1 EBADF (Bad file descriptor) [pid 6101] close(10) = -1 EBADF (Bad file descriptor) [pid 6101] close(11) = -1 EBADF (Bad file descriptor) [pid 6101] close(12) = -1 EBADF (Bad file descriptor) [pid 6101] close(13) = -1 EBADF (Bad file descriptor) [pid 6101] close(14) = -1 EBADF (Bad file descriptor) [pid 6101] close(15) = -1 EBADF (Bad file descriptor) [pid 6101] close(16) = -1 EBADF (Bad file descriptor) [pid 6101] close(17) = -1 EBADF (Bad file descriptor) [pid 6101] close(18) = -1 EBADF (Bad file descriptor) [pid 6101] close(19) = -1 EBADF (Bad file descriptor) [pid 6101] close(20) = -1 EBADF (Bad file descriptor) [pid 6101] close(21) = -1 EBADF (Bad file descriptor) [pid 6101] close(22) = -1 EBADF (Bad file descriptor) [pid 6101] close(23) = -1 EBADF (Bad file descriptor) [pid 6101] close(24) = -1 EBADF (Bad file descriptor) [pid 6101] close(25) = -1 EBADF (Bad file descriptor) [pid 6101] close(26) = -1 EBADF (Bad file descriptor) [pid 6101] close(27) = -1 EBADF (Bad file descriptor) [pid 6101] close(28) = -1 EBADF (Bad file descriptor) [pid 6101] close(29) = -1 EBADF (Bad file descriptor) [pid 6101] exit_group(0) = ? [pid 6103] <... futex resumed>) = ? [pid 6102] <... futex resumed>) = ? [pid 6103] +++ exited with 0 +++ [pid 6102] +++ exited with 0 +++ [pid 6101] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1025, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./341", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./341", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./341/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./341/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./341/cgroup.cpu") = 0 [pid 5063] umount2("./341/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./341/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./341/binderfs") = 0 [pid 5063] umount2("./341/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./341/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./341/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./341/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./341/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./341/file0") = 0 [pid 5063] umount2("./341/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./341/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./341/cgroup") = 0 [pid 5063] umount2("./341/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./341/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./341/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./341") = 0 [pid 5063] mkdir("./342", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6104 attached , child_tidptr=0x5555560b8690) = 1028 [pid 6104] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6104] chdir("./342") = 0 [pid 6104] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6104] setpgid(0, 0) = 0 [pid 6104] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6104] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6104] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6104] write(3, "1000", 4) = 4 [pid 6104] close(3) = 0 [pid 6104] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6104] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6104] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6104] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6104] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6104] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6105 attached => {parent_tid=[1029]}, 88) = 1029 [pid 6104] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6104] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6105] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6105] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6105] rt_sigprocmask(SIG_SETMASK, [], [pid 6104] <... futex resumed>) = 0 [pid 6105] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6104] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6105] memfd_create("syzkaller", 0) = 3 [pid 6105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6105] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6105] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6105] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6105] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6105] close(3) = 0 [pid 6105] mkdir("./file0", 0777) = 0 [pid 6105] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6105] chdir("./file0") = 0 [pid 6105] ioctl(4, LOOP_CLR_FD) = 0 [pid 6105] close(4) = 0 [pid 6105] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6104] <... futex resumed>) = 0 [pid 6105] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6104] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6105] <... futex resumed>) = 0 [pid 6104] <... futex resumed>) = 1 [pid 6105] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6104] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6105] <... openat resumed>) = 4 [pid 6105] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6105] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6104] <... futex resumed>) = 0 [pid 6104] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6105] <... futex resumed>) = 0 [pid 6104] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 252.488729][ T6105] loop0: detected capacity change from 0 to 4096 [ 252.510119][ T6105] ntfs: volume version 3.1. [pid 6105] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6104] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6104] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6104] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6104] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6104] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6104] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6106 attached [pid 6106] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6104] <... clone3 resumed> => {parent_tid=[1030]}, 88) = 1030 [pid 6106] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6104] rt_sigprocmask(SIG_SETMASK, [], [pid 6106] rt_sigprocmask(SIG_SETMASK, [], [pid 6104] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6106] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6104] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6106] creat("./file1", 000 [pid 6104] <... futex resumed>) = 0 [pid 6106] <... creat resumed>) = 5 [pid 6105] <... write resumed>) = 1048064 [pid 6104] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6106] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6104] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6105] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6106] <... futex resumed>) = 0 [pid 6104] close(3 [pid 6106] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6105] <... futex resumed>) = 0 [pid 6104] <... close resumed>) = 0 [pid 6105] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6104] close(4) = 0 [pid 6104] close(5) = 0 [pid 6104] close(6) = -1 EBADF (Bad file descriptor) [pid 6104] close(7) = -1 EBADF (Bad file descriptor) [pid 6104] close(8) = -1 EBADF (Bad file descriptor) [pid 6104] close(9) = -1 EBADF (Bad file descriptor) [pid 6104] close(10) = -1 EBADF (Bad file descriptor) [pid 6104] close(11) = -1 EBADF (Bad file descriptor) [pid 6104] close(12) = -1 EBADF (Bad file descriptor) [pid 6104] close(13) = -1 EBADF (Bad file descriptor) [pid 6104] close(14) = -1 EBADF (Bad file descriptor) [pid 6104] close(15) = -1 EBADF (Bad file descriptor) [pid 6104] close(16) = -1 EBADF (Bad file descriptor) [pid 6104] close(17) = -1 EBADF (Bad file descriptor) [pid 6104] close(18) = -1 EBADF (Bad file descriptor) [pid 6104] close(19) = -1 EBADF (Bad file descriptor) [pid 6104] close(20) = -1 EBADF (Bad file descriptor) [pid 6104] close(21) = -1 EBADF (Bad file descriptor) [pid 6104] close(22) = -1 EBADF (Bad file descriptor) [pid 6104] close(23) = -1 EBADF (Bad file descriptor) [pid 6104] close(24) = -1 EBADF (Bad file descriptor) [pid 6104] close(25) = -1 EBADF (Bad file descriptor) [pid 6104] close(26) = -1 EBADF (Bad file descriptor) [pid 6104] close(27) = -1 EBADF (Bad file descriptor) [pid 6104] close(28) = -1 EBADF (Bad file descriptor) [pid 6104] close(29) = -1 EBADF (Bad file descriptor) [pid 6104] exit_group(0 [pid 6106] <... futex resumed>) = ? [pid 6105] <... futex resumed>) = ? [pid 6104] <... exit_group resumed>) = ? [pid 6106] +++ exited with 0 +++ [pid 6105] +++ exited with 0 +++ [pid 6104] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1028, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./342", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./342", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./342/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./342/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./342/cgroup.cpu") = 0 [pid 5063] umount2("./342/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./342/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./342/binderfs") = 0 [pid 5063] umount2("./342/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./342/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./342/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./342/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./342/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./342/file0") = 0 [pid 5063] umount2("./342/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./342/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./342/cgroup") = 0 [pid 5063] umount2("./342/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./342/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./342/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./342") = 0 [pid 5063] mkdir("./343", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6107 attached , child_tidptr=0x5555560b8690) = 1031 [pid 6107] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6107] chdir("./343") = 0 [pid 6107] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6107] setpgid(0, 0) = 0 [pid 6107] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6107] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6107] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6107] write(3, "1000", 4) = 4 [pid 6107] close(3) = 0 [pid 6107] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6107] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6107] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6107] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6107] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6107] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6107] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6107] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6108 attached => {parent_tid=[1032]}, 88) = 1032 [pid 6108] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6107] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6108] <... rseq resumed>) = 0 [pid 6107] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6108] set_robust_list(0x7eff0a34a9a0, 24 [pid 6107] <... futex resumed>) = 0 [pid 6108] <... set_robust_list resumed>) = 0 [pid 6107] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6108] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6108] memfd_create("syzkaller", 0) = 3 [pid 6108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6108] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6108] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6108] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6108] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6108] close(3) = 0 [pid 6108] mkdir("./file0", 0777) = 0 [pid 6108] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6108] chdir("./file0") = 0 [pid 6108] ioctl(4, LOOP_CLR_FD) = 0 [pid 6108] close(4) = 0 [pid 6108] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6108] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6107] <... futex resumed>) = 0 [pid 6107] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6108] <... futex resumed>) = 0 [pid 6107] <... futex resumed>) = 1 [pid 6108] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6107] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6108] <... openat resumed>) = 4 [pid 6108] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6107] <... futex resumed>) = 0 [pid 6108] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6107] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6108] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6107] <... futex resumed>) = 0 [pid 6108] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 253.054687][ T6108] loop0: detected capacity change from 0 to 4096 [ 253.085897][ T6108] ntfs: volume version 3.1. [pid 6107] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6107] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6107] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6107] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6107] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6107] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6109 attached => {parent_tid=[1033]}, 88) = 1033 [pid 6109] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6107] rt_sigprocmask(SIG_SETMASK, [], [pid 6109] <... rseq resumed>) = 0 [pid 6107] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6109] set_robust_list(0x7eff0a3299a0, 24 [pid 6107] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6109] <... set_robust_list resumed>) = 0 [pid 6107] <... futex resumed>) = 0 [pid 6109] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6107] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6109] creat("./file1", 000) = 5 [pid 6109] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6108] <... write resumed>) = 1048064 [pid 6109] <... futex resumed>) = 1 [pid 6108] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6107] <... futex resumed>) = 0 [pid 6109] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6108] <... futex resumed>) = 0 [pid 6107] close(3 [pid 6108] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6107] <... close resumed>) = 0 [pid 6107] close(4) = 0 [pid 6107] close(5) = 0 [pid 6107] close(6) = -1 EBADF (Bad file descriptor) [pid 6107] close(7) = -1 EBADF (Bad file descriptor) [pid 6107] close(8) = -1 EBADF (Bad file descriptor) [pid 6107] close(9) = -1 EBADF (Bad file descriptor) [pid 6107] close(10) = -1 EBADF (Bad file descriptor) [pid 6107] close(11) = -1 EBADF (Bad file descriptor) [pid 6107] close(12) = -1 EBADF (Bad file descriptor) [pid 6107] close(13) = -1 EBADF (Bad file descriptor) [pid 6107] close(14) = -1 EBADF (Bad file descriptor) [pid 6107] close(15) = -1 EBADF (Bad file descriptor) [pid 6107] close(16) = -1 EBADF (Bad file descriptor) [pid 6107] close(17) = -1 EBADF (Bad file descriptor) [pid 6107] close(18) = -1 EBADF (Bad file descriptor) [pid 6107] close(19) = -1 EBADF (Bad file descriptor) [pid 6107] close(20) = -1 EBADF (Bad file descriptor) [pid 6107] close(21) = -1 EBADF (Bad file descriptor) [pid 6107] close(22) = -1 EBADF (Bad file descriptor) [pid 6107] close(23) = -1 EBADF (Bad file descriptor) [pid 6107] close(24) = -1 EBADF (Bad file descriptor) [pid 6107] close(25) = -1 EBADF (Bad file descriptor) [pid 6107] close(26) = -1 EBADF (Bad file descriptor) [pid 6107] close(27) = -1 EBADF (Bad file descriptor) [pid 6107] close(28) = -1 EBADF (Bad file descriptor) [pid 6107] close(29) = -1 EBADF (Bad file descriptor) [pid 6107] exit_group(0 [pid 6109] <... futex resumed>) = ? [pid 6108] <... futex resumed>) = ? [pid 6109] +++ exited with 0 +++ [pid 6107] <... exit_group resumed>) = ? [pid 6108] +++ exited with 0 +++ [pid 6107] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1031, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./343", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./343", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./343/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./343/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./343/cgroup.cpu") = 0 [pid 5063] umount2("./343/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./343/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./343/binderfs") = 0 [pid 5063] umount2("./343/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./343/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./343/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./343/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./343/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./343/file0") = 0 [pid 5063] umount2("./343/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./343/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./343/cgroup") = 0 [pid 5063] umount2("./343/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./343/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./343/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./343") = 0 [pid 5063] mkdir("./344", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6110 attached , child_tidptr=0x5555560b8690) = 1034 [pid 6110] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6110] chdir("./344") = 0 [pid 6110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6110] setpgid(0, 0) = 0 [pid 6110] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6110] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6110] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6110] write(3, "1000", 4) = 4 [pid 6110] close(3) = 0 [pid 6110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6110] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6110] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6110] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6110] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6110] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6110] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6110] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[1035]}, 88) = 1035 ./strace-static-x86_64: Process 6111 attached [pid 6110] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6110] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6110] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6111] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6111] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6111] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6111] memfd_create("syzkaller", 0) = 3 [pid 6111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6111] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6111] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6111] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6111] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6111] close(3) = 0 [pid 6111] mkdir("./file0", 0777) = 0 [pid 6111] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6111] chdir("./file0") = 0 [pid 6111] ioctl(4, LOOP_CLR_FD) = 0 [pid 6111] close(4) = 0 [pid 6111] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6110] <... futex resumed>) = 0 [pid 6111] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6110] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6111] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6110] <... futex resumed>) = 0 [pid 6111] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 253.609981][ T6111] loop0: detected capacity change from 0 to 4096 [ 253.631625][ T6111] ntfs: volume version 3.1. [pid 6110] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6111] <... openat resumed>) = 4 [pid 6111] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6110] <... futex resumed>) = 0 [pid 6111] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6110] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6111] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6110] <... futex resumed>) = 0 [pid 6111] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6110] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6110] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6110] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6110] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6110] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6110] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6112 attached [pid 6112] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6110] <... clone3 resumed> => {parent_tid=[1036]}, 88) = 1036 [pid 6112] <... rseq resumed>) = 0 [pid 6110] rt_sigprocmask(SIG_SETMASK, [], [pid 6112] set_robust_list(0x7eff0a3299a0, 24 [pid 6110] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6112] <... set_robust_list resumed>) = 0 [pid 6112] rt_sigprocmask(SIG_SETMASK, [], [pid 6110] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6112] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6112] creat("./file1", 000 [pid 6110] <... futex resumed>) = 0 [pid 6110] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6112] <... creat resumed>) = 5 [pid 6112] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6111] <... write resumed>) = 1048064 [pid 6112] <... futex resumed>) = 1 [pid 6111] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6112] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6110] <... futex resumed>) = 0 [pid 6111] <... futex resumed>) = 0 [pid 6110] close(3 [pid 6111] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6110] <... close resumed>) = 0 [pid 6110] close(4) = 0 [pid 6110] close(5) = 0 [pid 6110] close(6) = -1 EBADF (Bad file descriptor) [pid 6110] close(7) = -1 EBADF (Bad file descriptor) [pid 6110] close(8) = -1 EBADF (Bad file descriptor) [pid 6110] close(9) = -1 EBADF (Bad file descriptor) [pid 6110] close(10) = -1 EBADF (Bad file descriptor) [pid 6110] close(11) = -1 EBADF (Bad file descriptor) [pid 6110] close(12) = -1 EBADF (Bad file descriptor) [pid 6110] close(13) = -1 EBADF (Bad file descriptor) [pid 6110] close(14) = -1 EBADF (Bad file descriptor) [pid 6110] close(15) = -1 EBADF (Bad file descriptor) [pid 6110] close(16) = -1 EBADF (Bad file descriptor) [pid 6110] close(17) = -1 EBADF (Bad file descriptor) [pid 6110] close(18) = -1 EBADF (Bad file descriptor) [pid 6110] close(19) = -1 EBADF (Bad file descriptor) [pid 6110] close(20) = -1 EBADF (Bad file descriptor) [pid 6110] close(21) = -1 EBADF (Bad file descriptor) [pid 6110] close(22) = -1 EBADF (Bad file descriptor) [pid 6110] close(23) = -1 EBADF (Bad file descriptor) [pid 6110] close(24) = -1 EBADF (Bad file descriptor) [pid 6110] close(25) = -1 EBADF (Bad file descriptor) [pid 6110] close(26) = -1 EBADF (Bad file descriptor) [pid 6110] close(27) = -1 EBADF (Bad file descriptor) [pid 6110] close(28) = -1 EBADF (Bad file descriptor) [pid 6110] close(29) = -1 EBADF (Bad file descriptor) [pid 6110] exit_group(0 [pid 6111] <... futex resumed>) = ? [pid 6110] <... exit_group resumed>) = ? [pid 6112] <... futex resumed>) = ? [pid 6111] +++ exited with 0 +++ [pid 6112] +++ exited with 0 +++ [pid 6110] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1034, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./344", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./344", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./344/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./344/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./344/cgroup.cpu") = 0 [pid 5063] umount2("./344/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./344/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./344/binderfs") = 0 [pid 5063] umount2("./344/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./344/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./344/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./344/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./344/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./344/file0") = 0 [pid 5063] umount2("./344/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./344/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./344/cgroup") = 0 [pid 5063] umount2("./344/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./344/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./344/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./344") = 0 [pid 5063] mkdir("./345", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1037 ./strace-static-x86_64: Process 6113 attached [pid 6113] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6113] chdir("./345") = 0 [pid 6113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6113] setpgid(0, 0) = 0 [pid 6113] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6113] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6113] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6113] write(3, "1000", 4) = 4 [pid 6113] close(3) = 0 [pid 6113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6113] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6113] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6113] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6113] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6113] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6113] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6113] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6114 attached [pid 6114] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6113] <... clone3 resumed> => {parent_tid=[1038]}, 88) = 1038 [pid 6114] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6114] rt_sigprocmask(SIG_SETMASK, [], [pid 6113] rt_sigprocmask(SIG_SETMASK, [], [pid 6114] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6113] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6114] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6113] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6114] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6113] <... futex resumed>) = 0 [pid 6113] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6114] memfd_create("syzkaller", 0) = 3 [pid 6114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6114] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6114] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6114] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6114] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6114] close(3) = 0 [pid 6114] mkdir("./file0", 0777) = 0 [pid 6114] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6114] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6114] chdir("./file0") = 0 [pid 6114] ioctl(4, LOOP_CLR_FD) = 0 [pid 6114] close(4) = 0 [pid 6114] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6113] <... futex resumed>) = 0 [pid 6114] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6113] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6114] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6113] <... futex resumed>) = 0 [pid 6114] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 254.122896][ T6114] loop0: detected capacity change from 0 to 4096 [ 254.145971][ T6114] ntfs: volume version 3.1. [pid 6113] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6114] <... openat resumed>) = 4 [pid 6114] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6113] <... futex resumed>) = 0 [pid 6114] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6113] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6114] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6113] <... futex resumed>) = 0 [pid 6114] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6113] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6113] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6113] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6113] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6113] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6113] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6115 attached [pid 6115] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6113] <... clone3 resumed> => {parent_tid=[1039]}, 88) = 1039 [pid 6115] <... rseq resumed>) = 0 [pid 6113] rt_sigprocmask(SIG_SETMASK, [], [pid 6115] set_robust_list(0x7eff0a3299a0, 24 [pid 6113] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6115] <... set_robust_list resumed>) = 0 [pid 6113] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6115] rt_sigprocmask(SIG_SETMASK, [], [pid 6113] <... futex resumed>) = 0 [pid 6115] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6115] creat("./file1", 000 [pid 6113] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6115] <... creat resumed>) = 5 [pid 6114] <... write resumed>) = 1048064 [pid 6115] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6113] <... futex resumed>) = 0 [pid 6115] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6114] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6114] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6113] close(3) = 0 [pid 6113] close(4) = 0 [pid 6113] close(5) = 0 [pid 6113] close(6) = -1 EBADF (Bad file descriptor) [pid 6113] close(7) = -1 EBADF (Bad file descriptor) [pid 6113] close(8) = -1 EBADF (Bad file descriptor) [pid 6113] close(9) = -1 EBADF (Bad file descriptor) [pid 6113] close(10) = -1 EBADF (Bad file descriptor) [pid 6113] close(11) = -1 EBADF (Bad file descriptor) [pid 6113] close(12) = -1 EBADF (Bad file descriptor) [pid 6113] close(13) = -1 EBADF (Bad file descriptor) [pid 6113] close(14) = -1 EBADF (Bad file descriptor) [pid 6113] close(15) = -1 EBADF (Bad file descriptor) [pid 6113] close(16) = -1 EBADF (Bad file descriptor) [pid 6113] close(17) = -1 EBADF (Bad file descriptor) [pid 6113] close(18) = -1 EBADF (Bad file descriptor) [pid 6113] close(19) = -1 EBADF (Bad file descriptor) [pid 6113] close(20) = -1 EBADF (Bad file descriptor) [pid 6113] close(21) = -1 EBADF (Bad file descriptor) [pid 6113] close(22) = -1 EBADF (Bad file descriptor) [pid 6113] close(23) = -1 EBADF (Bad file descriptor) [pid 6113] close(24) = -1 EBADF (Bad file descriptor) [pid 6113] close(25) = -1 EBADF (Bad file descriptor) [pid 6113] close(26) = -1 EBADF (Bad file descriptor) [pid 6113] close(27) = -1 EBADF (Bad file descriptor) [pid 6113] close(28) = -1 EBADF (Bad file descriptor) [pid 6113] close(29) = -1 EBADF (Bad file descriptor) [pid 6113] exit_group(0) = ? [pid 6114] <... futex resumed>) = ? [pid 6114] +++ exited with 0 +++ [pid 6115] <... futex resumed>) = ? [pid 6115] +++ exited with 0 +++ [pid 6113] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1037, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./345", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./345", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./345/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./345/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./345/cgroup.cpu") = 0 [pid 5063] umount2("./345/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./345/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./345/binderfs") = 0 [pid 5063] umount2("./345/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./345/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./345/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./345/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./345/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./345/file0") = 0 [pid 5063] umount2("./345/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./345/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./345/cgroup") = 0 [pid 5063] umount2("./345/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./345/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./345/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./345") = 0 [pid 5063] mkdir("./346", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6116 attached , child_tidptr=0x5555560b8690) = 1040 [pid 6116] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6116] chdir("./346") = 0 [pid 6116] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6116] setpgid(0, 0) = 0 [pid 6116] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6116] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6116] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6116] write(3, "1000", 4) = 4 [pid 6116] close(3) = 0 [pid 6116] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6116] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6116] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6116] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6116] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6116] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6116] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6116] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6117 attached [pid 6117] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6116] <... clone3 resumed> => {parent_tid=[1041]}, 88) = 1041 [pid 6117] <... rseq resumed>) = 0 [pid 6116] rt_sigprocmask(SIG_SETMASK, [], [pid 6117] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6116] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6117] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6117] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6116] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6117] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6116] <... futex resumed>) = 0 [pid 6116] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6117] memfd_create("syzkaller", 0) = 3 [pid 6117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6117] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6117] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6117] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6117] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6117] close(3) = 0 [pid 6117] mkdir("./file0", 0777) = 0 [pid 6117] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6117] chdir("./file0") = 0 [pid 6117] ioctl(4, LOOP_CLR_FD) = 0 [ 254.734403][ T6117] loop0: detected capacity change from 0 to 4096 [ 254.773962][ T6117] ntfs: volume version 3.1. [pid 6117] close(4) = 0 [pid 6117] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6116] <... futex resumed>) = 0 [pid 6117] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6116] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6116] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6117] <... openat resumed>) = 4 [pid 6117] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6116] <... futex resumed>) = 0 [pid 6117] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6116] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6116] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6117] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6117] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6116] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6116] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6116] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6116] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6116] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6116] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6116] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6118 attached => {parent_tid=[1042]}, 88) = 1042 [pid 6118] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6116] rt_sigprocmask(SIG_SETMASK, [], [pid 6118] <... rseq resumed>) = 0 [pid 6116] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6118] set_robust_list(0x7eff0a3299a0, 24 [pid 6116] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6118] <... set_robust_list resumed>) = 0 [pid 6116] <... futex resumed>) = 0 [pid 6118] rt_sigprocmask(SIG_SETMASK, [], [pid 6116] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6118] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6118] creat("./file1", 000) = 5 [pid 6118] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6117] <... write resumed>) = 1048064 [pid 6118] <... futex resumed>) = 1 [pid 6116] <... futex resumed>) = 0 [pid 6118] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6117] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6116] close(3 [pid 6117] <... futex resumed>) = 0 [pid 6116] <... close resumed>) = 0 [pid 6116] close(4) = 0 [pid 6117] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6116] close(5) = 0 [pid 6116] close(6) = -1 EBADF (Bad file descriptor) [pid 6116] close(7) = -1 EBADF (Bad file descriptor) [pid 6116] close(8) = -1 EBADF (Bad file descriptor) [pid 6116] close(9) = -1 EBADF (Bad file descriptor) [pid 6116] close(10) = -1 EBADF (Bad file descriptor) [pid 6116] close(11) = -1 EBADF (Bad file descriptor) [pid 6116] close(12) = -1 EBADF (Bad file descriptor) [pid 6116] close(13) = -1 EBADF (Bad file descriptor) [pid 6116] close(14) = -1 EBADF (Bad file descriptor) [pid 6116] close(15) = -1 EBADF (Bad file descriptor) [pid 6116] close(16) = -1 EBADF (Bad file descriptor) [pid 6116] close(17) = -1 EBADF (Bad file descriptor) [pid 6116] close(18) = -1 EBADF (Bad file descriptor) [pid 6116] close(19) = -1 EBADF (Bad file descriptor) [pid 6116] close(20) = -1 EBADF (Bad file descriptor) [pid 6116] close(21) = -1 EBADF (Bad file descriptor) [pid 6116] close(22) = -1 EBADF (Bad file descriptor) [pid 6116] close(23) = -1 EBADF (Bad file descriptor) [pid 6116] close(24) = -1 EBADF (Bad file descriptor) [pid 6116] close(25) = -1 EBADF (Bad file descriptor) [pid 6116] close(26) = -1 EBADF (Bad file descriptor) [pid 6116] close(27) = -1 EBADF (Bad file descriptor) [pid 6116] close(28) = -1 EBADF (Bad file descriptor) [pid 6116] close(29) = -1 EBADF (Bad file descriptor) [pid 6116] exit_group(0) = ? [pid 6117] <... futex resumed>) = ? [pid 6118] <... futex resumed>) = ? [pid 6117] +++ exited with 0 +++ [pid 6118] +++ exited with 0 +++ [pid 6116] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1040, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./346", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./346", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./346/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./346/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./346/cgroup.cpu") = 0 [pid 5063] umount2("./346/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./346/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./346/binderfs") = 0 [pid 5063] umount2("./346/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./346/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./346/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./346/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./346/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./346/file0") = 0 [pid 5063] umount2("./346/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./346/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./346/cgroup") = 0 [pid 5063] umount2("./346/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./346/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./346/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./346") = 0 [pid 5063] mkdir("./347", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6119 attached [pid 6119] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1043 [pid 6119] <... set_robust_list resumed>) = 0 [pid 6119] chdir("./347") = 0 [pid 6119] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6119] setpgid(0, 0) = 0 [pid 6119] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6119] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6119] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6119] write(3, "1000", 4) = 4 [pid 6119] close(3) = 0 [pid 6119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6119] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6119] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6119] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6119] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6119] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6120 attached [pid 6120] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6120] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6119] <... clone3 resumed> => {parent_tid=[1044]}, 88) = 1044 [pid 6120] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6119] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6120] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6119] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6120] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6119] <... futex resumed>) = 0 [pid 6120] memfd_create("syzkaller", 0 [pid 6119] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6120] <... memfd_create resumed>) = 3 [pid 6120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6120] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6120] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6120] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6120] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6120] close(3) = 0 [pid 6120] mkdir("./file0", 0777) = 0 [ 255.399453][ T6120] loop0: detected capacity change from 0 to 4096 [ 255.430721][ T6120] __ntfs_warning: 170 callbacks suppressed [ 255.430734][ T6120] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 255.458445][ T6120] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 255.468597][ T6120] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 255.484331][ T6120] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 255.493138][ T6120] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 255.513089][ T6120] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 255.521845][ T6120] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [pid 6120] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6120] chdir("./file0") = 0 [pid 6120] ioctl(4, LOOP_CLR_FD) = 0 [pid 6120] close(4) = 0 [pid 6120] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6119] <... futex resumed>) = 0 [pid 6119] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6120] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 255.541995][ T6120] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 255.550755][ T6120] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 255.570781][ T6120] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 255.581214][ T6120] ntfs: volume version 3.1. [pid 6119] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6120] <... openat resumed>) = 4 [pid 6120] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6120] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6119] <... futex resumed>) = 0 [pid 6119] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6120] <... futex resumed>) = 0 [pid 6119] <... futex resumed>) = 1 [pid 6120] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6119] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6119] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6119] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6119] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6119] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6119] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6121 attached => {parent_tid=[1045]}, 88) = 1045 [pid 6121] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6121] set_robust_list(0x7eff0a3299a0, 24 [pid 6119] rt_sigprocmask(SIG_SETMASK, [], [pid 6121] <... set_robust_list resumed>) = 0 [pid 6119] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6121] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6119] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6121] creat("./file1", 000 [pid 6119] <... futex resumed>) = 0 [pid 6121] <... creat resumed>) = 5 [pid 6120] <... write resumed>) = 1048064 [pid 6119] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6121] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6119] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6121] <... futex resumed>) = 0 [pid 6120] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6119] close(3 [pid 6121] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6120] <... futex resumed>) = 0 [pid 6119] <... close resumed>) = 0 [pid 6120] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6119] close(4) = 0 [pid 6119] close(5) = 0 [pid 6119] close(6) = -1 EBADF (Bad file descriptor) [pid 6119] close(7) = -1 EBADF (Bad file descriptor) [pid 6119] close(8) = -1 EBADF (Bad file descriptor) [pid 6119] close(9) = -1 EBADF (Bad file descriptor) [pid 6119] close(10) = -1 EBADF (Bad file descriptor) [pid 6119] close(11) = -1 EBADF (Bad file descriptor) [pid 6119] close(12) = -1 EBADF (Bad file descriptor) [pid 6119] close(13) = -1 EBADF (Bad file descriptor) [pid 6119] close(14) = -1 EBADF (Bad file descriptor) [pid 6119] close(15) = -1 EBADF (Bad file descriptor) [pid 6119] close(16) = -1 EBADF (Bad file descriptor) [pid 6119] close(17) = -1 EBADF (Bad file descriptor) [pid 6119] close(18) = -1 EBADF (Bad file descriptor) [pid 6119] close(19) = -1 EBADF (Bad file descriptor) [pid 6119] close(20) = -1 EBADF (Bad file descriptor) [pid 6119] close(21) = -1 EBADF (Bad file descriptor) [pid 6119] close(22) = -1 EBADF (Bad file descriptor) [pid 6119] close(23) = -1 EBADF (Bad file descriptor) [pid 6119] close(24) = -1 EBADF (Bad file descriptor) [pid 6119] close(25) = -1 EBADF (Bad file descriptor) [pid 6119] close(26) = -1 EBADF (Bad file descriptor) [pid 6119] close(27) = -1 EBADF (Bad file descriptor) [pid 6119] close(28) = -1 EBADF (Bad file descriptor) [pid 6119] close(29) = -1 EBADF (Bad file descriptor) [pid 6119] exit_group(0 [pid 6121] <... futex resumed>) = ? [pid 6120] <... futex resumed>) = ? [pid 6119] <... exit_group resumed>) = ? [pid 6121] +++ exited with 0 +++ [pid 6120] +++ exited with 0 +++ [pid 6119] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1043, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=23 /* 0.23 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./347", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./347", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./347/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./347/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./347/cgroup.cpu") = 0 [pid 5063] umount2("./347/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./347/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./347/binderfs") = 0 [pid 5063] umount2("./347/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./347/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./347/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./347/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./347/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./347/file0") = 0 [pid 5063] umount2("./347/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./347/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./347/cgroup") = 0 [pid 5063] umount2("./347/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./347/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./347/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./347") = 0 [pid 5063] mkdir("./348", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6122 attached , child_tidptr=0x5555560b8690) = 1046 [pid 6122] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6122] chdir("./348") = 0 [pid 6122] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6122] setpgid(0, 0) = 0 [pid 6122] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6122] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6122] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6122] write(3, "1000", 4) = 4 [pid 6122] close(3) = 0 [pid 6122] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6122] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6122] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6122] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6122] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6122] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6122] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6123 attached => {parent_tid=[1047]}, 88) = 1047 [pid 6123] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6122] rt_sigprocmask(SIG_SETMASK, [], [pid 6123] <... rseq resumed>) = 0 [pid 6122] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6123] set_robust_list(0x7eff0a34a9a0, 24 [pid 6122] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6123] <... set_robust_list resumed>) = 0 [pid 6123] rt_sigprocmask(SIG_SETMASK, [], [pid 6122] <... futex resumed>) = 0 [pid 6123] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6122] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6123] memfd_create("syzkaller", 0) = 3 [pid 6123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6123] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6123] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6123] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6123] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6123] close(3) = 0 [pid 6123] mkdir("./file0", 0777) = 0 [pid 6123] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6123] chdir("./file0") = 0 [pid 6123] ioctl(4, LOOP_CLR_FD) = 0 [pid 6123] close(4) = 0 [pid 6123] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6122] <... futex resumed>) = 0 [pid 6123] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6122] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6123] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6123] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6122] <... futex resumed>) = 0 [ 256.139809][ T6123] loop0: detected capacity change from 0 to 4096 [ 256.158690][ T6123] ntfs: volume version 3.1. [pid 6123] <... openat resumed>) = 4 [pid 6122] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6123] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6122] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6123] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6122] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6123] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6122] <... futex resumed>) = 0 [pid 6122] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6122] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6122] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6122] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6122] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6122] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6124 attached => {parent_tid=[1048]}, 88) = 1048 [pid 6122] rt_sigprocmask(SIG_SETMASK, [], [pid 6124] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6122] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6122] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6124] set_robust_list(0x7eff0a3299a0, 24 [pid 6122] <... futex resumed>) = 0 [pid 6124] <... set_robust_list resumed>) = 0 [pid 6122] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6124] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6124] creat("./file1", 000) = 5 [pid 6124] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6122] <... futex resumed>) = 0 [pid 6124] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6123] <... write resumed>) = 1048064 [pid 6123] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6123] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6122] close(3) = 0 [pid 6122] close(4) = 0 [pid 6122] close(5) = 0 [pid 6122] close(6) = -1 EBADF (Bad file descriptor) [pid 6122] close(7) = -1 EBADF (Bad file descriptor) [pid 6122] close(8) = -1 EBADF (Bad file descriptor) [pid 6122] close(9) = -1 EBADF (Bad file descriptor) [pid 6122] close(10) = -1 EBADF (Bad file descriptor) [pid 6122] close(11) = -1 EBADF (Bad file descriptor) [pid 6122] close(12) = -1 EBADF (Bad file descriptor) [pid 6122] close(13) = -1 EBADF (Bad file descriptor) [pid 6122] close(14) = -1 EBADF (Bad file descriptor) [pid 6122] close(15) = -1 EBADF (Bad file descriptor) [pid 6122] close(16) = -1 EBADF (Bad file descriptor) [pid 6122] close(17) = -1 EBADF (Bad file descriptor) [pid 6122] close(18) = -1 EBADF (Bad file descriptor) [pid 6122] close(19) = -1 EBADF (Bad file descriptor) [pid 6122] close(20) = -1 EBADF (Bad file descriptor) [pid 6122] close(21) = -1 EBADF (Bad file descriptor) [pid 6122] close(22) = -1 EBADF (Bad file descriptor) [pid 6122] close(23) = -1 EBADF (Bad file descriptor) [pid 6122] close(24) = -1 EBADF (Bad file descriptor) [pid 6122] close(25) = -1 EBADF (Bad file descriptor) [pid 6122] close(26) = -1 EBADF (Bad file descriptor) [pid 6122] close(27) = -1 EBADF (Bad file descriptor) [pid 6122] close(28) = -1 EBADF (Bad file descriptor) [pid 6122] close(29) = -1 EBADF (Bad file descriptor) [pid 6122] exit_group(0) = ? [pid 6124] <... futex resumed>) = ? [pid 6123] <... futex resumed>) = ? [pid 6123] +++ exited with 0 +++ [pid 6124] +++ exited with 0 +++ [pid 6122] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1046, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./348", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./348", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./348/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./348/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./348/cgroup.cpu") = 0 [pid 5063] umount2("./348/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./348/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./348/binderfs") = 0 [pid 5063] umount2("./348/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./348/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./348/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./348/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./348/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./348/file0") = 0 [pid 5063] umount2("./348/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./348/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./348/cgroup") = 0 [pid 5063] umount2("./348/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./348/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./348/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./348") = 0 [pid 5063] mkdir("./349", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1049 ./strace-static-x86_64: Process 6125 attached [pid 6125] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6125] chdir("./349") = 0 [pid 6125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6125] setpgid(0, 0) = 0 [pid 6125] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6125] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6125] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6125] write(3, "1000", 4) = 4 [pid 6125] close(3) = 0 [pid 6125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6125] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6125] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6125] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6125] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6125] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6125] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6125] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6126 attached [pid 6126] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6126] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6126] rt_sigprocmask(SIG_SETMASK, [], [pid 6125] <... clone3 resumed> => {parent_tid=[1050]}, 88) = 1050 [pid 6126] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6125] rt_sigprocmask(SIG_SETMASK, [], [pid 6126] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6125] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6125] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6126] <... futex resumed>) = 0 [pid 6125] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6126] memfd_create("syzkaller", 0) = 3 [pid 6126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6126] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6126] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6126] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6126] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6126] close(3) = 0 [pid 6126] mkdir("./file0", 0777) = 0 [pid 6126] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6126] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6126] chdir("./file0") = 0 [pid 6126] ioctl(4, LOOP_CLR_FD) = 0 [pid 6126] close(4) = 0 [pid 6126] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6125] <... futex resumed>) = 0 [pid 6126] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6125] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6126] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6126] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6125] <... futex resumed>) = 0 [pid 6125] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6126] <... openat resumed>) = 4 [pid 6126] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6125] <... futex resumed>) = 0 [pid 6126] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6125] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6126] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6125] <... futex resumed>) = 0 [pid 6126] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 256.757869][ T6126] loop0: detected capacity change from 0 to 4096 [ 256.779840][ T6126] ntfs: volume version 3.1. [pid 6125] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6125] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6125] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6125] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6125] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6125] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6127 attached => {parent_tid=[1051]}, 88) = 1051 [pid 6127] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6125] rt_sigprocmask(SIG_SETMASK, [], [pid 6127] <... rseq resumed>) = 0 [pid 6125] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6127] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6125] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6127] rt_sigprocmask(SIG_SETMASK, [], [pid 6125] <... futex resumed>) = 0 [pid 6127] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6125] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6127] creat("./file1", 000) = 5 [pid 6126] <... write resumed>) = 1048064 [pid 6127] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6126] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6127] <... futex resumed>) = 1 [pid 6125] <... futex resumed>) = 0 [pid 6127] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6126] <... futex resumed>) = 0 [pid 6125] close(3) = 0 [pid 6125] close(4) = 0 [pid 6126] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6125] close(5) = 0 [pid 6125] close(6) = -1 EBADF (Bad file descriptor) [pid 6125] close(7) = -1 EBADF (Bad file descriptor) [pid 6125] close(8) = -1 EBADF (Bad file descriptor) [pid 6125] close(9) = -1 EBADF (Bad file descriptor) [pid 6125] close(10) = -1 EBADF (Bad file descriptor) [pid 6125] close(11) = -1 EBADF (Bad file descriptor) [pid 6125] close(12) = -1 EBADF (Bad file descriptor) [pid 6125] close(13) = -1 EBADF (Bad file descriptor) [pid 6125] close(14) = -1 EBADF (Bad file descriptor) [pid 6125] close(15) = -1 EBADF (Bad file descriptor) [pid 6125] close(16) = -1 EBADF (Bad file descriptor) [pid 6125] close(17) = -1 EBADF (Bad file descriptor) [pid 6125] close(18) = -1 EBADF (Bad file descriptor) [pid 6125] close(19) = -1 EBADF (Bad file descriptor) [pid 6125] close(20) = -1 EBADF (Bad file descriptor) [pid 6125] close(21) = -1 EBADF (Bad file descriptor) [pid 6125] close(22) = -1 EBADF (Bad file descriptor) [pid 6125] close(23) = -1 EBADF (Bad file descriptor) [pid 6125] close(24) = -1 EBADF (Bad file descriptor) [pid 6125] close(25) = -1 EBADF (Bad file descriptor) [pid 6125] close(26) = -1 EBADF (Bad file descriptor) [pid 6125] close(27) = -1 EBADF (Bad file descriptor) [pid 6125] close(28) = -1 EBADF (Bad file descriptor) [pid 6125] close(29) = -1 EBADF (Bad file descriptor) [pid 6125] exit_group(0) = ? [pid 6126] <... futex resumed>) = ? [pid 6127] <... futex resumed>) = ? [pid 6127] +++ exited with 0 +++ [pid 6126] +++ exited with 0 +++ [pid 6125] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1049, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./349", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./349", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./349/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./349/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./349/cgroup.cpu") = 0 [pid 5063] umount2("./349/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./349/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./349/binderfs") = 0 [pid 5063] umount2("./349/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./349/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./349/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./349/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./349/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./349/file0") = 0 [pid 5063] umount2("./349/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./349/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./349/cgroup") = 0 [pid 5063] umount2("./349/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./349/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./349/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./349") = 0 [pid 5063] mkdir("./350", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6128 attached , child_tidptr=0x5555560b8690) = 1052 [pid 6128] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6128] chdir("./350") = 0 [pid 6128] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6128] setpgid(0, 0) = 0 [pid 6128] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6128] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6128] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6128] write(3, "1000", 4) = 4 [pid 6128] close(3) = 0 [pid 6128] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6128] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6128] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6128] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6128] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6128] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6128] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6128] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6129 attached => {parent_tid=[1053]}, 88) = 1053 [pid 6129] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6128] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6128] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6128] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6129] <... rseq resumed>) = 0 [pid 6129] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6129] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6129] memfd_create("syzkaller", 0) = 3 [pid 6129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6129] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6129] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6129] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6129] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6129] close(3) = 0 [pid 6129] mkdir("./file0", 0777) = 0 [pid 6129] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6129] chdir("./file0") = 0 [pid 6129] ioctl(4, LOOP_CLR_FD) = 0 [ 257.373528][ T6129] loop0: detected capacity change from 0 to 4096 [ 257.409392][ T6129] ntfs: volume version 3.1. [pid 6129] close(4) = 0 [pid 6129] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6128] <... futex resumed>) = 0 [pid 6129] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6128] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6129] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6128] <... futex resumed>) = 0 [pid 6129] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6128] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6129] <... openat resumed>) = 4 [pid 6129] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6129] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6128] <... futex resumed>) = 0 [pid 6128] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6129] <... futex resumed>) = 0 [pid 6129] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6128] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6128] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6128] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6128] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6128] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6128] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6130 attached [pid 6130] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6128] <... clone3 resumed> => {parent_tid=[1054]}, 88) = 1054 [pid 6130] <... rseq resumed>) = 0 [pid 6128] rt_sigprocmask(SIG_SETMASK, [], [pid 6130] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6128] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6130] rt_sigprocmask(SIG_SETMASK, [], [pid 6128] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6130] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6128] <... futex resumed>) = 0 [pid 6130] creat("./file1", 000 [pid 6128] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6130] <... creat resumed>) = 5 [pid 6130] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6128] <... futex resumed>) = 0 [pid 6130] <... futex resumed>) = 1 [pid 6130] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6129] <... write resumed>) = 1048064 [pid 6129] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6128] close(3 [pid 6129] <... futex resumed>) = 0 [pid 6128] <... close resumed>) = 0 [pid 6129] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6128] close(4) = 0 [pid 6128] close(5) = 0 [pid 6128] close(6) = -1 EBADF (Bad file descriptor) [pid 6128] close(7) = -1 EBADF (Bad file descriptor) [pid 6128] close(8) = -1 EBADF (Bad file descriptor) [pid 6128] close(9) = -1 EBADF (Bad file descriptor) [pid 6128] close(10) = -1 EBADF (Bad file descriptor) [pid 6128] close(11) = -1 EBADF (Bad file descriptor) [pid 6128] close(12) = -1 EBADF (Bad file descriptor) [pid 6128] close(13) = -1 EBADF (Bad file descriptor) [pid 6128] close(14) = -1 EBADF (Bad file descriptor) [pid 6128] close(15) = -1 EBADF (Bad file descriptor) [pid 6128] close(16) = -1 EBADF (Bad file descriptor) [pid 6128] close(17) = -1 EBADF (Bad file descriptor) [pid 6128] close(18) = -1 EBADF (Bad file descriptor) [pid 6128] close(19) = -1 EBADF (Bad file descriptor) [pid 6128] close(20) = -1 EBADF (Bad file descriptor) [pid 6128] close(21) = -1 EBADF (Bad file descriptor) [pid 6128] close(22) = -1 EBADF (Bad file descriptor) [pid 6128] close(23) = -1 EBADF (Bad file descriptor) [pid 6128] close(24) = -1 EBADF (Bad file descriptor) [pid 6128] close(25) = -1 EBADF (Bad file descriptor) [pid 6128] close(26) = -1 EBADF (Bad file descriptor) [pid 6128] close(27) = -1 EBADF (Bad file descriptor) [pid 6128] close(28) = -1 EBADF (Bad file descriptor) [pid 6128] close(29) = -1 EBADF (Bad file descriptor) [pid 6128] exit_group(0 [pid 6130] <... futex resumed>) = ? [pid 6129] <... futex resumed>) = ? [pid 6128] <... exit_group resumed>) = ? [pid 6130] +++ exited with 0 +++ [pid 6129] +++ exited with 0 +++ [pid 6128] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1052, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./350", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./350", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./350/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./350/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./350/cgroup.cpu") = 0 [pid 5063] umount2("./350/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./350/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./350/binderfs") = 0 [pid 5063] umount2("./350/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./350/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./350/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./350/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./350/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./350/file0") = 0 [pid 5063] umount2("./350/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./350/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./350/cgroup") = 0 [pid 5063] umount2("./350/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./350/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./350/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./350") = 0 [pid 5063] mkdir("./351", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6131 attached [pid 6131] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1055 [pid 6131] <... set_robust_list resumed>) = 0 [pid 6131] chdir("./351") = 0 [pid 6131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6131] setpgid(0, 0) = 0 [pid 6131] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6131] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6131] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6131] write(3, "1000", 4) = 4 [pid 6131] close(3) = 0 [pid 6131] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6131] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6131] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6131] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6131] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6131] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6131] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6131] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6132 attached => {parent_tid=[1056]}, 88) = 1056 [pid 6131] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6132] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6131] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6132] set_robust_list(0x7eff0a34a9a0, 24 [pid 6131] <... futex resumed>) = 0 [pid 6132] <... set_robust_list resumed>) = 0 [pid 6131] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6132] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6132] memfd_create("syzkaller", 0) = 3 [pid 6132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6132] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6132] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6132] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6132] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6132] close(3) = 0 [pid 6132] mkdir("./file0", 0777) = 0 [pid 6132] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6132] chdir("./file0") = 0 [pid 6132] ioctl(4, LOOP_CLR_FD) = 0 [pid 6132] close(4) = 0 [ 257.917828][ T6132] loop0: detected capacity change from 0 to 4096 [ 257.938308][ T6132] ntfs: volume version 3.1. [pid 6132] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6131] <... futex resumed>) = 0 [pid 6131] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6132] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6131] <... futex resumed>) = 0 [pid 6131] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6132] <... openat resumed>) = 4 [pid 6132] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6132] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6131] <... futex resumed>) = 0 [pid 6131] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6132] <... futex resumed>) = 0 [pid 6131] <... futex resumed>) = 1 [pid 6132] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6131] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6131] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6131] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6131] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6131] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6131] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6133 attached [pid 6133] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6131] <... clone3 resumed> => {parent_tid=[1057]}, 88) = 1057 [pid 6133] <... rseq resumed>) = 0 [pid 6131] rt_sigprocmask(SIG_SETMASK, [], [pid 6133] set_robust_list(0x7eff0a3299a0, 24 [pid 6131] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6133] <... set_robust_list resumed>) = 0 [pid 6131] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6133] rt_sigprocmask(SIG_SETMASK, [], [pid 6131] <... futex resumed>) = 0 [pid 6133] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6131] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6133] creat("./file1", 000 [pid 6132] <... write resumed>) = 1048064 [pid 6132] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6132] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6133] <... creat resumed>) = 5 [pid 6133] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6131] <... futex resumed>) = 0 [pid 6133] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6131] close(3) = 0 [pid 6131] close(4) = 0 [pid 6131] close(5) = 0 [pid 6131] close(6) = -1 EBADF (Bad file descriptor) [pid 6131] close(7) = -1 EBADF (Bad file descriptor) [pid 6131] close(8) = -1 EBADF (Bad file descriptor) [pid 6131] close(9) = -1 EBADF (Bad file descriptor) [pid 6131] close(10) = -1 EBADF (Bad file descriptor) [pid 6131] close(11) = -1 EBADF (Bad file descriptor) [pid 6131] close(12) = -1 EBADF (Bad file descriptor) [pid 6131] close(13) = -1 EBADF (Bad file descriptor) [pid 6131] close(14) = -1 EBADF (Bad file descriptor) [pid 6131] close(15) = -1 EBADF (Bad file descriptor) [pid 6131] close(16) = -1 EBADF (Bad file descriptor) [pid 6131] close(17) = -1 EBADF (Bad file descriptor) [pid 6131] close(18) = -1 EBADF (Bad file descriptor) [pid 6131] close(19) = -1 EBADF (Bad file descriptor) [pid 6131] close(20) = -1 EBADF (Bad file descriptor) [pid 6131] close(21) = -1 EBADF (Bad file descriptor) [pid 6131] close(22) = -1 EBADF (Bad file descriptor) [pid 6131] close(23) = -1 EBADF (Bad file descriptor) [pid 6131] close(24) = -1 EBADF (Bad file descriptor) [pid 6131] close(25) = -1 EBADF (Bad file descriptor) [pid 6131] close(26) = -1 EBADF (Bad file descriptor) [pid 6131] close(27) = -1 EBADF (Bad file descriptor) [pid 6131] close(28) = -1 EBADF (Bad file descriptor) [pid 6131] close(29) = -1 EBADF (Bad file descriptor) [pid 6131] exit_group(0) = ? [pid 6133] <... futex resumed>) = ? [pid 6133] +++ exited with 0 +++ [pid 6132] <... futex resumed>) = ? [pid 6132] +++ exited with 0 +++ [pid 6131] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1055, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./351", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./351", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./351/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./351/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./351/cgroup.cpu") = 0 [pid 5063] umount2("./351/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./351/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./351/binderfs") = 0 [pid 5063] umount2("./351/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./351/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./351/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./351/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./351/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./351/file0") = 0 [pid 5063] umount2("./351/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./351/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./351/cgroup") = 0 [pid 5063] umount2("./351/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./351/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./351/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./351") = 0 [pid 5063] mkdir("./352", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6134 attached , child_tidptr=0x5555560b8690) = 1058 [pid 6134] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6134] chdir("./352") = 0 [pid 6134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6134] setpgid(0, 0) = 0 [pid 6134] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6134] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6134] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6134] write(3, "1000", 4) = 4 [pid 6134] close(3) = 0 [pid 6134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6134] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6134] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6134] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6134] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6134] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6134] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6134] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6135 attached [pid 6135] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6134] <... clone3 resumed> => {parent_tid=[1059]}, 88) = 1059 [pid 6135] <... rseq resumed>) = 0 [pid 6135] set_robust_list(0x7eff0a34a9a0, 24 [pid 6134] rt_sigprocmask(SIG_SETMASK, [], [pid 6135] <... set_robust_list resumed>) = 0 [pid 6135] rt_sigprocmask(SIG_SETMASK, [], [pid 6134] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6135] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6134] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6135] memfd_create("syzkaller", 0 [pid 6134] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6135] <... memfd_create resumed>) = 3 [pid 6135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6135] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6135] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6135] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6135] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6135] close(3) = 0 [pid 6135] mkdir("./file0", 0777) = 0 [pid 6135] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6135] chdir("./file0") = 0 [pid 6135] ioctl(4, LOOP_CLR_FD) = 0 [ 258.524150][ T6135] loop0: detected capacity change from 0 to 4096 [ 258.543766][ T6135] ntfs: volume version 3.1. [pid 6135] close(4) = 0 [pid 6135] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6135] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6134] <... futex resumed>) = 0 [pid 6134] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6135] <... futex resumed>) = 0 [pid 6135] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6134] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6135] <... openat resumed>) = 4 [pid 6135] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6135] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6134] <... futex resumed>) = 0 [pid 6134] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6135] <... futex resumed>) = 0 [pid 6134] <... futex resumed>) = 1 [pid 6135] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6134] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6134] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6134] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6134] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6134] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6134] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6136 attached => {parent_tid=[1060]}, 88) = 1060 [pid 6136] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6134] rt_sigprocmask(SIG_SETMASK, [], [pid 6136] set_robust_list(0x7eff0a3299a0, 24 [pid 6134] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6136] <... set_robust_list resumed>) = 0 [pid 6134] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6136] rt_sigprocmask(SIG_SETMASK, [], [pid 6134] <... futex resumed>) = 0 [pid 6136] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6134] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6136] creat("./file1", 000) = 5 [pid 6135] <... write resumed>) = 1048064 [pid 6136] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6135] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6135] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6136] <... futex resumed>) = 1 [pid 6134] <... futex resumed>) = 0 [pid 6136] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6134] close(3) = 0 [pid 6134] close(4) = 0 [pid 6134] close(5) = 0 [pid 6134] close(6) = -1 EBADF (Bad file descriptor) [pid 6134] close(7) = -1 EBADF (Bad file descriptor) [pid 6134] close(8) = -1 EBADF (Bad file descriptor) [pid 6134] close(9) = -1 EBADF (Bad file descriptor) [pid 6134] close(10) = -1 EBADF (Bad file descriptor) [pid 6134] close(11) = -1 EBADF (Bad file descriptor) [pid 6134] close(12) = -1 EBADF (Bad file descriptor) [pid 6134] close(13) = -1 EBADF (Bad file descriptor) [pid 6134] close(14) = -1 EBADF (Bad file descriptor) [pid 6134] close(15) = -1 EBADF (Bad file descriptor) [pid 6134] close(16) = -1 EBADF (Bad file descriptor) [pid 6134] close(17) = -1 EBADF (Bad file descriptor) [pid 6134] close(18) = -1 EBADF (Bad file descriptor) [pid 6134] close(19) = -1 EBADF (Bad file descriptor) [pid 6134] close(20) = -1 EBADF (Bad file descriptor) [pid 6134] close(21) = -1 EBADF (Bad file descriptor) [pid 6134] close(22) = -1 EBADF (Bad file descriptor) [pid 6134] close(23) = -1 EBADF (Bad file descriptor) [pid 6134] close(24) = -1 EBADF (Bad file descriptor) [pid 6134] close(25) = -1 EBADF (Bad file descriptor) [pid 6134] close(26) = -1 EBADF (Bad file descriptor) [pid 6134] close(27) = -1 EBADF (Bad file descriptor) [pid 6134] close(28) = -1 EBADF (Bad file descriptor) [pid 6134] close(29) = -1 EBADF (Bad file descriptor) [pid 6134] exit_group(0) = ? [pid 6135] <... futex resumed>) = ? [pid 6136] <... futex resumed>) = ? [pid 6135] +++ exited with 0 +++ [pid 6136] +++ exited with 0 +++ [pid 6134] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1058, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./352", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./352", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./352/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./352/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./352/cgroup.cpu") = 0 [pid 5063] umount2("./352/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./352/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./352/binderfs") = 0 [pid 5063] umount2("./352/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./352/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./352/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./352/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./352/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./352/file0") = 0 [pid 5063] umount2("./352/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./352/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./352/cgroup") = 0 [pid 5063] umount2("./352/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./352/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./352/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./352") = 0 [pid 5063] mkdir("./353", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1061 ./strace-static-x86_64: Process 6137 attached [pid 6137] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6137] chdir("./353") = 0 [pid 6137] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6137] setpgid(0, 0) = 0 [pid 6137] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6137] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6137] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6137] write(3, "1000", 4) = 4 [pid 6137] close(3) = 0 [pid 6137] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6137] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6137] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6137] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6137] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6137] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6137] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[1062]}, 88) = 1062 ./strace-static-x86_64: Process 6138 attached [pid 6137] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6137] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6138] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6137] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6138] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6138] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6138] memfd_create("syzkaller", 0) = 3 [pid 6138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6138] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6138] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6138] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6138] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6138] close(3) = 0 [pid 6138] mkdir("./file0", 0777) = 0 [pid 6138] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6138] chdir("./file0") = 0 [pid 6138] ioctl(4, LOOP_CLR_FD) = 0 [pid 6138] close(4) = 0 [ 259.170615][ T6138] loop0: detected capacity change from 0 to 4096 [ 259.191093][ T6138] ntfs: volume version 3.1. [pid 6138] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6137] <... futex resumed>) = 0 [pid 6138] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6137] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6138] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6137] <... futex resumed>) = 0 [pid 6138] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6137] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6138] <... openat resumed>) = 4 [pid 6138] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6138] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6137] <... futex resumed>) = 0 [pid 6137] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6138] <... futex resumed>) = 0 [pid 6138] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6137] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6137] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6137] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6137] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6137] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6137] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6139 attached [pid 6139] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6137] <... clone3 resumed> => {parent_tid=[1063]}, 88) = 1063 [pid 6139] <... rseq resumed>) = 0 [pid 6137] rt_sigprocmask(SIG_SETMASK, [], [pid 6139] set_robust_list(0x7eff0a3299a0, 24 [pid 6137] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6139] <... set_robust_list resumed>) = 0 [pid 6139] rt_sigprocmask(SIG_SETMASK, [], [pid 6137] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6139] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6137] <... futex resumed>) = 0 [pid 6139] creat("./file1", 000 [pid 6137] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6139] <... creat resumed>) = 5 [pid 6138] <... write resumed>) = 1048064 [pid 6139] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6138] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6139] <... futex resumed>) = 1 [pid 6139] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6138] <... futex resumed>) = 0 [pid 6137] <... futex resumed>) = 0 [pid 6137] close(3 [pid 6138] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6137] <... close resumed>) = 0 [pid 6137] close(4) = 0 [pid 6137] close(5) = 0 [pid 6137] close(6) = -1 EBADF (Bad file descriptor) [pid 6137] close(7) = -1 EBADF (Bad file descriptor) [pid 6137] close(8) = -1 EBADF (Bad file descriptor) [pid 6137] close(9) = -1 EBADF (Bad file descriptor) [pid 6137] close(10) = -1 EBADF (Bad file descriptor) [pid 6137] close(11) = -1 EBADF (Bad file descriptor) [pid 6137] close(12) = -1 EBADF (Bad file descriptor) [pid 6137] close(13) = -1 EBADF (Bad file descriptor) [pid 6137] close(14) = -1 EBADF (Bad file descriptor) [pid 6137] close(15) = -1 EBADF (Bad file descriptor) [pid 6137] close(16) = -1 EBADF (Bad file descriptor) [pid 6137] close(17) = -1 EBADF (Bad file descriptor) [pid 6137] close(18) = -1 EBADF (Bad file descriptor) [pid 6137] close(19) = -1 EBADF (Bad file descriptor) [pid 6137] close(20) = -1 EBADF (Bad file descriptor) [pid 6137] close(21) = -1 EBADF (Bad file descriptor) [pid 6137] close(22) = -1 EBADF (Bad file descriptor) [pid 6137] close(23) = -1 EBADF (Bad file descriptor) [pid 6137] close(24) = -1 EBADF (Bad file descriptor) [pid 6137] close(25) = -1 EBADF (Bad file descriptor) [pid 6137] close(26) = -1 EBADF (Bad file descriptor) [pid 6137] close(27) = -1 EBADF (Bad file descriptor) [pid 6137] close(28) = -1 EBADF (Bad file descriptor) [pid 6137] close(29) = -1 EBADF (Bad file descriptor) [pid 6137] exit_group(0) = ? [pid 6138] <... futex resumed>) = ? [pid 6139] <... futex resumed>) = ? [pid 6138] +++ exited with 0 +++ [pid 6139] +++ exited with 0 +++ [pid 6137] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1061, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./353", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./353", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./353/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./353/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./353/cgroup.cpu") = 0 [pid 5063] umount2("./353/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./353/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./353/binderfs") = 0 [pid 5063] umount2("./353/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./353/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./353/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./353/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./353/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./353/file0") = 0 [pid 5063] umount2("./353/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./353/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./353/cgroup") = 0 [pid 5063] umount2("./353/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./353/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./353/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./353") = 0 [pid 5063] mkdir("./354", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6140 attached , child_tidptr=0x5555560b8690) = 1064 [pid 6140] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6140] chdir("./354") = 0 [pid 6140] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6140] setpgid(0, 0) = 0 [pid 6140] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6140] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6140] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6140] write(3, "1000", 4) = 4 [pid 6140] close(3) = 0 [pid 6140] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6140] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6140] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6140] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6140] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6140] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6141 attached => {parent_tid=[1065]}, 88) = 1065 [pid 6141] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6140] rt_sigprocmask(SIG_SETMASK, [], [pid 6141] <... rseq resumed>) = 0 [pid 6140] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6141] set_robust_list(0x7eff0a34a9a0, 24 [pid 6140] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6141] <... set_robust_list resumed>) = 0 [pid 6140] <... futex resumed>) = 0 [pid 6141] rt_sigprocmask(SIG_SETMASK, [], [pid 6140] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6141] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6141] memfd_create("syzkaller", 0) = 3 [pid 6141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6141] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6141] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6141] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6141] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6141] close(3) = 0 [pid 6141] mkdir("./file0", 0777) = 0 [pid 6141] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6141] chdir("./file0") = 0 [pid 6141] ioctl(4, LOOP_CLR_FD) = 0 [pid 6141] close(4) = 0 [pid 6141] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6141] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6140] <... futex resumed>) = 0 [ 259.777230][ T6141] loop0: detected capacity change from 0 to 4096 [ 259.792866][ T6141] ntfs: volume version 3.1. [pid 6140] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6141] <... futex resumed>) = 0 [pid 6140] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6141] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6141] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6140] <... futex resumed>) = 0 [pid 6140] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6141] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6140] <... futex resumed>) = 0 [pid 6140] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6140] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6140] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6140] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6140] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6140] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6142 attached => {parent_tid=[1066]}, 88) = 1066 [pid 6142] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6140] rt_sigprocmask(SIG_SETMASK, [], [pid 6142] <... rseq resumed>) = 0 [pid 6140] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6142] set_robust_list(0x7eff0a3299a0, 24 [pid 6140] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6142] <... set_robust_list resumed>) = 0 [pid 6140] <... futex resumed>) = 0 [pid 6142] rt_sigprocmask(SIG_SETMASK, [], [pid 6140] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6142] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6142] creat("./file1", 000) = 5 [pid 6141] <... write resumed>) = 1048064 [pid 6142] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6141] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6142] <... futex resumed>) = 1 [pid 6140] <... futex resumed>) = 0 [pid 6142] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6141] <... futex resumed>) = 0 [pid 6140] close(3 [pid 6141] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6140] <... close resumed>) = 0 [pid 6140] close(4) = 0 [pid 6140] close(5) = 0 [pid 6140] close(6) = -1 EBADF (Bad file descriptor) [pid 6140] close(7) = -1 EBADF (Bad file descriptor) [pid 6140] close(8) = -1 EBADF (Bad file descriptor) [pid 6140] close(9) = -1 EBADF (Bad file descriptor) [pid 6140] close(10) = -1 EBADF (Bad file descriptor) [pid 6140] close(11) = -1 EBADF (Bad file descriptor) [pid 6140] close(12) = -1 EBADF (Bad file descriptor) [pid 6140] close(13) = -1 EBADF (Bad file descriptor) [pid 6140] close(14) = -1 EBADF (Bad file descriptor) [pid 6140] close(15) = -1 EBADF (Bad file descriptor) [pid 6140] close(16) = -1 EBADF (Bad file descriptor) [pid 6140] close(17) = -1 EBADF (Bad file descriptor) [pid 6140] close(18) = -1 EBADF (Bad file descriptor) [pid 6140] close(19) = -1 EBADF (Bad file descriptor) [pid 6140] close(20) = -1 EBADF (Bad file descriptor) [pid 6140] close(21) = -1 EBADF (Bad file descriptor) [pid 6140] close(22) = -1 EBADF (Bad file descriptor) [pid 6140] close(23) = -1 EBADF (Bad file descriptor) [pid 6140] close(24) = -1 EBADF (Bad file descriptor) [pid 6140] close(25) = -1 EBADF (Bad file descriptor) [pid 6140] close(26) = -1 EBADF (Bad file descriptor) [pid 6140] close(27) = -1 EBADF (Bad file descriptor) [pid 6140] close(28) = -1 EBADF (Bad file descriptor) [pid 6140] close(29) = -1 EBADF (Bad file descriptor) [pid 6140] exit_group(0) = ? [pid 6141] <... futex resumed>) = ? [pid 6142] <... futex resumed>) = ? [pid 6141] +++ exited with 0 +++ [pid 6142] +++ exited with 0 +++ [pid 6140] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1064, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./354", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./354", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./354/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./354/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./354/cgroup.cpu") = 0 [pid 5063] umount2("./354/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./354/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./354/binderfs") = 0 [pid 5063] umount2("./354/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./354/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./354/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./354/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./354/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./354/file0") = 0 [pid 5063] umount2("./354/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./354/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./354/cgroup") = 0 [pid 5063] umount2("./354/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./354/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./354/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./354") = 0 [pid 5063] mkdir("./355", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6143 attached , child_tidptr=0x5555560b8690) = 1067 [pid 6143] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6143] chdir("./355") = 0 [pid 6143] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6143] setpgid(0, 0) = 0 [pid 6143] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6143] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6143] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6143] write(3, "1000", 4) = 4 [pid 6143] close(3) = 0 [pid 6143] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6143] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6143] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6143] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6143] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6143] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6143] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6143] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6144 attached [pid 6144] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6143] <... clone3 resumed> => {parent_tid=[1068]}, 88) = 1068 [pid 6144] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6143] rt_sigprocmask(SIG_SETMASK, [], [pid 6144] rt_sigprocmask(SIG_SETMASK, [], [pid 6143] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6144] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6143] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6144] memfd_create("syzkaller", 0 [pid 6143] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6144] <... memfd_create resumed>) = 3 [pid 6144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6144] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6144] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6144] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6144] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6144] close(3) = 0 [pid 6144] mkdir("./file0", 0777) = 0 [pid 6144] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6144] chdir("./file0") = 0 [pid 6144] ioctl(4, LOOP_CLR_FD) = 0 [pid 6144] close(4) = 0 [pid 6144] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6143] <... futex resumed>) = 0 [ 260.304766][ T6144] loop0: detected capacity change from 0 to 4096 [ 260.341270][ T6144] ntfs: volume version 3.1. [pid 6144] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6143] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6144] <... futex resumed>) = 0 [pid 6143] <... futex resumed>) = 1 [pid 6144] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6143] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6144] <... openat resumed>) = 4 [pid 6144] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6144] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6143] <... futex resumed>) = 0 [pid 6143] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6144] <... futex resumed>) = 0 [pid 6144] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6143] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6143] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6143] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6143] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6143] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6143] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6145 attached [pid 6145] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6143] <... clone3 resumed> => {parent_tid=[1069]}, 88) = 1069 [pid 6145] <... rseq resumed>) = 0 [pid 6143] rt_sigprocmask(SIG_SETMASK, [], [pid 6145] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6143] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6145] rt_sigprocmask(SIG_SETMASK, [], [pid 6143] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6145] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6143] <... futex resumed>) = 0 [pid 6145] creat("./file1", 000 [pid 6143] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6145] <... creat resumed>) = 5 [pid 6145] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6144] <... write resumed>) = 1048064 [pid 6145] <... futex resumed>) = 1 [pid 6143] <... futex resumed>) = 0 [pid 6145] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6144] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6143] close(3 [pid 6144] <... futex resumed>) = 0 [pid 6143] <... close resumed>) = 0 [pid 6144] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6143] close(4) = 0 [pid 6143] close(5) = 0 [pid 6143] close(6) = -1 EBADF (Bad file descriptor) [pid 6143] close(7) = -1 EBADF (Bad file descriptor) [pid 6143] close(8) = -1 EBADF (Bad file descriptor) [pid 6143] close(9) = -1 EBADF (Bad file descriptor) [pid 6143] close(10) = -1 EBADF (Bad file descriptor) [pid 6143] close(11) = -1 EBADF (Bad file descriptor) [pid 6143] close(12) = -1 EBADF (Bad file descriptor) [pid 6143] close(13) = -1 EBADF (Bad file descriptor) [pid 6143] close(14) = -1 EBADF (Bad file descriptor) [pid 6143] close(15) = -1 EBADF (Bad file descriptor) [pid 6143] close(16) = -1 EBADF (Bad file descriptor) [pid 6143] close(17) = -1 EBADF (Bad file descriptor) [pid 6143] close(18) = -1 EBADF (Bad file descriptor) [pid 6143] close(19) = -1 EBADF (Bad file descriptor) [pid 6143] close(20) = -1 EBADF (Bad file descriptor) [pid 6143] close(21) = -1 EBADF (Bad file descriptor) [pid 6143] close(22) = -1 EBADF (Bad file descriptor) [pid 6143] close(23) = -1 EBADF (Bad file descriptor) [pid 6143] close(24) = -1 EBADF (Bad file descriptor) [pid 6143] close(25) = -1 EBADF (Bad file descriptor) [pid 6143] close(26) = -1 EBADF (Bad file descriptor) [pid 6143] close(27) = -1 EBADF (Bad file descriptor) [pid 6143] close(28) = -1 EBADF (Bad file descriptor) [pid 6143] close(29) = -1 EBADF (Bad file descriptor) [pid 6143] exit_group(0) = ? [pid 6144] <... futex resumed>) = ? [pid 6145] <... futex resumed>) = ? [pid 6144] +++ exited with 0 +++ [pid 6145] +++ exited with 0 +++ [pid 6143] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1067, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] umount2("./355", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./355", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./355/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./355/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./355/cgroup.cpu") = 0 [pid 5063] umount2("./355/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./355/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./355/binderfs") = 0 [pid 5063] umount2("./355/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./355/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./355/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./355/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./355/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./355/file0") = 0 [pid 5063] umount2("./355/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./355/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./355/cgroup") = 0 [pid 5063] umount2("./355/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./355/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./355/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./355") = 0 [pid 5063] mkdir("./356", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6146 attached [pid 6146] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1070 [pid 6146] <... set_robust_list resumed>) = 0 [pid 6146] chdir("./356") = 0 [pid 6146] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6146] setpgid(0, 0) = 0 [pid 6146] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6146] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6146] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6146] write(3, "1000", 4) = 4 [pid 6146] close(3) = 0 [pid 6146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6146] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6146] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6146] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6146] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6146] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6146] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6146] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6147 attached => {parent_tid=[1071]}, 88) = 1071 [pid 6147] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6147] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6147] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6147] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6146] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6146] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6147] <... futex resumed>) = 0 [pid 6146] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6147] memfd_create("syzkaller", 0) = 3 [pid 6147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6147] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6147] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6147] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6147] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6147] close(3) = 0 [pid 6147] mkdir("./file0", 0777) = 0 [ 260.932139][ T6147] loop0: detected capacity change from 0 to 4096 [ 260.947680][ T6147] __ntfs_warning: 170 callbacks suppressed [ 260.947691][ T6147] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 260.974313][ T6147] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 260.983767][ T6147] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 260.999772][ T6147] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 261.008474][ T6147] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 261.028424][ T6147] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 261.037124][ T6147] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 261.057283][ T6147] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6147] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6147] chdir("./file0") = 0 [pid 6147] ioctl(4, LOOP_CLR_FD) = 0 [pid 6147] close(4) = 0 [ 261.066036][ T6147] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 261.086028][ T6147] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 261.096666][ T6147] ntfs: volume version 3.1. [pid 6147] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6146] <... futex resumed>) = 0 [pid 6147] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6146] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6147] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6146] <... futex resumed>) = 0 [pid 6147] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6146] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6147] <... openat resumed>) = 4 [pid 6147] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6146] <... futex resumed>) = 0 [pid 6147] <... futex resumed>) = 1 [pid 6146] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6147] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6146] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6146] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6146] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6146] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6146] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6146] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1072]}, 88) = 1072 ./strace-static-x86_64: Process 6148 attached [pid 6146] rt_sigprocmask(SIG_SETMASK, [], [pid 6148] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6146] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6148] <... rseq resumed>) = 0 [pid 6146] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6148] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6148] rt_sigprocmask(SIG_SETMASK, [], [pid 6146] <... futex resumed>) = 0 [pid 6148] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6146] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6148] creat("./file1", 000) = 5 [pid 6147] <... write resumed>) = 1048064 [pid 6148] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6147] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6148] <... futex resumed>) = 1 [pid 6147] <... futex resumed>) = 0 [pid 6146] <... futex resumed>) = 0 [pid 6146] close(3) = 0 [pid 6148] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6147] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6146] close(4) = 0 [pid 6146] close(5) = 0 [pid 6146] close(6) = -1 EBADF (Bad file descriptor) [pid 6146] close(7) = -1 EBADF (Bad file descriptor) [pid 6146] close(8) = -1 EBADF (Bad file descriptor) [pid 6146] close(9) = -1 EBADF (Bad file descriptor) [pid 6146] close(10) = -1 EBADF (Bad file descriptor) [pid 6146] close(11) = -1 EBADF (Bad file descriptor) [pid 6146] close(12) = -1 EBADF (Bad file descriptor) [pid 6146] close(13) = -1 EBADF (Bad file descriptor) [pid 6146] close(14) = -1 EBADF (Bad file descriptor) [pid 6146] close(15) = -1 EBADF (Bad file descriptor) [pid 6146] close(16) = -1 EBADF (Bad file descriptor) [pid 6146] close(17) = -1 EBADF (Bad file descriptor) [pid 6146] close(18) = -1 EBADF (Bad file descriptor) [pid 6146] close(19) = -1 EBADF (Bad file descriptor) [pid 6146] close(20) = -1 EBADF (Bad file descriptor) [pid 6146] close(21) = -1 EBADF (Bad file descriptor) [pid 6146] close(22) = -1 EBADF (Bad file descriptor) [pid 6146] close(23) = -1 EBADF (Bad file descriptor) [pid 6146] close(24) = -1 EBADF (Bad file descriptor) [pid 6146] close(25) = -1 EBADF (Bad file descriptor) [pid 6146] close(26) = -1 EBADF (Bad file descriptor) [pid 6146] close(27) = -1 EBADF (Bad file descriptor) [pid 6146] close(28) = -1 EBADF (Bad file descriptor) [pid 6146] close(29) = -1 EBADF (Bad file descriptor) [pid 6146] exit_group(0 [pid 6148] <... futex resumed>) = ? [pid 6147] <... futex resumed>) = ? [pid 6146] <... exit_group resumed>) = ? [pid 6148] +++ exited with 0 +++ [pid 6147] +++ exited with 0 +++ [pid 6146] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1070, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./356", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./356", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./356/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./356/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./356/cgroup.cpu") = 0 [pid 5063] umount2("./356/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./356/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./356/binderfs") = 0 [pid 5063] umount2("./356/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./356/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./356/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./356/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./356/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./356/file0") = 0 [pid 5063] umount2("./356/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./356/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./356/cgroup") = 0 [pid 5063] umount2("./356/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./356/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./356/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./356") = 0 [pid 5063] mkdir("./357", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6149 attached , child_tidptr=0x5555560b8690) = 1073 [pid 6149] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6149] chdir("./357") = 0 [pid 6149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6149] setpgid(0, 0) = 0 [pid 6149] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6149] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6149] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6149] write(3, "1000", 4) = 4 [pid 6149] close(3) = 0 [pid 6149] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6149] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6149] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6149] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6149] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6149] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6149] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6149] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6150 attached => {parent_tid=[1074]}, 88) = 1074 [pid 6150] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6149] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6149] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6149] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6150] <... rseq resumed>) = 0 [pid 6150] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6150] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6150] memfd_create("syzkaller", 0) = 3 [pid 6150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6150] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6150] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6150] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6150] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6150] close(3) = 0 [pid 6150] mkdir("./file0", 0777) = 0 [pid 6150] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6150] chdir("./file0") = 0 [pid 6150] ioctl(4, LOOP_CLR_FD) = 0 [pid 6150] close(4) = 0 [ 261.792122][ T6150] loop0: detected capacity change from 0 to 4096 [ 261.812557][ T6150] ntfs: volume version 3.1. [pid 6150] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6149] <... futex resumed>) = 0 [pid 6150] <... futex resumed>) = 1 [pid 6150] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6149] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6150] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6149] <... futex resumed>) = 0 [pid 6150] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6149] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6150] <... openat resumed>) = 4 [pid 6150] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6149] <... futex resumed>) = 0 [pid 6150] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6149] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6150] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6149] <... futex resumed>) = 0 [pid 6150] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6149] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6149] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6149] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6149] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6149] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6149] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6151 attached => {parent_tid=[1075]}, 88) = 1075 [pid 6151] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6149] rt_sigprocmask(SIG_SETMASK, [], [pid 6151] <... rseq resumed>) = 0 [pid 6149] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6151] set_robust_list(0x7eff0a3299a0, 24 [pid 6149] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6151] <... set_robust_list resumed>) = 0 [pid 6149] <... futex resumed>) = 0 [pid 6151] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6151] creat("./file1", 000 [pid 6149] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6151] <... creat resumed>) = 5 [pid 6150] <... write resumed>) = 1048064 [pid 6151] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6150] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6151] <... futex resumed>) = 1 [pid 6150] <... futex resumed>) = 0 [pid 6151] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6150] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6149] <... futex resumed>) = 0 [pid 6149] close(3) = 0 [pid 6149] close(4) = 0 [pid 6149] close(5) = 0 [pid 6149] close(6) = -1 EBADF (Bad file descriptor) [pid 6149] close(7) = -1 EBADF (Bad file descriptor) [pid 6149] close(8) = -1 EBADF (Bad file descriptor) [pid 6149] close(9) = -1 EBADF (Bad file descriptor) [pid 6149] close(10) = -1 EBADF (Bad file descriptor) [pid 6149] close(11) = -1 EBADF (Bad file descriptor) [pid 6149] close(12) = -1 EBADF (Bad file descriptor) [pid 6149] close(13) = -1 EBADF (Bad file descriptor) [pid 6149] close(14) = -1 EBADF (Bad file descriptor) [pid 6149] close(15) = -1 EBADF (Bad file descriptor) [pid 6149] close(16) = -1 EBADF (Bad file descriptor) [pid 6149] close(17) = -1 EBADF (Bad file descriptor) [pid 6149] close(18) = -1 EBADF (Bad file descriptor) [pid 6149] close(19) = -1 EBADF (Bad file descriptor) [pid 6149] close(20) = -1 EBADF (Bad file descriptor) [pid 6149] close(21) = -1 EBADF (Bad file descriptor) [pid 6149] close(22) = -1 EBADF (Bad file descriptor) [pid 6149] close(23) = -1 EBADF (Bad file descriptor) [pid 6149] close(24) = -1 EBADF (Bad file descriptor) [pid 6149] close(25) = -1 EBADF (Bad file descriptor) [pid 6149] close(26) = -1 EBADF (Bad file descriptor) [pid 6149] close(27) = -1 EBADF (Bad file descriptor) [pid 6149] close(28) = -1 EBADF (Bad file descriptor) [pid 6149] close(29) = -1 EBADF (Bad file descriptor) [pid 6149] exit_group(0) = ? [pid 6151] <... futex resumed>) = ? [pid 6150] <... futex resumed>) = ? [pid 6151] +++ exited with 0 +++ [pid 6150] +++ exited with 0 +++ [pid 6149] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1073, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./357", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./357", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./357/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./357/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./357/cgroup.cpu") = 0 [pid 5063] umount2("./357/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./357/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./357/binderfs") = 0 [pid 5063] umount2("./357/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./357/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./357/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./357/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./357/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./357/file0") = 0 [pid 5063] umount2("./357/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./357/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./357/cgroup") = 0 [pid 5063] umount2("./357/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./357/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./357/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./357") = 0 [pid 5063] mkdir("./358", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6152 attached [pid 6152] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1076 [pid 6152] <... set_robust_list resumed>) = 0 [pid 6152] chdir("./358") = 0 [pid 6152] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6152] setpgid(0, 0) = 0 [pid 6152] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6152] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6152] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6152] write(3, "1000", 4) = 4 [pid 6152] close(3) = 0 [pid 6152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6152] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6152] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6152] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6152] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6152] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6152] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6152] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6153 attached => {parent_tid=[1077]}, 88) = 1077 [pid 6153] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6152] rt_sigprocmask(SIG_SETMASK, [], [pid 6153] <... rseq resumed>) = 0 [pid 6153] set_robust_list(0x7eff0a34a9a0, 24 [pid 6152] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6153] <... set_robust_list resumed>) = 0 [pid 6152] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6153] rt_sigprocmask(SIG_SETMASK, [], [pid 6152] <... futex resumed>) = 0 [pid 6153] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6152] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6153] memfd_create("syzkaller", 0) = 3 [pid 6153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6153] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6153] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6153] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6153] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6153] close(3) = 0 [pid 6153] mkdir("./file0", 0777) = 0 [pid 6153] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6153] chdir("./file0") = 0 [pid 6153] ioctl(4, LOOP_CLR_FD) = 0 [pid 6153] close(4) = 0 [pid 6153] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6152] <... futex resumed>) = 0 [pid 6153] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6152] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6153] <... futex resumed>) = 0 [pid 6152] <... futex resumed>) = 1 [pid 6153] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 262.327530][ T6153] loop0: detected capacity change from 0 to 4096 [ 262.357044][ T6153] ntfs: volume version 3.1. [pid 6152] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6153] <... openat resumed>) = 4 [pid 6153] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6153] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6152] <... futex resumed>) = 0 [pid 6152] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6153] <... futex resumed>) = 0 [pid 6153] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6152] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6152] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6152] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6152] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6152] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6152] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6154 attached [pid 6154] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6152] <... clone3 resumed> => {parent_tid=[1078]}, 88) = 1078 [pid 6154] set_robust_list(0x7eff0a3299a0, 24 [pid 6152] rt_sigprocmask(SIG_SETMASK, [], [pid 6154] <... set_robust_list resumed>) = 0 [pid 6152] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6154] rt_sigprocmask(SIG_SETMASK, [], [pid 6152] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6152] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6154] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6154] creat("./file1", 000) = 5 [pid 6154] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6154] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6153] <... write resumed>) = 1048064 [pid 6152] <... futex resumed>) = 0 [pid 6153] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6152] close(3) = 0 [pid 6153] <... futex resumed>) = 0 [pid 6153] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6152] close(4) = 0 [pid 6152] close(5) = 0 [pid 6152] close(6) = -1 EBADF (Bad file descriptor) [pid 6152] close(7) = -1 EBADF (Bad file descriptor) [pid 6152] close(8) = -1 EBADF (Bad file descriptor) [pid 6152] close(9) = -1 EBADF (Bad file descriptor) [pid 6152] close(10) = -1 EBADF (Bad file descriptor) [pid 6152] close(11) = -1 EBADF (Bad file descriptor) [pid 6152] close(12) = -1 EBADF (Bad file descriptor) [pid 6152] close(13) = -1 EBADF (Bad file descriptor) [pid 6152] close(14) = -1 EBADF (Bad file descriptor) [pid 6152] close(15) = -1 EBADF (Bad file descriptor) [pid 6152] close(16) = -1 EBADF (Bad file descriptor) [pid 6152] close(17) = -1 EBADF (Bad file descriptor) [pid 6152] close(18) = -1 EBADF (Bad file descriptor) [pid 6152] close(19) = -1 EBADF (Bad file descriptor) [pid 6152] close(20) = -1 EBADF (Bad file descriptor) [pid 6152] close(21) = -1 EBADF (Bad file descriptor) [pid 6152] close(22) = -1 EBADF (Bad file descriptor) [pid 6152] close(23) = -1 EBADF (Bad file descriptor) [pid 6152] close(24) = -1 EBADF (Bad file descriptor) [pid 6152] close(25) = -1 EBADF (Bad file descriptor) [pid 6152] close(26) = -1 EBADF (Bad file descriptor) [pid 6152] close(27) = -1 EBADF (Bad file descriptor) [pid 6152] close(28) = -1 EBADF (Bad file descriptor) [pid 6152] close(29) = -1 EBADF (Bad file descriptor) [pid 6152] exit_group(0 [pid 6154] <... futex resumed>) = ? [pid 6152] <... exit_group resumed>) = ? [pid 6154] +++ exited with 0 +++ [pid 6153] <... futex resumed>) = ? [pid 6153] +++ exited with 0 +++ [pid 6152] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1076, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./358", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./358", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./358/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./358/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./358/cgroup.cpu") = 0 [pid 5063] umount2("./358/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./358/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./358/binderfs") = 0 [pid 5063] umount2("./358/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./358/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./358/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./358/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./358/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./358/file0") = 0 [pid 5063] umount2("./358/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./358/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./358/cgroup") = 0 [pid 5063] umount2("./358/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./358/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./358/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./358") = 0 [pid 5063] mkdir("./359", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6155 attached [pid 6155] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1079 [pid 6155] <... set_robust_list resumed>) = 0 [pid 6155] chdir("./359") = 0 [pid 6155] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6155] setpgid(0, 0) = 0 [pid 6155] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6155] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6155] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6155] write(3, "1000", 4) = 4 [pid 6155] close(3) = 0 [pid 6155] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6155] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6155] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6155] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6155] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6155] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6155] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6156 attached [pid 6156] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6155] <... clone3 resumed> => {parent_tid=[1080]}, 88) = 1080 [pid 6156] <... rseq resumed>) = 0 [pid 6155] rt_sigprocmask(SIG_SETMASK, [], [pid 6156] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6155] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6156] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6155] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6155] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6156] memfd_create("syzkaller", 0) = 3 [pid 6156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6156] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6156] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6156] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6156] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6156] close(3) = 0 [pid 6156] mkdir("./file0", 0777) = 0 [pid 6156] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6156] chdir("./file0") = 0 [pid 6156] ioctl(4, LOOP_CLR_FD) = 0 [pid 6156] close(4) = 0 [pid 6156] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6155] <... futex resumed>) = 0 [pid 6155] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6156] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6155] <... futex resumed>) = 0 [ 262.867061][ T6156] loop0: detected capacity change from 0 to 4096 [ 262.886934][ T6156] ntfs: volume version 3.1. [pid 6155] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6156] <... openat resumed>) = 4 [pid 6156] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6155] <... futex resumed>) = 0 [pid 6156] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6155] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6156] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6155] <... futex resumed>) = 0 [pid 6156] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6155] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6155] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6155] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6155] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6155] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6155] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6157 attached => {parent_tid=[1081]}, 88) = 1081 [pid 6157] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6155] rt_sigprocmask(SIG_SETMASK, [], [pid 6157] <... rseq resumed>) = 0 [pid 6155] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6155] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6157] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6155] <... futex resumed>) = 0 [pid 6157] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6155] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6157] creat("./file1", 000) = 5 [pid 6156] <... write resumed>) = 1048064 [pid 6157] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6156] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6157] <... futex resumed>) = 1 [pid 6155] <... futex resumed>) = 0 [pid 6157] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6156] <... futex resumed>) = 0 [pid 6155] close(3 [pid 6156] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6155] <... close resumed>) = 0 [pid 6155] close(4) = 0 [pid 6155] close(5) = 0 [pid 6155] close(6) = -1 EBADF (Bad file descriptor) [pid 6155] close(7) = -1 EBADF (Bad file descriptor) [pid 6155] close(8) = -1 EBADF (Bad file descriptor) [pid 6155] close(9) = -1 EBADF (Bad file descriptor) [pid 6155] close(10) = -1 EBADF (Bad file descriptor) [pid 6155] close(11) = -1 EBADF (Bad file descriptor) [pid 6155] close(12) = -1 EBADF (Bad file descriptor) [pid 6155] close(13) = -1 EBADF (Bad file descriptor) [pid 6155] close(14) = -1 EBADF (Bad file descriptor) [pid 6155] close(15) = -1 EBADF (Bad file descriptor) [pid 6155] close(16) = -1 EBADF (Bad file descriptor) [pid 6155] close(17) = -1 EBADF (Bad file descriptor) [pid 6155] close(18) = -1 EBADF (Bad file descriptor) [pid 6155] close(19) = -1 EBADF (Bad file descriptor) [pid 6155] close(20) = -1 EBADF (Bad file descriptor) [pid 6155] close(21) = -1 EBADF (Bad file descriptor) [pid 6155] close(22) = -1 EBADF (Bad file descriptor) [pid 6155] close(23) = -1 EBADF (Bad file descriptor) [pid 6155] close(24) = -1 EBADF (Bad file descriptor) [pid 6155] close(25) = -1 EBADF (Bad file descriptor) [pid 6155] close(26) = -1 EBADF (Bad file descriptor) [pid 6155] close(27) = -1 EBADF (Bad file descriptor) [pid 6155] close(28) = -1 EBADF (Bad file descriptor) [pid 6155] close(29) = -1 EBADF (Bad file descriptor) [pid 6155] exit_group(0 [pid 6157] <... futex resumed>) = ? [pid 6156] <... futex resumed>) = ? [pid 6155] <... exit_group resumed>) = ? [pid 6157] +++ exited with 0 +++ [pid 6156] +++ exited with 0 +++ [pid 6155] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1079, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./359", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./359", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./359/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./359/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./359/cgroup.cpu") = 0 [pid 5063] umount2("./359/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./359/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./359/binderfs") = 0 [pid 5063] umount2("./359/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./359/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./359/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./359/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./359/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./359/file0") = 0 [pid 5063] umount2("./359/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./359/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./359/cgroup") = 0 [pid 5063] umount2("./359/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./359/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./359/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./359") = 0 [pid 5063] mkdir("./360", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6158 attached , child_tidptr=0x5555560b8690) = 1082 [pid 6158] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6158] chdir("./360") = 0 [pid 6158] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6158] setpgid(0, 0) = 0 [pid 6158] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6158] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6158] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6158] write(3, "1000", 4) = 4 [pid 6158] close(3) = 0 [pid 6158] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6158] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6158] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6158] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6158] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6158] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6158] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6158] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6159 attached [pid 6159] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6158] <... clone3 resumed> => {parent_tid=[1083]}, 88) = 1083 [pid 6159] <... rseq resumed>) = 0 [pid 6158] rt_sigprocmask(SIG_SETMASK, [], [pid 6159] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6158] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6159] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6158] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6159] memfd_create("syzkaller", 0 [pid 6158] <... futex resumed>) = 0 [pid 6158] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6159] <... memfd_create resumed>) = 3 [pid 6159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6159] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6159] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6159] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6159] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6159] close(3) = 0 [pid 6159] mkdir("./file0", 0777) = 0 [pid 6159] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6159] chdir("./file0") = 0 [pid 6159] ioctl(4, LOOP_CLR_FD) = 0 [pid 6159] close(4) = 0 [ 263.443480][ T6159] loop0: detected capacity change from 0 to 4096 [ 263.463850][ T6159] ntfs: volume version 3.1. [pid 6159] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6158] <... futex resumed>) = 0 [pid 6159] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6158] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6159] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6158] <... futex resumed>) = 0 [pid 6158] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6159] <... openat resumed>) = 4 [pid 6159] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6159] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6158] <... futex resumed>) = 0 [pid 6158] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6159] <... futex resumed>) = 0 [pid 6159] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6158] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6158] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6158] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6158] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6158] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6158] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6160 attached => {parent_tid=[1084]}, 88) = 1084 [pid 6158] rt_sigprocmask(SIG_SETMASK, [], [pid 6160] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6158] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6158] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6158] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6160] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6160] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6160] creat("./file1", 000) = 5 [pid 6159] <... write resumed>) = 1048064 [pid 6160] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6159] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6160] <... futex resumed>) = 1 [pid 6158] <... futex resumed>) = 0 [pid 6160] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6159] <... futex resumed>) = 0 [pid 6158] close(3 [pid 6159] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6158] <... close resumed>) = 0 [pid 6158] close(4) = 0 [pid 6158] close(5) = 0 [pid 6158] close(6) = -1 EBADF (Bad file descriptor) [pid 6158] close(7) = -1 EBADF (Bad file descriptor) [pid 6158] close(8) = -1 EBADF (Bad file descriptor) [pid 6158] close(9) = -1 EBADF (Bad file descriptor) [pid 6158] close(10) = -1 EBADF (Bad file descriptor) [pid 6158] close(11) = -1 EBADF (Bad file descriptor) [pid 6158] close(12) = -1 EBADF (Bad file descriptor) [pid 6158] close(13) = -1 EBADF (Bad file descriptor) [pid 6158] close(14) = -1 EBADF (Bad file descriptor) [pid 6158] close(15) = -1 EBADF (Bad file descriptor) [pid 6158] close(16) = -1 EBADF (Bad file descriptor) [pid 6158] close(17) = -1 EBADF (Bad file descriptor) [pid 6158] close(18) = -1 EBADF (Bad file descriptor) [pid 6158] close(19) = -1 EBADF (Bad file descriptor) [pid 6158] close(20) = -1 EBADF (Bad file descriptor) [pid 6158] close(21) = -1 EBADF (Bad file descriptor) [pid 6158] close(22) = -1 EBADF (Bad file descriptor) [pid 6158] close(23) = -1 EBADF (Bad file descriptor) [pid 6158] close(24) = -1 EBADF (Bad file descriptor) [pid 6158] close(25) = -1 EBADF (Bad file descriptor) [pid 6158] close(26) = -1 EBADF (Bad file descriptor) [pid 6158] close(27) = -1 EBADF (Bad file descriptor) [pid 6158] close(28) = -1 EBADF (Bad file descriptor) [pid 6158] close(29) = -1 EBADF (Bad file descriptor) [pid 6158] exit_group(0) = ? [pid 6160] <... futex resumed>) = ? [pid 6160] +++ exited with 0 +++ [pid 6159] <... futex resumed>) = ? [pid 6159] +++ exited with 0 +++ [pid 6158] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1082, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./360", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./360", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./360/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./360/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./360/cgroup.cpu") = 0 [pid 5063] umount2("./360/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./360/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./360/binderfs") = 0 [pid 5063] umount2("./360/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./360/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./360/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./360/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./360/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./360/file0") = 0 [pid 5063] umount2("./360/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./360/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./360/cgroup") = 0 [pid 5063] umount2("./360/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./360/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./360/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./360") = 0 [pid 5063] mkdir("./361", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6161 attached , child_tidptr=0x5555560b8690) = 1085 [pid 6161] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6161] chdir("./361") = 0 [pid 6161] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6161] setpgid(0, 0) = 0 [pid 6161] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6161] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6161] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6161] write(3, "1000", 4) = 4 [pid 6161] close(3) = 0 [pid 6161] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6161] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6161] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6161] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6161] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6161] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6161] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6161] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6162 attached [pid 6162] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6161] <... clone3 resumed> => {parent_tid=[1086]}, 88) = 1086 [pid 6162] set_robust_list(0x7eff0a34a9a0, 24 [pid 6161] rt_sigprocmask(SIG_SETMASK, [], [pid 6162] <... set_robust_list resumed>) = 0 [pid 6162] rt_sigprocmask(SIG_SETMASK, [], [pid 6161] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6162] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6161] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6161] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6162] memfd_create("syzkaller", 0) = 3 [pid 6162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6162] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6162] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6162] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6162] close(3) = 0 [pid 6162] mkdir("./file0", 0777) = 0 [pid 6162] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6162] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6162] chdir("./file0") = 0 [pid 6162] ioctl(4, LOOP_CLR_FD) = 0 [pid 6162] close(4) = 0 [pid 6162] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6161] <... futex resumed>) = 0 [pid 6162] <... futex resumed>) = 1 [pid 6161] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6161] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6162] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6162] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6161] <... futex resumed>) = 0 [pid 6162] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6161] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6162] <... futex resumed>) = 0 [pid 6161] <... futex resumed>) = 1 [pid 6162] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 264.034230][ T6162] loop0: detected capacity change from 0 to 4096 [ 264.057141][ T6162] ntfs: volume version 3.1. [pid 6161] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6161] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6161] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6161] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6161] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6161] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6163 attached => {parent_tid=[1087]}, 88) = 1087 [pid 6163] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6161] rt_sigprocmask(SIG_SETMASK, [], [pid 6163] set_robust_list(0x7eff0a3299a0, 24 [pid 6161] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6163] <... set_robust_list resumed>) = 0 [pid 6161] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6163] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6161] <... futex resumed>) = 0 [pid 6163] creat("./file1", 000 [pid 6161] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6163] <... creat resumed>) = 5 [pid 6162] <... write resumed>) = 1048064 [pid 6163] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6162] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6163] <... futex resumed>) = 1 [pid 6162] <... futex resumed>) = 0 [pid 6161] <... futex resumed>) = 0 [pid 6163] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6161] close(3) = 0 [pid 6161] close(4 [pid 6162] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6161] <... close resumed>) = 0 [pid 6161] close(5) = 0 [pid 6161] close(6) = -1 EBADF (Bad file descriptor) [pid 6161] close(7) = -1 EBADF (Bad file descriptor) [pid 6161] close(8) = -1 EBADF (Bad file descriptor) [pid 6161] close(9) = -1 EBADF (Bad file descriptor) [pid 6161] close(10) = -1 EBADF (Bad file descriptor) [pid 6161] close(11) = -1 EBADF (Bad file descriptor) [pid 6161] close(12) = -1 EBADF (Bad file descriptor) [pid 6161] close(13) = -1 EBADF (Bad file descriptor) [pid 6161] close(14) = -1 EBADF (Bad file descriptor) [pid 6161] close(15) = -1 EBADF (Bad file descriptor) [pid 6161] close(16) = -1 EBADF (Bad file descriptor) [pid 6161] close(17) = -1 EBADF (Bad file descriptor) [pid 6161] close(18) = -1 EBADF (Bad file descriptor) [pid 6161] close(19) = -1 EBADF (Bad file descriptor) [pid 6161] close(20) = -1 EBADF (Bad file descriptor) [pid 6161] close(21) = -1 EBADF (Bad file descriptor) [pid 6161] close(22) = -1 EBADF (Bad file descriptor) [pid 6161] close(23) = -1 EBADF (Bad file descriptor) [pid 6161] close(24) = -1 EBADF (Bad file descriptor) [pid 6161] close(25) = -1 EBADF (Bad file descriptor) [pid 6161] close(26) = -1 EBADF (Bad file descriptor) [pid 6161] close(27) = -1 EBADF (Bad file descriptor) [pid 6161] close(28) = -1 EBADF (Bad file descriptor) [pid 6161] close(29) = -1 EBADF (Bad file descriptor) [pid 6161] exit_group(0 [pid 6163] <... futex resumed>) = ? [pid 6162] <... futex resumed>) = ? [pid 6161] <... exit_group resumed>) = ? [pid 6163] +++ exited with 0 +++ [pid 6162] +++ exited with 0 +++ [pid 6161] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1085, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./361", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./361", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./361/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./361/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./361/cgroup.cpu") = 0 [pid 5063] umount2("./361/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./361/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./361/binderfs") = 0 [pid 5063] umount2("./361/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./361/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./361/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./361/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./361/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./361/file0") = 0 [pid 5063] umount2("./361/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./361/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./361/cgroup") = 0 [pid 5063] umount2("./361/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./361/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./361/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./361") = 0 [pid 5063] mkdir("./362", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6164 attached , child_tidptr=0x5555560b8690) = 1088 [pid 6164] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6164] chdir("./362") = 0 [pid 6164] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6164] setpgid(0, 0) = 0 [pid 6164] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6164] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6164] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6164] write(3, "1000", 4) = 4 [pid 6164] close(3) = 0 [pid 6164] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6164] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6164] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6164] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6164] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6164] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6164] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6164] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6165 attached [pid 6165] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6164] <... clone3 resumed> => {parent_tid=[1089]}, 88) = 1089 [pid 6165] <... rseq resumed>) = 0 [pid 6164] rt_sigprocmask(SIG_SETMASK, [], [pid 6165] set_robust_list(0x7eff0a34a9a0, 24 [pid 6164] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6165] <... set_robust_list resumed>) = 0 [pid 6164] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6165] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6164] <... futex resumed>) = 0 [pid 6164] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6165] memfd_create("syzkaller", 0) = 3 [pid 6165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6165] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6165] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6165] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6165] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6165] close(3) = 0 [pid 6165] mkdir("./file0", 0777) = 0 [pid 6165] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6165] chdir("./file0") = 0 [pid 6165] ioctl(4, LOOP_CLR_FD) = 0 [pid 6165] close(4) = 0 [ 264.597763][ T6165] loop0: detected capacity change from 0 to 4096 [ 264.616694][ T6165] ntfs: volume version 3.1. [pid 6165] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6164] <... futex resumed>) = 0 [pid 6165] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6164] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6164] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6165] <... openat resumed>) = 4 [pid 6165] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6165] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6164] <... futex resumed>) = 0 [pid 6164] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6165] <... futex resumed>) = 0 [pid 6164] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6165] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6164] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6164] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6164] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6164] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6164] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6164] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6166 attached => {parent_tid=[1090]}, 88) = 1090 [pid 6166] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6164] rt_sigprocmask(SIG_SETMASK, [], [pid 6166] <... rseq resumed>) = 0 [pid 6164] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6166] set_robust_list(0x7eff0a3299a0, 24 [pid 6164] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6166] <... set_robust_list resumed>) = 0 [pid 6166] rt_sigprocmask(SIG_SETMASK, [], [pid 6164] <... futex resumed>) = 0 [pid 6166] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6166] creat("./file1", 000 [pid 6164] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6166] <... creat resumed>) = 5 [pid 6165] <... write resumed>) = 1048064 [pid 6166] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6165] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6166] <... futex resumed>) = 1 [pid 6164] <... futex resumed>) = 0 [pid 6166] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6165] <... futex resumed>) = 0 [pid 6165] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6164] close(3) = 0 [pid 6164] close(4) = 0 [pid 6164] close(5) = 0 [pid 6164] close(6) = -1 EBADF (Bad file descriptor) [pid 6164] close(7) = -1 EBADF (Bad file descriptor) [pid 6164] close(8) = -1 EBADF (Bad file descriptor) [pid 6164] close(9) = -1 EBADF (Bad file descriptor) [pid 6164] close(10) = -1 EBADF (Bad file descriptor) [pid 6164] close(11) = -1 EBADF (Bad file descriptor) [pid 6164] close(12) = -1 EBADF (Bad file descriptor) [pid 6164] close(13) = -1 EBADF (Bad file descriptor) [pid 6164] close(14) = -1 EBADF (Bad file descriptor) [pid 6164] close(15) = -1 EBADF (Bad file descriptor) [pid 6164] close(16) = -1 EBADF (Bad file descriptor) [pid 6164] close(17) = -1 EBADF (Bad file descriptor) [pid 6164] close(18) = -1 EBADF (Bad file descriptor) [pid 6164] close(19) = -1 EBADF (Bad file descriptor) [pid 6164] close(20) = -1 EBADF (Bad file descriptor) [pid 6164] close(21) = -1 EBADF (Bad file descriptor) [pid 6164] close(22) = -1 EBADF (Bad file descriptor) [pid 6164] close(23) = -1 EBADF (Bad file descriptor) [pid 6164] close(24) = -1 EBADF (Bad file descriptor) [pid 6164] close(25) = -1 EBADF (Bad file descriptor) [pid 6164] close(26) = -1 EBADF (Bad file descriptor) [pid 6164] close(27) = -1 EBADF (Bad file descriptor) [pid 6164] close(28) = -1 EBADF (Bad file descriptor) [pid 6164] close(29) = -1 EBADF (Bad file descriptor) [pid 6164] exit_group(0 [pid 6166] <... futex resumed>) = ? [pid 6165] <... futex resumed>) = ? [pid 6166] +++ exited with 0 +++ [pid 6164] <... exit_group resumed>) = ? [pid 6165] +++ exited with 0 +++ [pid 6164] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1088, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./362", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./362", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./362/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./362/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./362/cgroup.cpu") = 0 [pid 5063] umount2("./362/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./362/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./362/binderfs") = 0 [pid 5063] umount2("./362/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./362/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./362/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./362/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./362/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./362/file0") = 0 [pid 5063] umount2("./362/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./362/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./362/cgroup") = 0 [pid 5063] umount2("./362/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./362/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./362/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./362") = 0 [pid 5063] mkdir("./363", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6167 attached [pid 6167] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1091 [pid 6167] <... set_robust_list resumed>) = 0 [pid 6167] chdir("./363") = 0 [pid 6167] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6167] setpgid(0, 0) = 0 [pid 6167] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6167] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6167] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6167] write(3, "1000", 4) = 4 [pid 6167] close(3) = 0 [pid 6167] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6167] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6167] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6167] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6167] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6167] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6167] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6168 attached [pid 6168] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6167] <... clone3 resumed> => {parent_tid=[1092]}, 88) = 1092 [pid 6168] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6168] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6168] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6167] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6167] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6168] <... futex resumed>) = 0 [pid 6167] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6168] memfd_create("syzkaller", 0) = 3 [pid 6168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6168] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6168] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6168] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6168] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6168] close(3) = 0 [pid 6168] mkdir("./file0", 0777) = 0 [pid 6168] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6168] chdir("./file0") = 0 [pid 6168] ioctl(4, LOOP_CLR_FD) = 0 [pid 6168] close(4) = 0 [pid 6168] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6167] <... futex resumed>) = 0 [pid 6168] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6167] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6168] <... futex resumed>) = 0 [pid 6167] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6168] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6168] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 265.125721][ T6168] loop0: detected capacity change from 0 to 4096 [ 265.157744][ T6168] ntfs: volume version 3.1. [pid 6168] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6167] <... futex resumed>) = 0 [pid 6167] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6168] <... futex resumed>) = 0 [pid 6167] <... futex resumed>) = 1 [pid 6168] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6167] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6167] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6167] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6167] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6167] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6167] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1093]}, 88) = 1093 [pid 6167] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6169 attached NULL, 8) = 0 [pid 6169] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6167] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6169] <... rseq resumed>) = 0 [pid 6169] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6167] <... futex resumed>) = 0 [pid 6169] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6167] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6169] creat("./file1", 000) = 5 [pid 6168] <... write resumed>) = 1048064 [pid 6169] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6168] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6169] <... futex resumed>) = 1 [pid 6168] <... futex resumed>) = 0 [pid 6168] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6167] <... futex resumed>) = 0 [pid 6169] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6167] close(3) = 0 [pid 6167] close(4) = 0 [pid 6167] close(5) = 0 [pid 6167] close(6) = -1 EBADF (Bad file descriptor) [pid 6167] close(7) = -1 EBADF (Bad file descriptor) [pid 6167] close(8) = -1 EBADF (Bad file descriptor) [pid 6167] close(9) = -1 EBADF (Bad file descriptor) [pid 6167] close(10) = -1 EBADF (Bad file descriptor) [pid 6167] close(11) = -1 EBADF (Bad file descriptor) [pid 6167] close(12) = -1 EBADF (Bad file descriptor) [pid 6167] close(13) = -1 EBADF (Bad file descriptor) [pid 6167] close(14) = -1 EBADF (Bad file descriptor) [pid 6167] close(15) = -1 EBADF (Bad file descriptor) [pid 6167] close(16) = -1 EBADF (Bad file descriptor) [pid 6167] close(17) = -1 EBADF (Bad file descriptor) [pid 6167] close(18) = -1 EBADF (Bad file descriptor) [pid 6167] close(19) = -1 EBADF (Bad file descriptor) [pid 6167] close(20) = -1 EBADF (Bad file descriptor) [pid 6167] close(21) = -1 EBADF (Bad file descriptor) [pid 6167] close(22) = -1 EBADF (Bad file descriptor) [pid 6167] close(23) = -1 EBADF (Bad file descriptor) [pid 6167] close(24) = -1 EBADF (Bad file descriptor) [pid 6167] close(25) = -1 EBADF (Bad file descriptor) [pid 6167] close(26) = -1 EBADF (Bad file descriptor) [pid 6167] close(27) = -1 EBADF (Bad file descriptor) [pid 6167] close(28) = -1 EBADF (Bad file descriptor) [pid 6167] close(29) = -1 EBADF (Bad file descriptor) [pid 6167] exit_group(0) = ? [pid 6169] <... futex resumed>) = ? [pid 6168] <... futex resumed>) = ? [pid 6169] +++ exited with 0 +++ [pid 6168] +++ exited with 0 +++ [pid 6167] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1091, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./363", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./363", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./363/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./363/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./363/cgroup.cpu") = 0 [pid 5063] umount2("./363/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./363/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./363/binderfs") = 0 [pid 5063] umount2("./363/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./363/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./363/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./363/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./363/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./363/file0") = 0 [pid 5063] umount2("./363/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./363/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./363/cgroup") = 0 [pid 5063] umount2("./363/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./363/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./363/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./363") = 0 [pid 5063] mkdir("./364", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6170 attached [pid 6170] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1094 [pid 6170] <... set_robust_list resumed>) = 0 [pid 6170] chdir("./364") = 0 [pid 6170] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6170] setpgid(0, 0) = 0 [pid 6170] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6170] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6170] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6170] write(3, "1000", 4) = 4 [pid 6170] close(3) = 0 [pid 6170] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6170] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6170] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6170] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6170] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6170] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6170] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6170] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6171 attached [pid 6171] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6170] <... clone3 resumed> => {parent_tid=[1095]}, 88) = 1095 [pid 6171] <... rseq resumed>) = 0 [pid 6170] rt_sigprocmask(SIG_SETMASK, [], [pid 6171] set_robust_list(0x7eff0a34a9a0, 24 [pid 6170] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6171] <... set_robust_list resumed>) = 0 [pid 6170] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6171] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6170] <... futex resumed>) = 0 [pid 6170] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6171] memfd_create("syzkaller", 0) = 3 [pid 6171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6171] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6171] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6171] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6171] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6171] close(3) = 0 [pid 6171] mkdir("./file0", 0777) = 0 [pid 6171] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6171] chdir("./file0") = 0 [pid 6171] ioctl(4, LOOP_CLR_FD) = 0 [pid 6171] close(4) = 0 [pid 6171] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6170] <... futex resumed>) = 0 [pid 6171] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6170] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 265.720215][ T6171] loop0: detected capacity change from 0 to 4096 [ 265.745121][ T6171] ntfs: volume version 3.1. [pid 6170] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6171] <... openat resumed>) = 4 [pid 6171] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6171] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6170] <... futex resumed>) = 0 [pid 6170] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6171] <... futex resumed>) = 0 [pid 6170] <... futex resumed>) = 1 [pid 6171] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6170] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6170] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6170] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6170] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6170] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6170] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6172 attached [pid 6172] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6170] <... clone3 resumed> => {parent_tid=[1096]}, 88) = 1096 [pid 6172] <... rseq resumed>) = 0 [pid 6172] set_robust_list(0x7eff0a3299a0, 24 [pid 6170] rt_sigprocmask(SIG_SETMASK, [], [pid 6172] <... set_robust_list resumed>) = 0 [pid 6172] rt_sigprocmask(SIG_SETMASK, [], [pid 6170] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6172] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6170] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6172] creat("./file1", 000 [pid 6170] <... futex resumed>) = 0 [pid 6170] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6172] <... creat resumed>) = 5 [pid 6171] <... write resumed>) = 1048064 [pid 6171] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6171] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6172] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6170] <... futex resumed>) = 0 [pid 6172] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6170] close(3) = 0 [pid 6170] close(4) = 0 [pid 6170] close(5) = 0 [pid 6170] close(6) = -1 EBADF (Bad file descriptor) [pid 6170] close(7) = -1 EBADF (Bad file descriptor) [pid 6170] close(8) = -1 EBADF (Bad file descriptor) [pid 6170] close(9) = -1 EBADF (Bad file descriptor) [pid 6170] close(10) = -1 EBADF (Bad file descriptor) [pid 6170] close(11) = -1 EBADF (Bad file descriptor) [pid 6170] close(12) = -1 EBADF (Bad file descriptor) [pid 6170] close(13) = -1 EBADF (Bad file descriptor) [pid 6170] close(14) = -1 EBADF (Bad file descriptor) [pid 6170] close(15) = -1 EBADF (Bad file descriptor) [pid 6170] close(16) = -1 EBADF (Bad file descriptor) [pid 6170] close(17) = -1 EBADF (Bad file descriptor) [pid 6170] close(18) = -1 EBADF (Bad file descriptor) [pid 6170] close(19) = -1 EBADF (Bad file descriptor) [pid 6170] close(20) = -1 EBADF (Bad file descriptor) [pid 6170] close(21) = -1 EBADF (Bad file descriptor) [pid 6170] close(22) = -1 EBADF (Bad file descriptor) [pid 6170] close(23) = -1 EBADF (Bad file descriptor) [pid 6170] close(24) = -1 EBADF (Bad file descriptor) [pid 6170] close(25) = -1 EBADF (Bad file descriptor) [pid 6170] close(26) = -1 EBADF (Bad file descriptor) [pid 6170] close(27) = -1 EBADF (Bad file descriptor) [pid 6170] close(28) = -1 EBADF (Bad file descriptor) [pid 6170] close(29) = -1 EBADF (Bad file descriptor) [pid 6170] exit_group(0) = ? [pid 6171] <... futex resumed>) = ? [pid 6172] <... futex resumed>) = ? [pid 6171] +++ exited with 0 +++ [pid 6172] +++ exited with 0 +++ [pid 6170] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1094, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./364", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./364", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./364/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./364/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./364/cgroup.cpu") = 0 [pid 5063] umount2("./364/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./364/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./364/binderfs") = 0 [pid 5063] umount2("./364/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./364/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./364/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./364/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./364/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./364/file0") = 0 [pid 5063] umount2("./364/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./364/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./364/cgroup") = 0 [pid 5063] umount2("./364/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./364/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./364/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./364") = 0 [pid 5063] mkdir("./365", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6173 attached [pid 6173] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1097 [pid 6173] <... set_robust_list resumed>) = 0 [pid 6173] chdir("./365") = 0 [pid 6173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6173] setpgid(0, 0) = 0 [pid 6173] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6173] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6173] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6173] write(3, "1000", 4) = 4 [pid 6173] close(3) = 0 [pid 6173] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6173] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6173] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6173] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6173] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6173] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6173] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6173] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6174 attached => {parent_tid=[1098]}, 88) = 1098 [pid 6174] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6173] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6173] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6173] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6174] <... rseq resumed>) = 0 [pid 6174] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6174] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6174] memfd_create("syzkaller", 0) = 3 [pid 6174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6174] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6174] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6174] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6174] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6174] close(3) = 0 [pid 6174] mkdir("./file0", 0777) = 0 [ 266.295403][ T6174] loop0: detected capacity change from 0 to 4096 [ 266.309357][ T6174] __ntfs_warning: 170 callbacks suppressed [ 266.309367][ T6174] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 266.336133][ T6174] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 266.345828][ T6174] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 266.362032][ T6174] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 266.370784][ T6174] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 266.390754][ T6174] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 266.399740][ T6174] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 266.420232][ T6174] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6174] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6174] chdir("./file0") = 0 [pid 6174] ioctl(4, LOOP_CLR_FD) = 0 [ 266.429099][ T6174] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 266.449066][ T6174] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 266.459468][ T6174] ntfs: volume version 3.1. [pid 6174] close(4) = 0 [pid 6174] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6174] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6173] <... futex resumed>) = 0 [pid 6174] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6173] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6174] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6173] <... futex resumed>) = 0 [pid 6173] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6174] <... openat resumed>) = 4 [pid 6174] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6174] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6173] <... futex resumed>) = 0 [pid 6174] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6173] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6174] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6173] <... futex resumed>) = 0 [pid 6173] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6173] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6173] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6173] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6173] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6173] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6175 attached => {parent_tid=[1099]}, 88) = 1099 [pid 6175] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6173] rt_sigprocmask(SIG_SETMASK, [], [pid 6175] <... rseq resumed>) = 0 [pid 6175] set_robust_list(0x7eff0a3299a0, 24 [pid 6173] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6175] <... set_robust_list resumed>) = 0 [pid 6175] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6173] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6175] creat("./file1", 000 [pid 6173] <... futex resumed>) = 0 [pid 6173] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6175] <... creat resumed>) = 5 [pid 6174] <... write resumed>) = 1048064 [pid 6175] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6174] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6175] <... futex resumed>) = 1 [pid 6173] <... futex resumed>) = 0 [pid 6175] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6173] close(3 [pid 6174] <... futex resumed>) = 0 [pid 6174] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6173] <... close resumed>) = 0 [pid 6173] close(4) = 0 [pid 6173] close(5) = 0 [pid 6173] close(6) = -1 EBADF (Bad file descriptor) [pid 6173] close(7) = -1 EBADF (Bad file descriptor) [pid 6173] close(8) = -1 EBADF (Bad file descriptor) [pid 6173] close(9) = -1 EBADF (Bad file descriptor) [pid 6173] close(10) = -1 EBADF (Bad file descriptor) [pid 6173] close(11) = -1 EBADF (Bad file descriptor) [pid 6173] close(12) = -1 EBADF (Bad file descriptor) [pid 6173] close(13) = -1 EBADF (Bad file descriptor) [pid 6173] close(14) = -1 EBADF (Bad file descriptor) [pid 6173] close(15) = -1 EBADF (Bad file descriptor) [pid 6173] close(16) = -1 EBADF (Bad file descriptor) [pid 6173] close(17) = -1 EBADF (Bad file descriptor) [pid 6173] close(18) = -1 EBADF (Bad file descriptor) [pid 6173] close(19) = -1 EBADF (Bad file descriptor) [pid 6173] close(20) = -1 EBADF (Bad file descriptor) [pid 6173] close(21) = -1 EBADF (Bad file descriptor) [pid 6173] close(22) = -1 EBADF (Bad file descriptor) [pid 6173] close(23) = -1 EBADF (Bad file descriptor) [pid 6173] close(24) = -1 EBADF (Bad file descriptor) [pid 6173] close(25) = -1 EBADF (Bad file descriptor) [pid 6173] close(26) = -1 EBADF (Bad file descriptor) [pid 6173] close(27) = -1 EBADF (Bad file descriptor) [pid 6173] close(28) = -1 EBADF (Bad file descriptor) [pid 6173] close(29) = -1 EBADF (Bad file descriptor) [pid 6173] exit_group(0 [pid 6174] <... futex resumed>) = ? [pid 6173] <... exit_group resumed>) = ? [pid 6175] <... futex resumed>) = ? [pid 6174] +++ exited with 0 +++ [pid 6175] +++ exited with 0 +++ [pid 6173] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1097, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./365", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./365", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./365/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./365/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./365/cgroup.cpu") = 0 [pid 5063] umount2("./365/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./365/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./365/binderfs") = 0 [pid 5063] umount2("./365/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./365/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./365/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./365/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./365/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./365/file0") = 0 [pid 5063] umount2("./365/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./365/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./365/cgroup") = 0 [pid 5063] umount2("./365/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./365/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./365/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./365") = 0 [pid 5063] mkdir("./366", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6176 attached , child_tidptr=0x5555560b8690) = 1100 [pid 6176] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6176] chdir("./366") = 0 [pid 6176] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6176] setpgid(0, 0) = 0 [pid 6176] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6176] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6176] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6176] write(3, "1000", 4) = 4 [pid 6176] close(3) = 0 [pid 6176] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6176] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6176] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6176] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6176] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6176] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6176] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6177 attached => {parent_tid=[1101]}, 88) = 1101 [pid 6177] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6176] rt_sigprocmask(SIG_SETMASK, [], [pid 6177] <... rseq resumed>) = 0 [pid 6176] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6176] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6177] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6176] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6177] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6177] memfd_create("syzkaller", 0) = 3 [pid 6177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6177] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6177] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6177] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6177] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6177] close(3) = 0 [pid 6177] mkdir("./file0", 0777) = 0 [pid 6177] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6177] chdir("./file0") = 0 [pid 6177] ioctl(4, LOOP_CLR_FD) = 0 [pid 6177] close(4) = 0 [pid 6177] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6176] <... futex resumed>) = 0 [pid 6177] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6176] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6177] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6176] <... futex resumed>) = 0 [pid 6177] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 267.068293][ T6177] loop0: detected capacity change from 0 to 4096 [ 267.087895][ T6177] ntfs: volume version 3.1. [pid 6176] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6177] <... openat resumed>) = 4 [pid 6177] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6176] <... futex resumed>) = 0 [pid 6177] <... futex resumed>) = 1 [pid 6177] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6176] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6177] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6176] <... futex resumed>) = 0 [pid 6177] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6176] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6176] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6176] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6176] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6176] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6176] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6178 attached => {parent_tid=[1102]}, 88) = 1102 [pid 6178] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6176] rt_sigprocmask(SIG_SETMASK, [], [pid 6178] <... rseq resumed>) = 0 [pid 6176] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6178] set_robust_list(0x7eff0a3299a0, 24 [pid 6176] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6178] <... set_robust_list resumed>) = 0 [pid 6176] <... futex resumed>) = 0 [pid 6178] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6176] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6178] creat("./file1", 000) = 5 [pid 6177] <... write resumed>) = 1048064 [pid 6177] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6177] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6178] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6176] <... futex resumed>) = 0 [pid 6178] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6176] close(3) = 0 [pid 6176] close(4) = 0 [pid 6176] close(5) = 0 [pid 6176] close(6) = -1 EBADF (Bad file descriptor) [pid 6176] close(7) = -1 EBADF (Bad file descriptor) [pid 6176] close(8) = -1 EBADF (Bad file descriptor) [pid 6176] close(9) = -1 EBADF (Bad file descriptor) [pid 6176] close(10) = -1 EBADF (Bad file descriptor) [pid 6176] close(11) = -1 EBADF (Bad file descriptor) [pid 6176] close(12) = -1 EBADF (Bad file descriptor) [pid 6176] close(13) = -1 EBADF (Bad file descriptor) [pid 6176] close(14) = -1 EBADF (Bad file descriptor) [pid 6176] close(15) = -1 EBADF (Bad file descriptor) [pid 6176] close(16) = -1 EBADF (Bad file descriptor) [pid 6176] close(17) = -1 EBADF (Bad file descriptor) [pid 6176] close(18) = -1 EBADF (Bad file descriptor) [pid 6176] close(19) = -1 EBADF (Bad file descriptor) [pid 6176] close(20) = -1 EBADF (Bad file descriptor) [pid 6176] close(21) = -1 EBADF (Bad file descriptor) [pid 6176] close(22) = -1 EBADF (Bad file descriptor) [pid 6176] close(23) = -1 EBADF (Bad file descriptor) [pid 6176] close(24) = -1 EBADF (Bad file descriptor) [pid 6176] close(25) = -1 EBADF (Bad file descriptor) [pid 6176] close(26) = -1 EBADF (Bad file descriptor) [pid 6176] close(27) = -1 EBADF (Bad file descriptor) [pid 6176] close(28) = -1 EBADF (Bad file descriptor) [pid 6176] close(29) = -1 EBADF (Bad file descriptor) [pid 6176] exit_group(0) = ? [pid 6178] <... futex resumed>) = ? [pid 6177] <... futex resumed>) = ? [pid 6178] +++ exited with 0 +++ [pid 6177] +++ exited with 0 +++ [pid 6176] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1100, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./366", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./366", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./366/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./366/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./366/cgroup.cpu") = 0 [pid 5063] umount2("./366/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./366/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./366/binderfs") = 0 [pid 5063] umount2("./366/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./366/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./366/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./366/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./366/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./366/file0") = 0 [pid 5063] umount2("./366/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./366/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./366/cgroup") = 0 [pid 5063] umount2("./366/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./366/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./366/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./366") = 0 [pid 5063] mkdir("./367", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6179 attached , child_tidptr=0x5555560b8690) = 1103 [pid 6179] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6179] chdir("./367") = 0 [pid 6179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6179] setpgid(0, 0) = 0 [pid 6179] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6179] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6179] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6179] write(3, "1000", 4) = 4 [pid 6179] close(3) = 0 [pid 6179] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6179] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6179] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6179] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6179] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6179] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6179] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6179] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6180 attached [pid 6180] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6179] <... clone3 resumed> => {parent_tid=[1104]}, 88) = 1104 [pid 6180] <... rseq resumed>) = 0 [pid 6179] rt_sigprocmask(SIG_SETMASK, [], [pid 6180] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6179] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6180] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6179] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6180] memfd_create("syzkaller", 0 [pid 6179] <... futex resumed>) = 0 [pid 6179] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6180] <... memfd_create resumed>) = 3 [pid 6180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6180] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6180] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6180] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6180] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6180] close(3) = 0 [pid 6180] mkdir("./file0", 0777) = 0 [pid 6180] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6180] chdir("./file0") = 0 [pid 6180] ioctl(4, LOOP_CLR_FD) = 0 [pid 6180] close(4) = 0 [pid 6180] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6179] <... futex resumed>) = 0 [pid 6180] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6179] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6179] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6180] <... openat resumed>) = 4 [pid 6180] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6179] <... futex resumed>) = 0 [pid 6180] <... futex resumed>) = 1 [pid 6179] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6180] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6179] <... futex resumed>) = 0 [ 267.669887][ T6180] loop0: detected capacity change from 0 to 4096 [ 267.691365][ T6180] ntfs: volume version 3.1. [pid 6179] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6179] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6179] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6179] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6179] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6179] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6181 attached => {parent_tid=[1105]}, 88) = 1105 [pid 6181] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6179] rt_sigprocmask(SIG_SETMASK, [], [pid 6181] <... rseq resumed>) = 0 [pid 6179] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6181] set_robust_list(0x7eff0a3299a0, 24 [pid 6179] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6181] <... set_robust_list resumed>) = 0 [pid 6179] <... futex resumed>) = 0 [pid 6181] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6179] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6181] creat("./file1", 000) = 5 [pid 6180] <... write resumed>) = 1048064 [pid 6181] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6180] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6181] <... futex resumed>) = 1 [pid 6179] <... futex resumed>) = 0 [pid 6180] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6181] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6179] close(3) = 0 [pid 6179] close(4) = 0 [pid 6179] close(5) = 0 [pid 6179] close(6) = -1 EBADF (Bad file descriptor) [pid 6179] close(7) = -1 EBADF (Bad file descriptor) [pid 6179] close(8) = -1 EBADF (Bad file descriptor) [pid 6179] close(9) = -1 EBADF (Bad file descriptor) [pid 6179] close(10) = -1 EBADF (Bad file descriptor) [pid 6179] close(11) = -1 EBADF (Bad file descriptor) [pid 6179] close(12) = -1 EBADF (Bad file descriptor) [pid 6179] close(13) = -1 EBADF (Bad file descriptor) [pid 6179] close(14) = -1 EBADF (Bad file descriptor) [pid 6179] close(15) = -1 EBADF (Bad file descriptor) [pid 6179] close(16) = -1 EBADF (Bad file descriptor) [pid 6179] close(17) = -1 EBADF (Bad file descriptor) [pid 6179] close(18) = -1 EBADF (Bad file descriptor) [pid 6179] close(19) = -1 EBADF (Bad file descriptor) [pid 6179] close(20) = -1 EBADF (Bad file descriptor) [pid 6179] close(21) = -1 EBADF (Bad file descriptor) [pid 6179] close(22) = -1 EBADF (Bad file descriptor) [pid 6179] close(23) = -1 EBADF (Bad file descriptor) [pid 6179] close(24) = -1 EBADF (Bad file descriptor) [pid 6179] close(25) = -1 EBADF (Bad file descriptor) [pid 6179] close(26) = -1 EBADF (Bad file descriptor) [pid 6179] close(27) = -1 EBADF (Bad file descriptor) [pid 6179] close(28) = -1 EBADF (Bad file descriptor) [pid 6179] close(29) = -1 EBADF (Bad file descriptor) [pid 6179] exit_group(0) = ? [pid 6181] <... futex resumed>) = ? [pid 6180] <... futex resumed>) = ? [pid 6181] +++ exited with 0 +++ [pid 6180] +++ exited with 0 +++ [pid 6179] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1103, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./367", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./367", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./367/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./367/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./367/cgroup.cpu") = 0 [pid 5063] umount2("./367/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./367/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./367/binderfs") = 0 [pid 5063] umount2("./367/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./367/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./367/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./367/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./367/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./367/file0") = 0 [pid 5063] umount2("./367/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./367/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./367/cgroup") = 0 [pid 5063] umount2("./367/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./367/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./367/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./367") = 0 [pid 5063] mkdir("./368", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6182 attached , child_tidptr=0x5555560b8690) = 1106 [pid 6182] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6182] chdir("./368") = 0 [pid 6182] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6182] setpgid(0, 0) = 0 [pid 6182] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6182] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6182] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6182] write(3, "1000", 4) = 4 [pid 6182] close(3) = 0 [pid 6182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6182] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6182] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6182] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6182] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6182] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6182] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6182] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6183 attached [pid 6183] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6182] <... clone3 resumed> => {parent_tid=[1107]}, 88) = 1107 [pid 6183] <... rseq resumed>) = 0 [pid 6182] rt_sigprocmask(SIG_SETMASK, [], [pid 6183] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6183] rt_sigprocmask(SIG_SETMASK, [], [pid 6182] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6183] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6182] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6182] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6183] memfd_create("syzkaller", 0) = 3 [pid 6183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6183] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6183] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6183] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6183] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6183] close(3) = 0 [pid 6183] mkdir("./file0", 0777) = 0 [pid 6183] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6183] chdir("./file0") = 0 [pid 6183] ioctl(4, LOOP_CLR_FD) = 0 [pid 6183] close(4) = 0 [pid 6183] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6182] <... futex resumed>) = 0 [pid 6183] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6182] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6183] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6182] <... futex resumed>) = 0 [pid 6183] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 268.210436][ T6183] loop0: detected capacity change from 0 to 4096 [ 268.230437][ T6183] ntfs: volume version 3.1. [pid 6182] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6183] <... openat resumed>) = 4 [pid 6183] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6183] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6182] <... futex resumed>) = 0 [pid 6182] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6183] <... futex resumed>) = 0 [pid 6182] <... futex resumed>) = 1 [pid 6183] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6182] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6182] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6182] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6182] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6182] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6182] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6184 attached => {parent_tid=[1108]}, 88) = 1108 [pid 6184] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6184] set_robust_list(0x7eff0a3299a0, 24 [pid 6182] rt_sigprocmask(SIG_SETMASK, [], [pid 6184] <... set_robust_list resumed>) = 0 [pid 6184] rt_sigprocmask(SIG_SETMASK, [], [pid 6182] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6184] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6182] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6184] creat("./file1", 000 [pid 6182] <... futex resumed>) = 0 [pid 6184] <... creat resumed>) = 5 [pid 6183] <... write resumed>) = 1048064 [pid 6182] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6184] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6182] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6184] <... futex resumed>) = 0 [pid 6184] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6183] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6183] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6182] close(3) = 0 [pid 6182] close(4) = 0 [pid 6182] close(5) = 0 [pid 6182] close(6) = -1 EBADF (Bad file descriptor) [pid 6182] close(7) = -1 EBADF (Bad file descriptor) [pid 6182] close(8) = -1 EBADF (Bad file descriptor) [pid 6182] close(9) = -1 EBADF (Bad file descriptor) [pid 6182] close(10) = -1 EBADF (Bad file descriptor) [pid 6182] close(11) = -1 EBADF (Bad file descriptor) [pid 6182] close(12) = -1 EBADF (Bad file descriptor) [pid 6182] close(13) = -1 EBADF (Bad file descriptor) [pid 6182] close(14) = -1 EBADF (Bad file descriptor) [pid 6182] close(15) = -1 EBADF (Bad file descriptor) [pid 6182] close(16) = -1 EBADF (Bad file descriptor) [pid 6182] close(17) = -1 EBADF (Bad file descriptor) [pid 6182] close(18) = -1 EBADF (Bad file descriptor) [pid 6182] close(19) = -1 EBADF (Bad file descriptor) [pid 6182] close(20) = -1 EBADF (Bad file descriptor) [pid 6182] close(21) = -1 EBADF (Bad file descriptor) [pid 6182] close(22) = -1 EBADF (Bad file descriptor) [pid 6182] close(23) = -1 EBADF (Bad file descriptor) [pid 6182] close(24) = -1 EBADF (Bad file descriptor) [pid 6182] close(25) = -1 EBADF (Bad file descriptor) [pid 6182] close(26) = -1 EBADF (Bad file descriptor) [pid 6182] close(27) = -1 EBADF (Bad file descriptor) [pid 6182] close(28) = -1 EBADF (Bad file descriptor) [pid 6182] close(29) = -1 EBADF (Bad file descriptor) [pid 6182] exit_group(0 [pid 6183] <... futex resumed>) = ? [pid 6184] <... futex resumed>) = ? [pid 6183] +++ exited with 0 +++ [pid 6182] <... exit_group resumed>) = ? [pid 6184] +++ exited with 0 +++ [pid 6182] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1106, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./368", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./368", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./368/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./368/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./368/cgroup.cpu") = 0 [pid 5063] umount2("./368/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./368/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./368/binderfs") = 0 [pid 5063] umount2("./368/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./368/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./368/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./368/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./368/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./368/file0") = 0 [pid 5063] umount2("./368/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./368/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./368/cgroup") = 0 [pid 5063] umount2("./368/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./368/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./368/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./368") = 0 [pid 5063] mkdir("./369", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6185 attached , child_tidptr=0x5555560b8690) = 1109 [pid 6185] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6185] chdir("./369") = 0 [pid 6185] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6185] setpgid(0, 0) = 0 [pid 6185] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6185] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6185] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6185] write(3, "1000", 4) = 4 [pid 6185] close(3) = 0 [pid 6185] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6185] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6185] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6185] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6185] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6185] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6185] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6185] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6186 attached => {parent_tid=[1110]}, 88) = 1110 [pid 6186] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6185] rt_sigprocmask(SIG_SETMASK, [], [pid 6186] <... rseq resumed>) = 0 [pid 6185] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6186] set_robust_list(0x7eff0a34a9a0, 24 [pid 6185] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6186] <... set_robust_list resumed>) = 0 [pid 6185] <... futex resumed>) = 0 [pid 6186] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6185] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6186] memfd_create("syzkaller", 0) = 3 [pid 6186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6186] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6186] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6186] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6186] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6186] close(3) = 0 [pid 6186] mkdir("./file0", 0777) = 0 [pid 6186] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6186] chdir("./file0") = 0 [pid 6186] ioctl(4, LOOP_CLR_FD) = 0 [pid 6186] close(4) = 0 [ 268.770505][ T6186] loop0: detected capacity change from 0 to 4096 [ 268.801325][ T6186] ntfs: volume version 3.1. [pid 6186] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6185] <... futex resumed>) = 0 [pid 6186] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6185] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6186] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6185] <... futex resumed>) = 0 [pid 6186] <... openat resumed>) = 4 [pid 6185] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6186] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6185] <... futex resumed>) = 0 [pid 6186] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6185] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6186] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6185] <... futex resumed>) = 0 [pid 6185] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6185] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6185] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6185] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6185] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6185] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6187 attached => {parent_tid=[1111]}, 88) = 1111 [pid 6187] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6185] rt_sigprocmask(SIG_SETMASK, [], [pid 6187] <... rseq resumed>) = 0 [pid 6185] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6187] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6185] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6187] rt_sigprocmask(SIG_SETMASK, [], [pid 6185] <... futex resumed>) = 0 [pid 6187] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6185] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6187] creat("./file1", 000) = 5 [pid 6187] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6186] <... write resumed>) = 1048064 [pid 6187] <... futex resumed>) = 1 [pid 6185] <... futex resumed>) = 0 [pid 6187] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6186] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6186] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6185] close(3) = 0 [pid 6185] close(4) = 0 [pid 6185] close(5) = 0 [pid 6185] close(6) = -1 EBADF (Bad file descriptor) [pid 6185] close(7) = -1 EBADF (Bad file descriptor) [pid 6185] close(8) = -1 EBADF (Bad file descriptor) [pid 6185] close(9) = -1 EBADF (Bad file descriptor) [pid 6185] close(10) = -1 EBADF (Bad file descriptor) [pid 6185] close(11) = -1 EBADF (Bad file descriptor) [pid 6185] close(12) = -1 EBADF (Bad file descriptor) [pid 6185] close(13) = -1 EBADF (Bad file descriptor) [pid 6185] close(14) = -1 EBADF (Bad file descriptor) [pid 6185] close(15) = -1 EBADF (Bad file descriptor) [pid 6185] close(16) = -1 EBADF (Bad file descriptor) [pid 6185] close(17) = -1 EBADF (Bad file descriptor) [pid 6185] close(18) = -1 EBADF (Bad file descriptor) [pid 6185] close(19) = -1 EBADF (Bad file descriptor) [pid 6185] close(20) = -1 EBADF (Bad file descriptor) [pid 6185] close(21) = -1 EBADF (Bad file descriptor) [pid 6185] close(22) = -1 EBADF (Bad file descriptor) [pid 6185] close(23) = -1 EBADF (Bad file descriptor) [pid 6185] close(24) = -1 EBADF (Bad file descriptor) [pid 6185] close(25) = -1 EBADF (Bad file descriptor) [pid 6185] close(26) = -1 EBADF (Bad file descriptor) [pid 6185] close(27) = -1 EBADF (Bad file descriptor) [pid 6185] close(28) = -1 EBADF (Bad file descriptor) [pid 6185] close(29) = -1 EBADF (Bad file descriptor) [pid 6185] exit_group(0 [pid 6186] <... futex resumed>) = ? [pid 6187] <... futex resumed>) = ? [pid 6185] <... exit_group resumed>) = ? [pid 6186] +++ exited with 0 +++ [pid 6187] +++ exited with 0 +++ [pid 6185] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1109, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./369", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./369", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./369/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./369/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./369/cgroup.cpu") = 0 [pid 5063] umount2("./369/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./369/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./369/binderfs") = 0 [pid 5063] umount2("./369/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./369/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./369/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./369/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./369/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./369/file0") = 0 [pid 5063] umount2("./369/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./369/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./369/cgroup") = 0 [pid 5063] umount2("./369/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./369/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./369/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./369") = 0 [pid 5063] mkdir("./370", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6188 attached , child_tidptr=0x5555560b8690) = 1112 [pid 6188] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6188] chdir("./370") = 0 [pid 6188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6188] setpgid(0, 0) = 0 [pid 6188] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6188] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6188] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6188] write(3, "1000", 4) = 4 [pid 6188] close(3) = 0 [pid 6188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6188] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6188] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6188] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6188] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6188] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6188] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6188] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6189 attached => {parent_tid=[1113]}, 88) = 1113 [pid 6189] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6188] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6188] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6188] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6189] <... rseq resumed>) = 0 [pid 6189] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6189] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6189] memfd_create("syzkaller", 0) = 3 [pid 6189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6189] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6189] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6189] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6189] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6189] close(3) = 0 [pid 6189] mkdir("./file0", 0777) = 0 [pid 6189] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6189] chdir("./file0") = 0 [pid 6189] ioctl(4, LOOP_CLR_FD) = 0 [pid 6189] close(4) = 0 [pid 6189] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6188] <... futex resumed>) = 0 [pid 6189] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6188] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6189] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6188] <... futex resumed>) = 0 [pid 6188] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6189] <... openat resumed>) = 4 [pid 6189] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6188] <... futex resumed>) = 0 [pid 6189] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6188] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6189] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6188] <... futex resumed>) = 0 [ 269.447727][ T6189] loop0: detected capacity change from 0 to 4096 [ 269.473365][ T6189] ntfs: volume version 3.1. [pid 6189] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6188] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6188] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6188] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6188] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6188] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6188] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6190 attached [pid 6190] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6188] <... clone3 resumed> => {parent_tid=[1114]}, 88) = 1114 [pid 6190] <... rseq resumed>) = 0 [pid 6188] rt_sigprocmask(SIG_SETMASK, [], [pid 6190] set_robust_list(0x7eff0a3299a0, 24 [pid 6188] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6190] <... set_robust_list resumed>) = 0 [pid 6188] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6190] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6188] <... futex resumed>) = 0 [pid 6190] creat("./file1", 000 [pid 6188] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6190] <... creat resumed>) = 5 [pid 6189] <... write resumed>) = 1048064 [pid 6190] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6189] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6190] <... futex resumed>) = 1 [pid 6188] <... futex resumed>) = 0 [pid 6190] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6189] <... futex resumed>) = 0 [pid 6188] close(3 [pid 6189] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6188] <... close resumed>) = 0 [pid 6188] close(4) = 0 [pid 6188] close(5) = 0 [pid 6188] close(6) = -1 EBADF (Bad file descriptor) [pid 6188] close(7) = -1 EBADF (Bad file descriptor) [pid 6188] close(8) = -1 EBADF (Bad file descriptor) [pid 6188] close(9) = -1 EBADF (Bad file descriptor) [pid 6188] close(10) = -1 EBADF (Bad file descriptor) [pid 6188] close(11) = -1 EBADF (Bad file descriptor) [pid 6188] close(12) = -1 EBADF (Bad file descriptor) [pid 6188] close(13) = -1 EBADF (Bad file descriptor) [pid 6188] close(14) = -1 EBADF (Bad file descriptor) [pid 6188] close(15) = -1 EBADF (Bad file descriptor) [pid 6188] close(16) = -1 EBADF (Bad file descriptor) [pid 6188] close(17) = -1 EBADF (Bad file descriptor) [pid 6188] close(18) = -1 EBADF (Bad file descriptor) [pid 6188] close(19) = -1 EBADF (Bad file descriptor) [pid 6188] close(20) = -1 EBADF (Bad file descriptor) [pid 6188] close(21) = -1 EBADF (Bad file descriptor) [pid 6188] close(22) = -1 EBADF (Bad file descriptor) [pid 6188] close(23) = -1 EBADF (Bad file descriptor) [pid 6188] close(24) = -1 EBADF (Bad file descriptor) [pid 6188] close(25) = -1 EBADF (Bad file descriptor) [pid 6188] close(26) = -1 EBADF (Bad file descriptor) [pid 6188] close(27) = -1 EBADF (Bad file descriptor) [pid 6188] close(28) = -1 EBADF (Bad file descriptor) [pid 6188] close(29) = -1 EBADF (Bad file descriptor) [pid 6188] exit_group(0) = ? [pid 6190] <... futex resumed>) = ? [pid 6189] <... futex resumed>) = ? [pid 6190] +++ exited with 0 +++ [pid 6189] +++ exited with 0 +++ [pid 6188] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1112, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./370", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./370", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./370/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./370/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./370/cgroup.cpu") = 0 [pid 5063] umount2("./370/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./370/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./370/binderfs") = 0 [pid 5063] umount2("./370/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./370/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./370/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./370/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./370/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./370/file0") = 0 [pid 5063] umount2("./370/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./370/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./370/cgroup") = 0 [pid 5063] umount2("./370/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./370/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./370/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./370") = 0 [pid 5063] mkdir("./371", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6191 attached [pid 6191] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1115 [pid 6191] <... set_robust_list resumed>) = 0 [pid 6191] chdir("./371") = 0 [pid 6191] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6191] setpgid(0, 0) = 0 [pid 6191] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6191] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6191] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6191] write(3, "1000", 4) = 4 [pid 6191] close(3) = 0 [pid 6191] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6191] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6191] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6191] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6191] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6191] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6191] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6191] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6192 attached [pid 6192] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6191] <... clone3 resumed> => {parent_tid=[1116]}, 88) = 1116 [pid 6192] set_robust_list(0x7eff0a34a9a0, 24 [pid 6191] rt_sigprocmask(SIG_SETMASK, [], [pid 6192] <... set_robust_list resumed>) = 0 [pid 6191] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6192] rt_sigprocmask(SIG_SETMASK, [], [pid 6191] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6192] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6191] <... futex resumed>) = 0 [pid 6191] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6192] memfd_create("syzkaller", 0) = 3 [pid 6192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6192] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6192] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6192] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6192] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6192] close(3) = 0 [pid 6192] mkdir("./file0", 0777) = 0 [pid 6192] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6192] chdir("./file0") = 0 [pid 6192] ioctl(4, LOOP_CLR_FD) = 0 [pid 6192] close(4) = 0 [pid 6192] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6192] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6191] <... futex resumed>) = 0 [pid 6191] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6192] <... futex resumed>) = 0 [pid 6191] <... futex resumed>) = 1 [pid 6192] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6191] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6192] <... openat resumed>) = 4 [pid 6192] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6192] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6191] <... futex resumed>) = 0 [pid 6191] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6192] <... futex resumed>) = 0 [pid 6191] <... futex resumed>) = 1 [pid 6192] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 270.024800][ T6192] loop0: detected capacity change from 0 to 4096 [ 270.050304][ T6192] ntfs: volume version 3.1. [pid 6191] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6191] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6191] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6191] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6191] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6191] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6193 attached [pid 6193] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6191] <... clone3 resumed> => {parent_tid=[1117]}, 88) = 1117 [pid 6191] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6193] <... rseq resumed>) = 0 [pid 6193] set_robust_list(0x7eff0a3299a0, 24 [pid 6191] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6193] <... set_robust_list resumed>) = 0 [pid 6191] <... futex resumed>) = 0 [pid 6193] rt_sigprocmask(SIG_SETMASK, [], [pid 6191] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6193] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6193] creat("./file1", 000) = 5 [pid 6193] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6192] <... write resumed>) = 1048064 [pid 6193] <... futex resumed>) = 1 [pid 6191] <... futex resumed>) = 0 [pid 6192] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6191] close(3 [pid 6193] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6192] <... futex resumed>) = 0 [pid 6191] <... close resumed>) = 0 [pid 6191] close(4) = 0 [pid 6191] close(5) = 0 [pid 6192] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6191] close(6) = -1 EBADF (Bad file descriptor) [pid 6191] close(7) = -1 EBADF (Bad file descriptor) [pid 6191] close(8) = -1 EBADF (Bad file descriptor) [pid 6191] close(9) = -1 EBADF (Bad file descriptor) [pid 6191] close(10) = -1 EBADF (Bad file descriptor) [pid 6191] close(11) = -1 EBADF (Bad file descriptor) [pid 6191] close(12) = -1 EBADF (Bad file descriptor) [pid 6191] close(13) = -1 EBADF (Bad file descriptor) [pid 6191] close(14) = -1 EBADF (Bad file descriptor) [pid 6191] close(15) = -1 EBADF (Bad file descriptor) [pid 6191] close(16) = -1 EBADF (Bad file descriptor) [pid 6191] close(17) = -1 EBADF (Bad file descriptor) [pid 6191] close(18) = -1 EBADF (Bad file descriptor) [pid 6191] close(19) = -1 EBADF (Bad file descriptor) [pid 6191] close(20) = -1 EBADF (Bad file descriptor) [pid 6191] close(21) = -1 EBADF (Bad file descriptor) [pid 6191] close(22) = -1 EBADF (Bad file descriptor) [pid 6191] close(23) = -1 EBADF (Bad file descriptor) [pid 6191] close(24) = -1 EBADF (Bad file descriptor) [pid 6191] close(25) = -1 EBADF (Bad file descriptor) [pid 6191] close(26) = -1 EBADF (Bad file descriptor) [pid 6191] close(27) = -1 EBADF (Bad file descriptor) [pid 6191] close(28) = -1 EBADF (Bad file descriptor) [pid 6191] close(29) = -1 EBADF (Bad file descriptor) [pid 6191] exit_group(0) = ? [pid 6193] <... futex resumed>) = ? [pid 6192] <... futex resumed>) = ? [pid 6193] +++ exited with 0 +++ [pid 6192] +++ exited with 0 +++ [pid 6191] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1115, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./371", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./371", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./371/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./371/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./371/cgroup.cpu") = 0 [pid 5063] umount2("./371/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./371/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./371/binderfs") = 0 [pid 5063] umount2("./371/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./371/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./371/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./371/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./371/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./371/file0") = 0 [pid 5063] umount2("./371/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./371/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./371/cgroup") = 0 [pid 5063] umount2("./371/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./371/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./371/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./371") = 0 [pid 5063] mkdir("./372", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6194 attached [pid 6194] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1118 [pid 6194] <... set_robust_list resumed>) = 0 [pid 6194] chdir("./372") = 0 [pid 6194] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6194] setpgid(0, 0) = 0 [pid 6194] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6194] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6194] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6194] write(3, "1000", 4) = 4 [pid 6194] close(3) = 0 [pid 6194] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6194] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6194] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6194] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6194] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6194] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6194] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6194] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6195 attached => {parent_tid=[1119]}, 88) = 1119 [pid 6195] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6194] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6194] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6195] <... rseq resumed>) = 0 [pid 6195] set_robust_list(0x7eff0a34a9a0, 24 [pid 6194] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6195] <... set_robust_list resumed>) = 0 [pid 6195] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6195] memfd_create("syzkaller", 0) = 3 [pid 6195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6195] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6195] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6195] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6195] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6195] close(3) = 0 [pid 6195] mkdir("./file0", 0777) = 0 [pid 6195] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6195] chdir("./file0") = 0 [pid 6195] ioctl(4, LOOP_CLR_FD) = 0 [ 270.720013][ T6195] loop0: detected capacity change from 0 to 4096 [ 270.740530][ T6195] ntfs: volume version 3.1. [pid 6195] close(4) = 0 [pid 6195] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6194] <... futex resumed>) = 0 [pid 6195] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6194] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6194] <... futex resumed>) = 0 [pid 6195] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6194] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6195] <... openat resumed>) = 4 [pid 6195] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6194] <... futex resumed>) = 0 [pid 6195] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6194] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6195] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6194] <... futex resumed>) = 0 [pid 6195] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6194] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6194] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6194] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6194] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6194] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6194] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6196 attached => {parent_tid=[1120]}, 88) = 1120 [pid 6196] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6194] rt_sigprocmask(SIG_SETMASK, [], [pid 6196] <... rseq resumed>) = 0 [pid 6194] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6196] set_robust_list(0x7eff0a3299a0, 24 [pid 6194] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6196] <... set_robust_list resumed>) = 0 [pid 6194] <... futex resumed>) = 0 [pid 6196] rt_sigprocmask(SIG_SETMASK, [], [pid 6194] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6196] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6196] creat("./file1", 000) = 5 [pid 6195] <... write resumed>) = 1048064 [pid 6196] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6195] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6195] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6196] <... futex resumed>) = 1 [pid 6194] <... futex resumed>) = 0 [pid 6196] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6194] close(3) = 0 [pid 6194] close(4) = 0 [pid 6194] close(5) = 0 [pid 6194] close(6) = -1 EBADF (Bad file descriptor) [pid 6194] close(7) = -1 EBADF (Bad file descriptor) [pid 6194] close(8) = -1 EBADF (Bad file descriptor) [pid 6194] close(9) = -1 EBADF (Bad file descriptor) [pid 6194] close(10) = -1 EBADF (Bad file descriptor) [pid 6194] close(11) = -1 EBADF (Bad file descriptor) [pid 6194] close(12) = -1 EBADF (Bad file descriptor) [pid 6194] close(13) = -1 EBADF (Bad file descriptor) [pid 6194] close(14) = -1 EBADF (Bad file descriptor) [pid 6194] close(15) = -1 EBADF (Bad file descriptor) [pid 6194] close(16) = -1 EBADF (Bad file descriptor) [pid 6194] close(17) = -1 EBADF (Bad file descriptor) [pid 6194] close(18) = -1 EBADF (Bad file descriptor) [pid 6194] close(19) = -1 EBADF (Bad file descriptor) [pid 6194] close(20) = -1 EBADF (Bad file descriptor) [pid 6194] close(21) = -1 EBADF (Bad file descriptor) [pid 6194] close(22) = -1 EBADF (Bad file descriptor) [pid 6194] close(23) = -1 EBADF (Bad file descriptor) [pid 6194] close(24) = -1 EBADF (Bad file descriptor) [pid 6194] close(25) = -1 EBADF (Bad file descriptor) [pid 6194] close(26) = -1 EBADF (Bad file descriptor) [pid 6194] close(27) = -1 EBADF (Bad file descriptor) [pid 6194] close(28) = -1 EBADF (Bad file descriptor) [pid 6194] close(29) = -1 EBADF (Bad file descriptor) [pid 6194] exit_group(0) = ? [pid 6195] <... futex resumed>) = ? [pid 6196] <... futex resumed>) = ? [pid 6196] +++ exited with 0 +++ [pid 6195] +++ exited with 0 +++ [pid 6194] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1118, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./372", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./372", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./372/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./372/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./372/cgroup.cpu") = 0 [pid 5063] umount2("./372/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./372/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./372/binderfs") = 0 [pid 5063] umount2("./372/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./372/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./372/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./372/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./372/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./372/file0") = 0 [pid 5063] umount2("./372/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./372/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./372/cgroup") = 0 [pid 5063] umount2("./372/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./372/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./372/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./372") = 0 [pid 5063] mkdir("./373", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6197 attached , child_tidptr=0x5555560b8690) = 1121 [pid 6197] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6197] chdir("./373") = 0 [pid 6197] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6197] setpgid(0, 0) = 0 [pid 6197] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6197] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6197] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6197] write(3, "1000", 4) = 4 [pid 6197] close(3) = 0 [pid 6197] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6197] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6197] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6197] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6197] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6197] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6197] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6197] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6198 attached [pid 6198] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6197] <... clone3 resumed> => {parent_tid=[1122]}, 88) = 1122 [pid 6198] set_robust_list(0x7eff0a34a9a0, 24 [pid 6197] rt_sigprocmask(SIG_SETMASK, [], [pid 6198] <... set_robust_list resumed>) = 0 [pid 6198] rt_sigprocmask(SIG_SETMASK, [], [pid 6197] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6198] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6197] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6197] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6198] memfd_create("syzkaller", 0) = 3 [pid 6198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6198] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6198] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6198] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6198] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6198] close(3) = 0 [pid 6198] mkdir("./file0", 0777) = 0 [pid 6198] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6198] chdir("./file0") = 0 [pid 6198] ioctl(4, LOOP_CLR_FD) = 0 [pid 6198] close(4) = 0 [pid 6198] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6197] <... futex resumed>) = 0 [pid 6198] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6197] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6197] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6198] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6198] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [ 271.258927][ T6198] loop0: detected capacity change from 0 to 4096 [ 271.285870][ T6198] ntfs: volume version 3.1. [pid 6198] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6197] <... futex resumed>) = 0 [pid 6198] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6197] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6198] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6197] <... futex resumed>) = 0 [pid 6198] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6197] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6197] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6197] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6197] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6197] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6197] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6199 attached => {parent_tid=[1123]}, 88) = 1123 [pid 6199] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6197] rt_sigprocmask(SIG_SETMASK, [], [pid 6199] <... rseq resumed>) = 0 [pid 6199] set_robust_list(0x7eff0a3299a0, 24 [pid 6197] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6199] <... set_robust_list resumed>) = 0 [pid 6197] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6199] rt_sigprocmask(SIG_SETMASK, [], [pid 6197] <... futex resumed>) = 0 [pid 6199] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6197] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6199] creat("./file1", 000) = 5 [pid 6199] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6197] <... futex resumed>) = 0 [pid 6199] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6198] <... write resumed>) = 1048064 [pid 6198] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6197] close(3) = 0 [pid 6197] close(4 [pid 6198] <... futex resumed>) = 0 [pid 6198] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6197] <... close resumed>) = 0 [pid 6197] close(5) = 0 [pid 6197] close(6) = -1 EBADF (Bad file descriptor) [pid 6197] close(7) = -1 EBADF (Bad file descriptor) [pid 6197] close(8) = -1 EBADF (Bad file descriptor) [pid 6197] close(9) = -1 EBADF (Bad file descriptor) [pid 6197] close(10) = -1 EBADF (Bad file descriptor) [pid 6197] close(11) = -1 EBADF (Bad file descriptor) [pid 6197] close(12) = -1 EBADF (Bad file descriptor) [pid 6197] close(13) = -1 EBADF (Bad file descriptor) [pid 6197] close(14) = -1 EBADF (Bad file descriptor) [pid 6197] close(15) = -1 EBADF (Bad file descriptor) [pid 6197] close(16) = -1 EBADF (Bad file descriptor) [pid 6197] close(17) = -1 EBADF (Bad file descriptor) [pid 6197] close(18) = -1 EBADF (Bad file descriptor) [pid 6197] close(19) = -1 EBADF (Bad file descriptor) [pid 6197] close(20) = -1 EBADF (Bad file descriptor) [pid 6197] close(21) = -1 EBADF (Bad file descriptor) [pid 6197] close(22) = -1 EBADF (Bad file descriptor) [pid 6197] close(23) = -1 EBADF (Bad file descriptor) [pid 6197] close(24) = -1 EBADF (Bad file descriptor) [pid 6197] close(25) = -1 EBADF (Bad file descriptor) [pid 6197] close(26) = -1 EBADF (Bad file descriptor) [pid 6197] close(27) = -1 EBADF (Bad file descriptor) [pid 6197] close(28) = -1 EBADF (Bad file descriptor) [pid 6197] close(29) = -1 EBADF (Bad file descriptor) [pid 6197] exit_group(0 [pid 6199] <... futex resumed>) = ? [pid 6197] <... exit_group resumed>) = ? [pid 6198] <... futex resumed>) = ? [pid 6199] +++ exited with 0 +++ [pid 6198] +++ exited with 0 +++ [pid 6197] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1121, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./373", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./373", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./373/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./373/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./373/cgroup.cpu") = 0 [pid 5063] umount2("./373/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./373/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./373/binderfs") = 0 [pid 5063] umount2("./373/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./373/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./373/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./373/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./373/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./373/file0") = 0 [pid 5063] umount2("./373/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./373/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./373/cgroup") = 0 [pid 5063] umount2("./373/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./373/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./373/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./373") = 0 [pid 5063] mkdir("./374", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6200 attached [pid 6200] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1124 [pid 6200] <... set_robust_list resumed>) = 0 [pid 6200] chdir("./374") = 0 [pid 6200] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6200] setpgid(0, 0) = 0 [pid 6200] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6200] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6200] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6200] write(3, "1000", 4) = 4 [pid 6200] close(3) = 0 [pid 6200] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6200] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6200] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6200] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6200] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6200] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6200] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6200] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6201 attached => {parent_tid=[1125]}, 88) = 1125 [pid 6201] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6200] rt_sigprocmask(SIG_SETMASK, [], [pid 6201] <... rseq resumed>) = 0 [pid 6200] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6201] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6200] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6201] rt_sigprocmask(SIG_SETMASK, [], [pid 6200] <... futex resumed>) = 0 [pid 6201] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6200] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6201] memfd_create("syzkaller", 0) = 3 [pid 6201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6201] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6201] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6201] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6201] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6201] close(3) = 0 [pid 6201] mkdir("./file0", 0777) = 0 [ 271.831760][ T6201] loop0: detected capacity change from 0 to 4096 [ 271.846029][ T6201] __ntfs_warning: 170 callbacks suppressed [ 271.846043][ T6201] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 271.872759][ T6201] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 271.882464][ T6201] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 271.898176][ T6201] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 271.906901][ T6201] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 271.926869][ T6201] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 271.935608][ T6201] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 271.955846][ T6201] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6201] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6201] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6201] chdir("./file0") = 0 [pid 6201] ioctl(4, LOOP_CLR_FD) = 0 [ 271.964734][ T6201] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 271.984771][ T6201] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 271.995353][ T6201] ntfs: volume version 3.1. [pid 6201] close(4) = 0 [pid 6201] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6200] <... futex resumed>) = 0 [pid 6201] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6200] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6201] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6200] <... futex resumed>) = 0 [pid 6201] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6200] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6201] <... openat resumed>) = 4 [pid 6201] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6201] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6200] <... futex resumed>) = 0 [pid 6200] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6201] <... futex resumed>) = 0 [pid 6200] <... futex resumed>) = 1 [pid 6201] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6200] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6200] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6200] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6200] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6200] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6200] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6202 attached [pid 6202] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6200] <... clone3 resumed> => {parent_tid=[1126]}, 88) = 1126 [pid 6202] <... rseq resumed>) = 0 [pid 6202] set_robust_list(0x7eff0a3299a0, 24 [pid 6200] rt_sigprocmask(SIG_SETMASK, [], [pid 6202] <... set_robust_list resumed>) = 0 [pid 6200] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6202] rt_sigprocmask(SIG_SETMASK, [], [pid 6200] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6202] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6200] <... futex resumed>) = 0 [pid 6202] creat("./file1", 000 [pid 6200] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6202] <... creat resumed>) = 5 [pid 6201] <... write resumed>) = 1048064 [pid 6201] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6201] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6202] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6200] <... futex resumed>) = 0 [pid 6202] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6200] close(3) = 0 [pid 6200] close(4) = 0 [pid 6200] close(5) = 0 [pid 6200] close(6) = -1 EBADF (Bad file descriptor) [pid 6200] close(7) = -1 EBADF (Bad file descriptor) [pid 6200] close(8) = -1 EBADF (Bad file descriptor) [pid 6200] close(9) = -1 EBADF (Bad file descriptor) [pid 6200] close(10) = -1 EBADF (Bad file descriptor) [pid 6200] close(11) = -1 EBADF (Bad file descriptor) [pid 6200] close(12) = -1 EBADF (Bad file descriptor) [pid 6200] close(13) = -1 EBADF (Bad file descriptor) [pid 6200] close(14) = -1 EBADF (Bad file descriptor) [pid 6200] close(15) = -1 EBADF (Bad file descriptor) [pid 6200] close(16) = -1 EBADF (Bad file descriptor) [pid 6200] close(17) = -1 EBADF (Bad file descriptor) [pid 6200] close(18) = -1 EBADF (Bad file descriptor) [pid 6200] close(19) = -1 EBADF (Bad file descriptor) [pid 6200] close(20) = -1 EBADF (Bad file descriptor) [pid 6200] close(21) = -1 EBADF (Bad file descriptor) [pid 6200] close(22) = -1 EBADF (Bad file descriptor) [pid 6200] close(23) = -1 EBADF (Bad file descriptor) [pid 6200] close(24) = -1 EBADF (Bad file descriptor) [pid 6200] close(25) = -1 EBADF (Bad file descriptor) [pid 6200] close(26) = -1 EBADF (Bad file descriptor) [pid 6200] close(27) = -1 EBADF (Bad file descriptor) [pid 6200] close(28) = -1 EBADF (Bad file descriptor) [pid 6200] close(29) = -1 EBADF (Bad file descriptor) [pid 6200] exit_group(0) = ? [pid 6202] <... futex resumed>) = ? [pid 6201] <... futex resumed>) = ? [pid 6202] +++ exited with 0 +++ [pid 6201] +++ exited with 0 +++ [pid 6200] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1124, si_uid=0, si_status=0, si_utime=0, si_stime=28 /* 0.28 s */} --- [pid 5063] umount2("./374", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./374", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./374/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./374/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./374/cgroup.cpu") = 0 [pid 5063] umount2("./374/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./374/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./374/binderfs") = 0 [pid 5063] umount2("./374/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./374/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./374/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./374/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./374/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./374/file0") = 0 [pid 5063] umount2("./374/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./374/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./374/cgroup") = 0 [pid 5063] umount2("./374/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./374/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./374/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./374") = 0 [pid 5063] mkdir("./375", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6203 attached [pid 6203] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1127 [pid 6203] <... set_robust_list resumed>) = 0 [pid 6203] chdir("./375") = 0 [pid 6203] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6203] setpgid(0, 0) = 0 [pid 6203] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6203] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6203] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6203] write(3, "1000", 4) = 4 [pid 6203] close(3) = 0 [pid 6203] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6203] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6203] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6203] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6203] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6203] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6203] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6203] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6204 attached => {parent_tid=[1128]}, 88) = 1128 [pid 6204] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6203] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6204] <... rseq resumed>) = 0 [pid 6203] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6203] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6204] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6204] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6204] memfd_create("syzkaller", 0) = 3 [pid 6204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6204] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6204] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6204] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6204] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6204] close(3) = 0 [pid 6204] mkdir("./file0", 0777) = 0 [pid 6204] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6204] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6204] chdir("./file0") = 0 [pid 6204] ioctl(4, LOOP_CLR_FD) = 0 [pid 6204] close(4) = 0 [pid 6204] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6203] <... futex resumed>) = 0 [pid 6204] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6203] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6204] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6203] <... futex resumed>) = 0 [pid 6204] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6203] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6204] <... openat resumed>) = 4 [ 272.591592][ T6204] loop0: detected capacity change from 0 to 4096 [ 272.610431][ T6204] ntfs: volume version 3.1. [pid 6204] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6203] <... futex resumed>) = 0 [pid 6204] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6203] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6203] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6203] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6203] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6203] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6203] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6203] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6205 attached [pid 6205] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6205] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6205] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6205] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6203] <... clone3 resumed> => {parent_tid=[1129]}, 88) = 1129 [pid 6203] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6203] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6205] <... futex resumed>) = 0 [pid 6203] <... futex resumed>) = 1 [pid 6205] creat("./file1", 000 [pid 6203] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6205] <... creat resumed>) = 5 [pid 6204] <... write resumed>) = 1048064 [pid 6205] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6204] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6204] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6205] <... futex resumed>) = 1 [pid 6203] <... futex resumed>) = 0 [pid 6205] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6203] close(3) = 0 [pid 6203] close(4) = 0 [pid 6203] close(5) = 0 [pid 6203] close(6) = -1 EBADF (Bad file descriptor) [pid 6203] close(7) = -1 EBADF (Bad file descriptor) [pid 6203] close(8) = -1 EBADF (Bad file descriptor) [pid 6203] close(9) = -1 EBADF (Bad file descriptor) [pid 6203] close(10) = -1 EBADF (Bad file descriptor) [pid 6203] close(11) = -1 EBADF (Bad file descriptor) [pid 6203] close(12) = -1 EBADF (Bad file descriptor) [pid 6203] close(13) = -1 EBADF (Bad file descriptor) [pid 6203] close(14) = -1 EBADF (Bad file descriptor) [pid 6203] close(15) = -1 EBADF (Bad file descriptor) [pid 6203] close(16) = -1 EBADF (Bad file descriptor) [pid 6203] close(17) = -1 EBADF (Bad file descriptor) [pid 6203] close(18) = -1 EBADF (Bad file descriptor) [pid 6203] close(19) = -1 EBADF (Bad file descriptor) [pid 6203] close(20) = -1 EBADF (Bad file descriptor) [pid 6203] close(21) = -1 EBADF (Bad file descriptor) [pid 6203] close(22) = -1 EBADF (Bad file descriptor) [pid 6203] close(23) = -1 EBADF (Bad file descriptor) [pid 6203] close(24) = -1 EBADF (Bad file descriptor) [pid 6203] close(25) = -1 EBADF (Bad file descriptor) [pid 6203] close(26) = -1 EBADF (Bad file descriptor) [pid 6203] close(27) = -1 EBADF (Bad file descriptor) [pid 6203] close(28) = -1 EBADF (Bad file descriptor) [pid 6203] close(29) = -1 EBADF (Bad file descriptor) [pid 6203] exit_group(0 [pid 6204] <... futex resumed>) = ? [pid 6203] <... exit_group resumed>) = ? [pid 6205] <... futex resumed>) = ? [pid 6204] +++ exited with 0 +++ [pid 6205] +++ exited with 0 +++ [pid 6203] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1127, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./375", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./375", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./375/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./375/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./375/cgroup.cpu") = 0 [pid 5063] umount2("./375/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./375/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./375/binderfs") = 0 [pid 5063] umount2("./375/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./375/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./375/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./375/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./375/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./375/file0") = 0 [pid 5063] umount2("./375/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./375/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./375/cgroup") = 0 [pid 5063] umount2("./375/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./375/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./375/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./375") = 0 [pid 5063] mkdir("./376", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6206 attached , child_tidptr=0x5555560b8690) = 1130 [pid 6206] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6206] chdir("./376") = 0 [pid 6206] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6206] setpgid(0, 0) = 0 [pid 6206] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6206] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6206] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6206] write(3, "1000", 4) = 4 [pid 6206] close(3) = 0 [pid 6206] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6206] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6206] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6206] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6206] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6206] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6206] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6206] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6207 attached => {parent_tid=[1131]}, 88) = 1131 [pid 6207] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6206] rt_sigprocmask(SIG_SETMASK, [], [pid 6207] <... rseq resumed>) = 0 [pid 6206] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6207] set_robust_list(0x7eff0a34a9a0, 24 [pid 6206] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6207] <... set_robust_list resumed>) = 0 [pid 6206] <... futex resumed>) = 0 [pid 6207] rt_sigprocmask(SIG_SETMASK, [], [pid 6206] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6207] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6207] memfd_create("syzkaller", 0) = 3 [pid 6207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6207] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6207] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6207] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6207] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6207] close(3) = 0 [pid 6207] mkdir("./file0", 0777) = 0 [pid 6207] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6207] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6207] chdir("./file0") = 0 [pid 6207] ioctl(4, LOOP_CLR_FD) = 0 [pid 6207] close(4) = 0 [pid 6207] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6206] <... futex resumed>) = 0 [pid 6207] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6206] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6207] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6206] <... futex resumed>) = 0 [pid 6206] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6207] <... openat resumed>) = 4 [pid 6207] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6206] <... futex resumed>) = 0 [pid 6207] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6206] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6207] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6206] <... futex resumed>) = 0 [pid 6207] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 273.138287][ T6207] loop0: detected capacity change from 0 to 4096 [ 273.158223][ T6207] ntfs: volume version 3.1. [pid 6206] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6206] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6206] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6206] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6206] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6206] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6208 attached => {parent_tid=[1132]}, 88) = 1132 [pid 6208] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6206] rt_sigprocmask(SIG_SETMASK, [], [pid 6208] <... rseq resumed>) = 0 [pid 6206] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6208] set_robust_list(0x7eff0a3299a0, 24 [pid 6206] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6208] <... set_robust_list resumed>) = 0 [pid 6206] <... futex resumed>) = 0 [pid 6208] rt_sigprocmask(SIG_SETMASK, [], [pid 6206] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6208] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6208] creat("./file1", 000) = 5 [pid 6208] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6206] <... futex resumed>) = 0 [pid 6208] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6207] <... write resumed>) = 1048064 [pid 6207] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6207] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6206] close(3) = 0 [pid 6206] close(4) = 0 [pid 6206] close(5) = 0 [pid 6206] close(6) = -1 EBADF (Bad file descriptor) [pid 6206] close(7) = -1 EBADF (Bad file descriptor) [pid 6206] close(8) = -1 EBADF (Bad file descriptor) [pid 6206] close(9) = -1 EBADF (Bad file descriptor) [pid 6206] close(10) = -1 EBADF (Bad file descriptor) [pid 6206] close(11) = -1 EBADF (Bad file descriptor) [pid 6206] close(12) = -1 EBADF (Bad file descriptor) [pid 6206] close(13) = -1 EBADF (Bad file descriptor) [pid 6206] close(14) = -1 EBADF (Bad file descriptor) [pid 6206] close(15) = -1 EBADF (Bad file descriptor) [pid 6206] close(16) = -1 EBADF (Bad file descriptor) [pid 6206] close(17) = -1 EBADF (Bad file descriptor) [pid 6206] close(18) = -1 EBADF (Bad file descriptor) [pid 6206] close(19) = -1 EBADF (Bad file descriptor) [pid 6206] close(20) = -1 EBADF (Bad file descriptor) [pid 6206] close(21) = -1 EBADF (Bad file descriptor) [pid 6206] close(22) = -1 EBADF (Bad file descriptor) [pid 6206] close(23) = -1 EBADF (Bad file descriptor) [pid 6206] close(24) = -1 EBADF (Bad file descriptor) [pid 6206] close(25) = -1 EBADF (Bad file descriptor) [pid 6206] close(26) = -1 EBADF (Bad file descriptor) [pid 6206] close(27) = -1 EBADF (Bad file descriptor) [pid 6206] close(28) = -1 EBADF (Bad file descriptor) [pid 6206] close(29) = -1 EBADF (Bad file descriptor) [pid 6206] exit_group(0 [pid 6208] <... futex resumed>) = ? [pid 6206] <... exit_group resumed>) = ? [pid 6208] +++ exited with 0 +++ [pid 6207] <... futex resumed>) = ? [pid 6207] +++ exited with 0 +++ [pid 6206] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1130, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./376", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./376", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./376/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./376/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./376/cgroup.cpu") = 0 [pid 5063] umount2("./376/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./376/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./376/binderfs") = 0 [pid 5063] umount2("./376/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./376/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./376/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./376/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./376/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./376/file0") = 0 [pid 5063] umount2("./376/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./376/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./376/cgroup") = 0 [pid 5063] umount2("./376/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./376/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./376/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./376") = 0 [pid 5063] mkdir("./377", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6209 attached , child_tidptr=0x5555560b8690) = 1133 [pid 6209] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6209] chdir("./377") = 0 [pid 6209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6209] setpgid(0, 0) = 0 [pid 6209] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6209] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6209] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6209] write(3, "1000", 4) = 4 [pid 6209] close(3) = 0 [pid 6209] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6209] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6209] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6209] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6209] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6209] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6209] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6209] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6210 attached [pid 6210] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6210] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6210] rt_sigprocmask(SIG_SETMASK, [], [pid 6209] <... clone3 resumed> => {parent_tid=[1134]}, 88) = 1134 [pid 6210] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6209] rt_sigprocmask(SIG_SETMASK, [], [pid 6210] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6209] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6209] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6210] <... futex resumed>) = 0 [pid 6209] <... futex resumed>) = 1 [pid 6209] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6210] memfd_create("syzkaller", 0) = 3 [pid 6210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6210] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6210] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6210] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6210] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6210] close(3) = 0 [pid 6210] mkdir("./file0", 0777) = 0 [pid 6210] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6210] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6210] chdir("./file0") = 0 [pid 6210] ioctl(4, LOOP_CLR_FD) = 0 [pid 6210] close(4) = 0 [pid 6210] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6209] <... futex resumed>) = 0 [pid 6209] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6210] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 273.644111][ T6210] loop0: detected capacity change from 0 to 4096 [ 273.674892][ T6210] ntfs: volume version 3.1. [pid 6209] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6210] <... openat resumed>) = 4 [pid 6210] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6209] <... futex resumed>) = 0 [pid 6209] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6209] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6210] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6209] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6209] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6209] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6209] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6209] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6209] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6211 attached => {parent_tid=[1135]}, 88) = 1135 [pid 6211] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6209] rt_sigprocmask(SIG_SETMASK, [], [pid 6211] <... rseq resumed>) = 0 [pid 6209] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6211] set_robust_list(0x7eff0a3299a0, 24 [pid 6209] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6211] <... set_robust_list resumed>) = 0 [pid 6209] <... futex resumed>) = 0 [pid 6211] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6209] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6211] creat("./file1", 000) = 5 [pid 6210] <... write resumed>) = 1048064 [pid 6211] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6211] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6209] <... futex resumed>) = 0 [pid 6210] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6210] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6209] close(3) = 0 [pid 6209] close(4) = 0 [pid 6209] close(5) = 0 [pid 6209] close(6) = -1 EBADF (Bad file descriptor) [pid 6209] close(7) = -1 EBADF (Bad file descriptor) [pid 6209] close(8) = -1 EBADF (Bad file descriptor) [pid 6209] close(9) = -1 EBADF (Bad file descriptor) [pid 6209] close(10) = -1 EBADF (Bad file descriptor) [pid 6209] close(11) = -1 EBADF (Bad file descriptor) [pid 6209] close(12) = -1 EBADF (Bad file descriptor) [pid 6209] close(13) = -1 EBADF (Bad file descriptor) [pid 6209] close(14) = -1 EBADF (Bad file descriptor) [pid 6209] close(15) = -1 EBADF (Bad file descriptor) [pid 6209] close(16) = -1 EBADF (Bad file descriptor) [pid 6209] close(17) = -1 EBADF (Bad file descriptor) [pid 6209] close(18) = -1 EBADF (Bad file descriptor) [pid 6209] close(19) = -1 EBADF (Bad file descriptor) [pid 6209] close(20) = -1 EBADF (Bad file descriptor) [pid 6209] close(21) = -1 EBADF (Bad file descriptor) [pid 6209] close(22) = -1 EBADF (Bad file descriptor) [pid 6209] close(23) = -1 EBADF (Bad file descriptor) [pid 6209] close(24) = -1 EBADF (Bad file descriptor) [pid 6209] close(25) = -1 EBADF (Bad file descriptor) [pid 6209] close(26) = -1 EBADF (Bad file descriptor) [pid 6209] close(27) = -1 EBADF (Bad file descriptor) [pid 6209] close(28) = -1 EBADF (Bad file descriptor) [pid 6209] close(29) = -1 EBADF (Bad file descriptor) [pid 6209] exit_group(0 [pid 6210] <... futex resumed>) = ? [pid 6211] <... futex resumed>) = ? [pid 6209] <... exit_group resumed>) = ? [pid 6211] +++ exited with 0 +++ [pid 6210] +++ exited with 0 +++ [pid 6209] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1133, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./377", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./377", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./377/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./377/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./377/cgroup.cpu") = 0 [pid 5063] umount2("./377/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./377/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./377/binderfs") = 0 [pid 5063] umount2("./377/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./377/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./377/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./377/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./377/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./377/file0") = 0 [pid 5063] umount2("./377/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./377/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./377/cgroup") = 0 [pid 5063] umount2("./377/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./377/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./377/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./377") = 0 [pid 5063] mkdir("./378", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6212 attached [pid 6212] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1136 [pid 6212] <... set_robust_list resumed>) = 0 [pid 6212] chdir("./378") = 0 [pid 6212] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6212] setpgid(0, 0) = 0 [pid 6212] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6212] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6212] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6212] write(3, "1000", 4) = 4 [pid 6212] close(3) = 0 [pid 6212] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6212] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6212] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6212] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6212] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6212] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6212] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6212] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6213 attached => {parent_tid=[1137]}, 88) = 1137 [pid 6213] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6212] rt_sigprocmask(SIG_SETMASK, [], [pid 6213] <... rseq resumed>) = 0 [pid 6213] set_robust_list(0x7eff0a34a9a0, 24 [pid 6212] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6213] <... set_robust_list resumed>) = 0 [pid 6212] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6213] rt_sigprocmask(SIG_SETMASK, [], [pid 6212] <... futex resumed>) = 0 [pid 6213] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6212] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6213] memfd_create("syzkaller", 0) = 3 [pid 6213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6213] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6213] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6213] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6213] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6213] close(3) = 0 [pid 6213] mkdir("./file0", 0777) = 0 [pid 6213] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6213] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6213] chdir("./file0") = 0 [pid 6213] ioctl(4, LOOP_CLR_FD) = 0 [pid 6213] close(4) = 0 [pid 6213] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6213] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6212] <... futex resumed>) = 0 [pid 6212] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6213] <... futex resumed>) = 0 [pid 6212] <... futex resumed>) = 1 [pid 6213] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6212] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6213] <... openat resumed>) = 4 [ 274.218859][ T6213] loop0: detected capacity change from 0 to 4096 [ 274.241231][ T6213] ntfs: volume version 3.1. [pid 6213] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6212] <... futex resumed>) = 0 [pid 6213] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6212] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6212] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6212] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6212] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6212] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6212] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6212] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6214 attached [pid 6214] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6212] <... clone3 resumed> => {parent_tid=[1138]}, 88) = 1138 [pid 6214] set_robust_list(0x7eff0a3299a0, 24 [pid 6212] rt_sigprocmask(SIG_SETMASK, [], [pid 6214] <... set_robust_list resumed>) = 0 [pid 6212] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6214] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6212] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6214] creat("./file1", 000 [pid 6212] <... futex resumed>) = 0 [pid 6212] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6214] <... creat resumed>) = 5 [pid 6213] <... write resumed>) = 1048064 [pid 6213] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6214] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6213] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6214] <... futex resumed>) = 1 [pid 6212] <... futex resumed>) = 0 [pid 6214] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6212] close(3) = 0 [pid 6212] close(4) = 0 [pid 6212] close(5) = 0 [pid 6212] close(6) = -1 EBADF (Bad file descriptor) [pid 6212] close(7) = -1 EBADF (Bad file descriptor) [pid 6212] close(8) = -1 EBADF (Bad file descriptor) [pid 6212] close(9) = -1 EBADF (Bad file descriptor) [pid 6212] close(10) = -1 EBADF (Bad file descriptor) [pid 6212] close(11) = -1 EBADF (Bad file descriptor) [pid 6212] close(12) = -1 EBADF (Bad file descriptor) [pid 6212] close(13) = -1 EBADF (Bad file descriptor) [pid 6212] close(14) = -1 EBADF (Bad file descriptor) [pid 6212] close(15) = -1 EBADF (Bad file descriptor) [pid 6212] close(16) = -1 EBADF (Bad file descriptor) [pid 6212] close(17) = -1 EBADF (Bad file descriptor) [pid 6212] close(18) = -1 EBADF (Bad file descriptor) [pid 6212] close(19) = -1 EBADF (Bad file descriptor) [pid 6212] close(20) = -1 EBADF (Bad file descriptor) [pid 6212] close(21) = -1 EBADF (Bad file descriptor) [pid 6212] close(22) = -1 EBADF (Bad file descriptor) [pid 6212] close(23) = -1 EBADF (Bad file descriptor) [pid 6212] close(24) = -1 EBADF (Bad file descriptor) [pid 6212] close(25) = -1 EBADF (Bad file descriptor) [pid 6212] close(26) = -1 EBADF (Bad file descriptor) [pid 6212] close(27) = -1 EBADF (Bad file descriptor) [pid 6212] close(28) = -1 EBADF (Bad file descriptor) [pid 6212] close(29) = -1 EBADF (Bad file descriptor) [pid 6212] exit_group(0 [pid 6214] <... futex resumed>) = ? [pid 6213] <... futex resumed>) = ? [pid 6212] <... exit_group resumed>) = ? [pid 6214] +++ exited with 0 +++ [pid 6213] +++ exited with 0 +++ [pid 6212] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1136, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./378", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./378", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./378/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./378/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./378/cgroup.cpu") = 0 [pid 5063] umount2("./378/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./378/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./378/binderfs") = 0 [pid 5063] umount2("./378/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./378/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./378/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./378/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./378/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./378/file0") = 0 [pid 5063] umount2("./378/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./378/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./378/cgroup") = 0 [pid 5063] umount2("./378/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./378/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./378/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./378") = 0 [pid 5063] mkdir("./379", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6215 attached [pid 6215] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1139 [pid 6215] <... set_robust_list resumed>) = 0 [pid 6215] chdir("./379") = 0 [pid 6215] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6215] setpgid(0, 0) = 0 [pid 6215] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6215] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6215] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6215] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6215] write(3, "1000", 4) = 4 [pid 6215] close(3) = 0 [pid 6215] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6215] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6215] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6215] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6215] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6215] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6215] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6215] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6216 attached [pid 6216] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6215] <... clone3 resumed> => {parent_tid=[1140]}, 88) = 1140 [pid 6216] set_robust_list(0x7eff0a34a9a0, 24 [pid 6215] rt_sigprocmask(SIG_SETMASK, [], [pid 6216] <... set_robust_list resumed>) = 0 [pid 6215] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6216] rt_sigprocmask(SIG_SETMASK, [], [pid 6215] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6216] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6215] <... futex resumed>) = 0 [pid 6215] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6216] memfd_create("syzkaller", 0) = 3 [pid 6216] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6216] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6216] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6216] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6216] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6216] close(3) = 0 [pid 6216] mkdir("./file0", 0777) = 0 [pid 6216] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6216] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6216] chdir("./file0") = 0 [pid 6216] ioctl(4, LOOP_CLR_FD) = 0 [pid 6216] close(4) = 0 [pid 6216] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6215] <... futex resumed>) = 0 [pid 6216] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6215] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6216] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6215] <... futex resumed>) = 0 [pid 6216] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6215] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6216] <... openat resumed>) = 4 [pid 6216] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6215] <... futex resumed>) = 0 [pid 6216] <... futex resumed>) = 1 [pid 6215] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6216] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6215] <... futex resumed>) = 0 [ 274.848374][ T6216] loop0: detected capacity change from 0 to 4096 [ 274.879954][ T6216] ntfs: volume version 3.1. [pid 6215] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6215] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6215] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6215] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6215] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6215] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6217 attached => {parent_tid=[1141]}, 88) = 1141 [pid 6217] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6215] rt_sigprocmask(SIG_SETMASK, [], [pid 6217] <... rseq resumed>) = 0 [pid 6217] set_robust_list(0x7eff0a3299a0, 24 [pid 6215] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6217] <... set_robust_list resumed>) = 0 [pid 6215] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6217] rt_sigprocmask(SIG_SETMASK, [], [pid 6215] <... futex resumed>) = 0 [pid 6217] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6215] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6217] creat("./file1", 000) = 5 [pid 6216] <... write resumed>) = 1048064 [pid 6217] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6216] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6215] <... futex resumed>) = 0 [pid 6217] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6215] close(3 [pid 6216] <... futex resumed>) = 0 [pid 6215] <... close resumed>) = 0 [pid 6216] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6215] close(4) = 0 [pid 6215] close(5) = 0 [pid 6215] close(6) = -1 EBADF (Bad file descriptor) [pid 6215] close(7) = -1 EBADF (Bad file descriptor) [pid 6215] close(8) = -1 EBADF (Bad file descriptor) [pid 6215] close(9) = -1 EBADF (Bad file descriptor) [pid 6215] close(10) = -1 EBADF (Bad file descriptor) [pid 6215] close(11) = -1 EBADF (Bad file descriptor) [pid 6215] close(12) = -1 EBADF (Bad file descriptor) [pid 6215] close(13) = -1 EBADF (Bad file descriptor) [pid 6215] close(14) = -1 EBADF (Bad file descriptor) [pid 6215] close(15) = -1 EBADF (Bad file descriptor) [pid 6215] close(16) = -1 EBADF (Bad file descriptor) [pid 6215] close(17) = -1 EBADF (Bad file descriptor) [pid 6215] close(18) = -1 EBADF (Bad file descriptor) [pid 6215] close(19) = -1 EBADF (Bad file descriptor) [pid 6215] close(20) = -1 EBADF (Bad file descriptor) [pid 6215] close(21) = -1 EBADF (Bad file descriptor) [pid 6215] close(22) = -1 EBADF (Bad file descriptor) [pid 6215] close(23) = -1 EBADF (Bad file descriptor) [pid 6215] close(24) = -1 EBADF (Bad file descriptor) [pid 6215] close(25) = -1 EBADF (Bad file descriptor) [pid 6215] close(26) = -1 EBADF (Bad file descriptor) [pid 6215] close(27) = -1 EBADF (Bad file descriptor) [pid 6215] close(28) = -1 EBADF (Bad file descriptor) [pid 6215] close(29) = -1 EBADF (Bad file descriptor) [pid 6215] exit_group(0 [pid 6216] <... futex resumed>) = ? [pid 6215] <... exit_group resumed>) = ? [pid 6217] <... futex resumed>) = ? [pid 6216] +++ exited with 0 +++ [pid 6217] +++ exited with 0 +++ [pid 6215] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1139, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./379", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./379", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./379/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./379/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./379/cgroup.cpu") = 0 [pid 5063] umount2("./379/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./379/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./379/binderfs") = 0 [pid 5063] umount2("./379/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./379/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./379/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./379/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./379/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./379/file0") = 0 [pid 5063] umount2("./379/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./379/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./379/cgroup") = 0 [pid 5063] umount2("./379/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./379/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./379/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./379") = 0 [pid 5063] mkdir("./380", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6218 attached , child_tidptr=0x5555560b8690) = 1142 [pid 6218] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6218] chdir("./380") = 0 [pid 6218] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6218] setpgid(0, 0) = 0 [pid 6218] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6218] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6218] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6218] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6218] write(3, "1000", 4) = 4 [pid 6218] close(3) = 0 [pid 6218] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6218] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6218] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6218] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6218] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6218] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6218] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6218] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6219 attached [pid 6219] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6218] <... clone3 resumed> => {parent_tid=[1143]}, 88) = 1143 [pid 6219] <... rseq resumed>) = 0 [pid 6218] rt_sigprocmask(SIG_SETMASK, [], [pid 6219] set_robust_list(0x7eff0a34a9a0, 24 [pid 6218] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6219] <... set_robust_list resumed>) = 0 [pid 6219] rt_sigprocmask(SIG_SETMASK, [], [pid 6218] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6219] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6218] <... futex resumed>) = 0 [pid 6218] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6219] memfd_create("syzkaller", 0) = 3 [pid 6219] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6219] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6219] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6219] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6219] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6219] close(3) = 0 [pid 6219] mkdir("./file0", 0777) = 0 [pid 6219] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6219] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6219] chdir("./file0") = 0 [pid 6219] ioctl(4, LOOP_CLR_FD) = 0 [pid 6219] close(4) = 0 [pid 6219] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6218] <... futex resumed>) = 0 [pid 6219] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6218] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6219] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6218] <... futex resumed>) = 0 [pid 6219] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6218] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6219] <... openat resumed>) = 4 [ 275.414221][ T6219] loop0: detected capacity change from 0 to 4096 [ 275.437817][ T6219] ntfs: volume version 3.1. [pid 6219] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6218] <... futex resumed>) = 0 [pid 6219] <... futex resumed>) = 1 [pid 6219] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6218] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6218] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6218] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6218] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6218] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6218] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6218] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6220 attached => {parent_tid=[1144]}, 88) = 1144 [pid 6218] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6218] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6220] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6218] <... futex resumed>) = 0 [pid 6220] set_robust_list(0x7eff0a3299a0, 24 [pid 6218] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6220] <... set_robust_list resumed>) = 0 [pid 6220] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6220] creat("./file1", 000) = 5 [pid 6219] <... write resumed>) = 1048064 [pid 6220] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6218] <... futex resumed>) = 0 [pid 6220] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6219] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6218] close(3 [pid 6219] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6218] <... close resumed>) = 0 [pid 6218] close(4) = 0 [pid 6218] close(5) = 0 [pid 6218] close(6) = -1 EBADF (Bad file descriptor) [pid 6218] close(7) = -1 EBADF (Bad file descriptor) [pid 6218] close(8) = -1 EBADF (Bad file descriptor) [pid 6218] close(9) = -1 EBADF (Bad file descriptor) [pid 6218] close(10) = -1 EBADF (Bad file descriptor) [pid 6218] close(11) = -1 EBADF (Bad file descriptor) [pid 6218] close(12) = -1 EBADF (Bad file descriptor) [pid 6218] close(13) = -1 EBADF (Bad file descriptor) [pid 6218] close(14) = -1 EBADF (Bad file descriptor) [pid 6218] close(15) = -1 EBADF (Bad file descriptor) [pid 6218] close(16) = -1 EBADF (Bad file descriptor) [pid 6218] close(17) = -1 EBADF (Bad file descriptor) [pid 6218] close(18) = -1 EBADF (Bad file descriptor) [pid 6218] close(19) = -1 EBADF (Bad file descriptor) [pid 6218] close(20) = -1 EBADF (Bad file descriptor) [pid 6218] close(21) = -1 EBADF (Bad file descriptor) [pid 6218] close(22) = -1 EBADF (Bad file descriptor) [pid 6218] close(23) = -1 EBADF (Bad file descriptor) [pid 6218] close(24) = -1 EBADF (Bad file descriptor) [pid 6218] close(25) = -1 EBADF (Bad file descriptor) [pid 6218] close(26) = -1 EBADF (Bad file descriptor) [pid 6218] close(27) = -1 EBADF (Bad file descriptor) [pid 6218] close(28) = -1 EBADF (Bad file descriptor) [pid 6218] close(29) = -1 EBADF (Bad file descriptor) [pid 6218] exit_group(0 [pid 6220] <... futex resumed>) = ? [pid 6220] +++ exited with 0 +++ [pid 6219] <... futex resumed>) = ? [pid 6219] +++ exited with 0 +++ [pid 6218] <... exit_group resumed>) = ? [pid 6218] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1142, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./380", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./380", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./380/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./380/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./380/cgroup.cpu") = 0 [pid 5063] umount2("./380/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./380/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./380/binderfs") = 0 [pid 5063] umount2("./380/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./380/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./380/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./380/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./380/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./380/file0") = 0 [pid 5063] umount2("./380/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./380/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./380/cgroup") = 0 [pid 5063] umount2("./380/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./380/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./380/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./380") = 0 [pid 5063] mkdir("./381", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6221 attached , child_tidptr=0x5555560b8690) = 1145 [pid 6221] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6221] chdir("./381") = 0 [pid 6221] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6221] setpgid(0, 0) = 0 [pid 6221] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6221] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6221] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6221] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6221] write(3, "1000", 4) = 4 [pid 6221] close(3) = 0 [pid 6221] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6221] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6221] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6221] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6221] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6221] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6221] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6221] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6222 attached [pid 6222] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6222] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6221] <... clone3 resumed> => {parent_tid=[1146]}, 88) = 1146 [pid 6222] rt_sigprocmask(SIG_SETMASK, [], [pid 6221] rt_sigprocmask(SIG_SETMASK, [], [pid 6222] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6221] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6222] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6221] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6222] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6221] <... futex resumed>) = 0 [pid 6221] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6222] memfd_create("syzkaller", 0) = 3 [pid 6222] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6222] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6222] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6222] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6222] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6222] close(3) = 0 [pid 6222] mkdir("./file0", 0777) = 0 [pid 6222] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6222] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6222] chdir("./file0") = 0 [pid 6222] ioctl(4, LOOP_CLR_FD) = 0 [pid 6222] close(4) = 0 [pid 6222] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6221] <... futex resumed>) = 0 [pid 6222] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6221] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6222] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6222] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6221] <... futex resumed>) = 0 [pid 6221] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6222] <... openat resumed>) = 4 [ 275.923254][ T6222] loop0: detected capacity change from 0 to 4096 [ 275.954188][ T6222] ntfs: volume version 3.1. [pid 6222] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6221] <... futex resumed>) = 0 [pid 6221] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6221] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6222] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6221] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6221] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6221] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6221] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6221] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6221] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6223 attached [pid 6223] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6221] <... clone3 resumed> => {parent_tid=[1147]}, 88) = 1147 [pid 6223] <... rseq resumed>) = 0 [pid 6221] rt_sigprocmask(SIG_SETMASK, [], [pid 6223] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6221] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6223] rt_sigprocmask(SIG_SETMASK, [], [pid 6221] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6223] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6221] <... futex resumed>) = 0 [pid 6223] creat("./file1", 000 [pid 6221] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6223] <... creat resumed>) = 5 [pid 6222] <... write resumed>) = 1048064 [pid 6223] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6222] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6221] <... futex resumed>) = 0 [pid 6223] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6222] <... futex resumed>) = 0 [pid 6221] close(3 [pid 6222] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6221] <... close resumed>) = 0 [pid 6221] close(4) = 0 [pid 6221] close(5) = 0 [pid 6221] close(6) = -1 EBADF (Bad file descriptor) [pid 6221] close(7) = -1 EBADF (Bad file descriptor) [pid 6221] close(8) = -1 EBADF (Bad file descriptor) [pid 6221] close(9) = -1 EBADF (Bad file descriptor) [pid 6221] close(10) = -1 EBADF (Bad file descriptor) [pid 6221] close(11) = -1 EBADF (Bad file descriptor) [pid 6221] close(12) = -1 EBADF (Bad file descriptor) [pid 6221] close(13) = -1 EBADF (Bad file descriptor) [pid 6221] close(14) = -1 EBADF (Bad file descriptor) [pid 6221] close(15) = -1 EBADF (Bad file descriptor) [pid 6221] close(16) = -1 EBADF (Bad file descriptor) [pid 6221] close(17) = -1 EBADF (Bad file descriptor) [pid 6221] close(18) = -1 EBADF (Bad file descriptor) [pid 6221] close(19) = -1 EBADF (Bad file descriptor) [pid 6221] close(20) = -1 EBADF (Bad file descriptor) [pid 6221] close(21) = -1 EBADF (Bad file descriptor) [pid 6221] close(22) = -1 EBADF (Bad file descriptor) [pid 6221] close(23) = -1 EBADF (Bad file descriptor) [pid 6221] close(24) = -1 EBADF (Bad file descriptor) [pid 6221] close(25) = -1 EBADF (Bad file descriptor) [pid 6221] close(26) = -1 EBADF (Bad file descriptor) [pid 6221] close(27) = -1 EBADF (Bad file descriptor) [pid 6221] close(28) = -1 EBADF (Bad file descriptor) [pid 6221] close(29) = -1 EBADF (Bad file descriptor) [pid 6221] exit_group(0) = ? [pid 6222] <... futex resumed>) = ? [pid 6222] +++ exited with 0 +++ [pid 6223] <... futex resumed>) = ? [pid 6223] +++ exited with 0 +++ [pid 6221] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1145, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./381", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./381", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./381/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./381/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./381/cgroup.cpu") = 0 [pid 5063] umount2("./381/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./381/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./381/binderfs") = 0 [pid 5063] umount2("./381/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./381/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./381/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./381/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./381/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./381/file0") = 0 [pid 5063] umount2("./381/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./381/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./381/cgroup") = 0 [pid 5063] umount2("./381/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./381/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./381/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./381") = 0 [pid 5063] mkdir("./382", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6224 attached [pid 6224] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1148 [pid 6224] <... set_robust_list resumed>) = 0 [pid 6224] chdir("./382") = 0 [pid 6224] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6224] setpgid(0, 0) = 0 [pid 6224] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6224] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6224] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6224] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6224] write(3, "1000", 4) = 4 [pid 6224] close(3) = 0 [pid 6224] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6224] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6224] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6224] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6224] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6224] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6224] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6224] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6225 attached => {parent_tid=[1149]}, 88) = 1149 [pid 6225] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6224] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6224] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6224] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6225] <... rseq resumed>) = 0 [pid 6225] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6225] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6225] memfd_create("syzkaller", 0) = 3 [pid 6225] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6225] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6225] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6225] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6225] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6225] close(3) = 0 [pid 6225] mkdir("./file0", 0777) = 0 [pid 6225] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6225] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6225] chdir("./file0") = 0 [pid 6225] ioctl(4, LOOP_CLR_FD) = 0 [pid 6225] close(4) = 0 [ 276.563725][ T6225] loop0: detected capacity change from 0 to 4096 [ 276.580275][ T6225] ntfs: volume version 3.1. [pid 6225] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6225] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6224] <... futex resumed>) = 0 [pid 6224] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6225] <... futex resumed>) = 0 [pid 6224] <... futex resumed>) = 1 [pid 6224] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6225] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6225] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6225] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6224] <... futex resumed>) = 0 [pid 6224] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6225] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6224] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6225] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6224] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6224] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6224] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6224] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6224] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6224] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6226 attached => {parent_tid=[1150]}, 88) = 1150 [pid 6226] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6224] rt_sigprocmask(SIG_SETMASK, [], [pid 6226] <... rseq resumed>) = 0 [pid 6224] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6226] set_robust_list(0x7eff0a3299a0, 24 [pid 6224] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6226] <... set_robust_list resumed>) = 0 [pid 6226] rt_sigprocmask(SIG_SETMASK, [], [pid 6224] <... futex resumed>) = 0 [pid 6226] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6226] creat("./file1", 000 [pid 6224] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6226] <... creat resumed>) = 5 [pid 6226] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6226] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6224] <... futex resumed>) = 0 [pid 6225] <... write resumed>) = 1048064 [pid 6225] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6224] close(3 [pid 6225] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6224] <... close resumed>) = 0 [pid 6224] close(4) = 0 [pid 6224] close(5) = 0 [pid 6224] close(6) = -1 EBADF (Bad file descriptor) [pid 6224] close(7) = -1 EBADF (Bad file descriptor) [pid 6224] close(8) = -1 EBADF (Bad file descriptor) [pid 6224] close(9) = -1 EBADF (Bad file descriptor) [pid 6224] close(10) = -1 EBADF (Bad file descriptor) [pid 6224] close(11) = -1 EBADF (Bad file descriptor) [pid 6224] close(12) = -1 EBADF (Bad file descriptor) [pid 6224] close(13) = -1 EBADF (Bad file descriptor) [pid 6224] close(14) = -1 EBADF (Bad file descriptor) [pid 6224] close(15) = -1 EBADF (Bad file descriptor) [pid 6224] close(16) = -1 EBADF (Bad file descriptor) [pid 6224] close(17) = -1 EBADF (Bad file descriptor) [pid 6224] close(18) = -1 EBADF (Bad file descriptor) [pid 6224] close(19) = -1 EBADF (Bad file descriptor) [pid 6224] close(20) = -1 EBADF (Bad file descriptor) [pid 6224] close(21) = -1 EBADF (Bad file descriptor) [pid 6224] close(22) = -1 EBADF (Bad file descriptor) [pid 6224] close(23) = -1 EBADF (Bad file descriptor) [pid 6224] close(24) = -1 EBADF (Bad file descriptor) [pid 6224] close(25) = -1 EBADF (Bad file descriptor) [pid 6224] close(26) = -1 EBADF (Bad file descriptor) [pid 6224] close(27) = -1 EBADF (Bad file descriptor) [pid 6224] close(28) = -1 EBADF (Bad file descriptor) [pid 6224] close(29) = -1 EBADF (Bad file descriptor) [pid 6224] exit_group(0 [pid 6225] <... futex resumed>) = ? [pid 6224] <... exit_group resumed>) = ? [pid 6226] <... futex resumed>) = ? [pid 6225] +++ exited with 0 +++ [pid 6226] +++ exited with 0 +++ [pid 6224] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1148, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./382", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./382", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./382/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./382/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./382/cgroup.cpu") = 0 [pid 5063] umount2("./382/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./382/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./382/binderfs") = 0 [pid 5063] umount2("./382/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./382/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./382/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./382/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./382/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./382/file0") = 0 [pid 5063] umount2("./382/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./382/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./382/cgroup") = 0 [pid 5063] umount2("./382/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./382/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./382/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./382") = 0 [pid 5063] mkdir("./383", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6227 attached , child_tidptr=0x5555560b8690) = 1151 [pid 6227] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6227] chdir("./383") = 0 [pid 6227] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6227] setpgid(0, 0) = 0 [pid 6227] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6227] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6227] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6227] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6227] write(3, "1000", 4) = 4 [pid 6227] close(3) = 0 [pid 6227] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6227] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6227] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6227] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6227] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6227] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6227] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6227] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6228 attached => {parent_tid=[1152]}, 88) = 1152 [pid 6228] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6227] rt_sigprocmask(SIG_SETMASK, [], [pid 6228] <... rseq resumed>) = 0 [pid 6227] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6228] set_robust_list(0x7eff0a34a9a0, 24 [pid 6227] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6228] <... set_robust_list resumed>) = 0 [pid 6228] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6227] <... futex resumed>) = 0 [pid 6227] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6228] memfd_create("syzkaller", 0) = 3 [pid 6228] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6228] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6228] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6228] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6228] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6228] close(3) = 0 [pid 6228] mkdir("./file0", 0777) = 0 [ 277.215328][ T6228] loop0: detected capacity change from 0 to 4096 [ 277.230930][ T6228] __ntfs_warning: 170 callbacks suppressed [ 277.230940][ T6228] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 277.257749][ T6228] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 277.267243][ T6228] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 277.283275][ T6228] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 277.292116][ T6228] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 277.312129][ T6228] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 277.320926][ T6228] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 277.341132][ T6228] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6228] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6228] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6228] chdir("./file0") = 0 [pid 6228] ioctl(4, LOOP_CLR_FD) = 0 [pid 6228] close(4) = 0 [pid 6228] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6227] <... futex resumed>) = 0 [pid 6228] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 277.349887][ T6228] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 277.369894][ T6228] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 277.380320][ T6228] ntfs: volume version 3.1. [pid 6227] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6228] <... openat resumed>) = 4 [pid 6228] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6227] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6228] <... futex resumed>) = 0 [pid 6227] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6228] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6227] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6228] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6227] <... futex resumed>) = 0 [pid 6228] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6227] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6227] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6227] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6227] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6227] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6227] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6229 attached [pid 6229] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6227] <... clone3 resumed> => {parent_tid=[1153]}, 88) = 1153 [pid 6229] <... rseq resumed>) = 0 [pid 6227] rt_sigprocmask(SIG_SETMASK, [], [pid 6229] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6227] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6229] rt_sigprocmask(SIG_SETMASK, [], [pid 6227] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6229] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6227] <... futex resumed>) = 0 [pid 6229] creat("./file1", 000 [pid 6227] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6229] <... creat resumed>) = 5 [pid 6229] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6228] <... write resumed>) = 1048064 [pid 6229] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6227] <... futex resumed>) = 0 [pid 6228] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6228] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6227] close(3) = 0 [pid 6227] close(4) = 0 [pid 6227] close(5) = 0 [pid 6227] close(6) = -1 EBADF (Bad file descriptor) [pid 6227] close(7) = -1 EBADF (Bad file descriptor) [pid 6227] close(8) = -1 EBADF (Bad file descriptor) [pid 6227] close(9) = -1 EBADF (Bad file descriptor) [pid 6227] close(10) = -1 EBADF (Bad file descriptor) [pid 6227] close(11) = -1 EBADF (Bad file descriptor) [pid 6227] close(12) = -1 EBADF (Bad file descriptor) [pid 6227] close(13) = -1 EBADF (Bad file descriptor) [pid 6227] close(14) = -1 EBADF (Bad file descriptor) [pid 6227] close(15) = -1 EBADF (Bad file descriptor) [pid 6227] close(16) = -1 EBADF (Bad file descriptor) [pid 6227] close(17) = -1 EBADF (Bad file descriptor) [pid 6227] close(18) = -1 EBADF (Bad file descriptor) [pid 6227] close(19) = -1 EBADF (Bad file descriptor) [pid 6227] close(20) = -1 EBADF (Bad file descriptor) [pid 6227] close(21) = -1 EBADF (Bad file descriptor) [pid 6227] close(22) = -1 EBADF (Bad file descriptor) [pid 6227] close(23) = -1 EBADF (Bad file descriptor) [pid 6227] close(24) = -1 EBADF (Bad file descriptor) [pid 6227] close(25) = -1 EBADF (Bad file descriptor) [pid 6227] close(26) = -1 EBADF (Bad file descriptor) [pid 6227] close(27) = -1 EBADF (Bad file descriptor) [pid 6227] close(28) = -1 EBADF (Bad file descriptor) [pid 6227] close(29) = -1 EBADF (Bad file descriptor) [pid 6227] exit_group(0 [pid 6229] <... futex resumed>) = ? [pid 6228] <... futex resumed>) = ? [pid 6227] <... exit_group resumed>) = ? [pid 6229] +++ exited with 0 +++ [pid 6228] +++ exited with 0 +++ [pid 6227] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1151, si_uid=0, si_status=0, si_utime=0, si_stime=24 /* 0.24 s */} --- [pid 5063] umount2("./383", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./383", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./383/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./383/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./383/cgroup.cpu") = 0 [pid 5063] umount2("./383/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./383/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./383/binderfs") = 0 [pid 5063] umount2("./383/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./383/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./383/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./383/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./383/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./383/file0") = 0 [pid 5063] umount2("./383/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./383/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./383/cgroup") = 0 [pid 5063] umount2("./383/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./383/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./383/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./383") = 0 [pid 5063] mkdir("./384", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6230 attached [pid 6230] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1154 [pid 6230] <... set_robust_list resumed>) = 0 [pid 6230] chdir("./384") = 0 [pid 6230] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6230] setpgid(0, 0) = 0 [pid 6230] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6230] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6230] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6230] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6230] write(3, "1000", 4) = 4 [pid 6230] close(3) = 0 [pid 6230] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6230] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6230] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6230] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6230] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6230] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6230] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6231 attached => {parent_tid=[1155]}, 88) = 1155 [pid 6231] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6230] rt_sigprocmask(SIG_SETMASK, [], [pid 6231] <... rseq resumed>) = 0 [pid 6231] set_robust_list(0x7eff0a34a9a0, 24 [pid 6230] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6231] <... set_robust_list resumed>) = 0 [pid 6230] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6231] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6230] <... futex resumed>) = 0 [pid 6230] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6231] memfd_create("syzkaller", 0) = 3 [pid 6231] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6231] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6231] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6231] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6231] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6231] close(3) = 0 [pid 6231] mkdir("./file0", 0777) = 0 [pid 6231] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6231] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6231] chdir("./file0") = 0 [pid 6231] ioctl(4, LOOP_CLR_FD) = 0 [pid 6231] close(4) = 0 [pid 6231] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6230] <... futex resumed>) = 0 [pid 6231] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6230] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6231] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6231] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6230] <... futex resumed>) = 0 [pid 6230] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6231] <... openat resumed>) = 4 [pid 6231] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6230] <... futex resumed>) = 0 [pid 6230] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 277.973186][ T6231] loop0: detected capacity change from 0 to 4096 [ 277.998439][ T6231] ntfs: volume version 3.1. [pid 6230] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6231] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6230] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6230] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6230] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6230] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6230] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6230] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6232 attached [pid 6232] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6230] <... clone3 resumed> => {parent_tid=[1156]}, 88) = 1156 [pid 6232] set_robust_list(0x7eff0a3299a0, 24 [pid 6230] rt_sigprocmask(SIG_SETMASK, [], [pid 6232] <... set_robust_list resumed>) = 0 [pid 6230] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6232] rt_sigprocmask(SIG_SETMASK, [], [pid 6230] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6232] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6230] <... futex resumed>) = 0 [pid 6232] creat("./file1", 000 [pid 6230] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6232] <... creat resumed>) = 5 [pid 6232] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6231] <... write resumed>) = 1048064 [pid 6230] <... futex resumed>) = 0 [pid 6232] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6231] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6230] close(3 [pid 6231] <... futex resumed>) = 0 [pid 6230] <... close resumed>) = 0 [pid 6231] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6230] close(4) = 0 [pid 6230] close(5) = 0 [pid 6230] close(6) = -1 EBADF (Bad file descriptor) [pid 6230] close(7) = -1 EBADF (Bad file descriptor) [pid 6230] close(8) = -1 EBADF (Bad file descriptor) [pid 6230] close(9) = -1 EBADF (Bad file descriptor) [pid 6230] close(10) = -1 EBADF (Bad file descriptor) [pid 6230] close(11) = -1 EBADF (Bad file descriptor) [pid 6230] close(12) = -1 EBADF (Bad file descriptor) [pid 6230] close(13) = -1 EBADF (Bad file descriptor) [pid 6230] close(14) = -1 EBADF (Bad file descriptor) [pid 6230] close(15) = -1 EBADF (Bad file descriptor) [pid 6230] close(16) = -1 EBADF (Bad file descriptor) [pid 6230] close(17) = -1 EBADF (Bad file descriptor) [pid 6230] close(18) = -1 EBADF (Bad file descriptor) [pid 6230] close(19) = -1 EBADF (Bad file descriptor) [pid 6230] close(20) = -1 EBADF (Bad file descriptor) [pid 6230] close(21) = -1 EBADF (Bad file descriptor) [pid 6230] close(22) = -1 EBADF (Bad file descriptor) [pid 6230] close(23) = -1 EBADF (Bad file descriptor) [pid 6230] close(24) = -1 EBADF (Bad file descriptor) [pid 6230] close(25) = -1 EBADF (Bad file descriptor) [pid 6230] close(26) = -1 EBADF (Bad file descriptor) [pid 6230] close(27) = -1 EBADF (Bad file descriptor) [pid 6230] close(28) = -1 EBADF (Bad file descriptor) [pid 6230] close(29) = -1 EBADF (Bad file descriptor) [pid 6230] exit_group(0) = ? [pid 6232] <... futex resumed>) = ? [pid 6232] +++ exited with 0 +++ [pid 6231] <... futex resumed>) = ? [pid 6231] +++ exited with 0 +++ [pid 6230] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1154, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./384", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./384", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./384/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./384/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./384/cgroup.cpu") = 0 [pid 5063] umount2("./384/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./384/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./384/binderfs") = 0 [pid 5063] umount2("./384/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./384/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./384/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./384/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./384/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./384/file0") = 0 [pid 5063] umount2("./384/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./384/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./384/cgroup") = 0 [pid 5063] umount2("./384/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./384/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./384/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./384") = 0 [pid 5063] mkdir("./385", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6233 attached , child_tidptr=0x5555560b8690) = 1157 [pid 6233] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6233] chdir("./385") = 0 [pid 6233] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6233] setpgid(0, 0) = 0 [pid 6233] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6233] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6233] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6233] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6233] write(3, "1000", 4) = 4 [pid 6233] close(3) = 0 [pid 6233] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6233] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6233] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6233] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6233] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6233] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6233] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6233] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6234 attached => {parent_tid=[1158]}, 88) = 1158 [pid 6234] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6234] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6234] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6234] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6233] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6233] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6234] <... futex resumed>) = 0 [pid 6233] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6234] memfd_create("syzkaller", 0) = 3 [pid 6234] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6234] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6234] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6234] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6234] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6234] close(3) = 0 [pid 6234] mkdir("./file0", 0777) = 0 [pid 6234] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6234] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6234] chdir("./file0") = 0 [pid 6234] ioctl(4, LOOP_CLR_FD) = 0 [pid 6234] close(4) = 0 [pid 6234] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6233] <... futex resumed>) = 0 [pid 6234] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6233] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6234] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6234] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6233] <... futex resumed>) = 0 [pid 6233] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6234] <... openat resumed>) = 4 [pid 6234] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6234] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6233] <... futex resumed>) = 0 [pid 6233] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6234] <... futex resumed>) = 0 [pid 6233] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 278.542850][ T6234] loop0: detected capacity change from 0 to 4096 [ 278.562164][ T6234] ntfs: volume version 3.1. [pid 6234] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6233] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6233] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6233] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6233] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6233] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6233] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6235 attached => {parent_tid=[1159]}, 88) = 1159 [pid 6235] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6233] rt_sigprocmask(SIG_SETMASK, [], [pid 6235] <... rseq resumed>) = 0 [pid 6233] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6235] set_robust_list(0x7eff0a3299a0, 24 [pid 6233] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6235] <... set_robust_list resumed>) = 0 [pid 6235] rt_sigprocmask(SIG_SETMASK, [], [pid 6233] <... futex resumed>) = 0 [pid 6233] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6235] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6235] creat("./file1", 000) = 5 [pid 6235] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6235] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6234] <... write resumed>) = 1048064 [pid 6233] <... futex resumed>) = 0 [pid 6234] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6233] close(3) = 0 [pid 6233] close(4) = 0 [pid 6234] <... futex resumed>) = 0 [pid 6234] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6233] close(5) = 0 [pid 6233] close(6) = -1 EBADF (Bad file descriptor) [pid 6233] close(7) = -1 EBADF (Bad file descriptor) [pid 6233] close(8) = -1 EBADF (Bad file descriptor) [pid 6233] close(9) = -1 EBADF (Bad file descriptor) [pid 6233] close(10) = -1 EBADF (Bad file descriptor) [pid 6233] close(11) = -1 EBADF (Bad file descriptor) [pid 6233] close(12) = -1 EBADF (Bad file descriptor) [pid 6233] close(13) = -1 EBADF (Bad file descriptor) [pid 6233] close(14) = -1 EBADF (Bad file descriptor) [pid 6233] close(15) = -1 EBADF (Bad file descriptor) [pid 6233] close(16) = -1 EBADF (Bad file descriptor) [pid 6233] close(17) = -1 EBADF (Bad file descriptor) [pid 6233] close(18) = -1 EBADF (Bad file descriptor) [pid 6233] close(19) = -1 EBADF (Bad file descriptor) [pid 6233] close(20) = -1 EBADF (Bad file descriptor) [pid 6233] close(21) = -1 EBADF (Bad file descriptor) [pid 6233] close(22) = -1 EBADF (Bad file descriptor) [pid 6233] close(23) = -1 EBADF (Bad file descriptor) [pid 6233] close(24) = -1 EBADF (Bad file descriptor) [pid 6233] close(25) = -1 EBADF (Bad file descriptor) [pid 6233] close(26) = -1 EBADF (Bad file descriptor) [pid 6233] close(27) = -1 EBADF (Bad file descriptor) [pid 6233] close(28) = -1 EBADF (Bad file descriptor) [pid 6233] close(29) = -1 EBADF (Bad file descriptor) [pid 6233] exit_group(0) = ? [pid 6235] <... futex resumed>) = ? [pid 6234] <... futex resumed>) = ? [pid 6235] +++ exited with 0 +++ [pid 6234] +++ exited with 0 +++ [pid 6233] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1157, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./385", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./385", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./385/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./385/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./385/cgroup.cpu") = 0 [pid 5063] umount2("./385/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./385/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./385/binderfs") = 0 [pid 5063] umount2("./385/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./385/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./385/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./385/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./385/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./385/file0") = 0 [pid 5063] umount2("./385/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./385/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./385/cgroup") = 0 [pid 5063] umount2("./385/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./385/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./385/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./385") = 0 [pid 5063] mkdir("./386", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6236 attached [pid 6236] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1160 [pid 6236] <... set_robust_list resumed>) = 0 [pid 6236] chdir("./386") = 0 [pid 6236] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6236] setpgid(0, 0) = 0 [pid 6236] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6236] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6236] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6236] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6236] write(3, "1000", 4) = 4 [pid 6236] close(3) = 0 [pid 6236] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6236] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6236] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6236] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6236] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6236] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6236] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6236] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6237 attached => {parent_tid=[1161]}, 88) = 1161 [pid 6237] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6236] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6236] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6236] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6237] <... rseq resumed>) = 0 [pid 6237] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6237] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6237] memfd_create("syzkaller", 0) = 3 [pid 6237] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6237] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6237] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6237] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6237] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6237] close(3) = 0 [pid 6237] mkdir("./file0", 0777) = 0 [pid 6237] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6237] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6237] chdir("./file0") = 0 [pid 6237] ioctl(4, LOOP_CLR_FD) = 0 [pid 6237] close(4) = 0 [pid 6237] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6236] <... futex resumed>) = 0 [pid 6236] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 279.186887][ T6237] loop0: detected capacity change from 0 to 4096 [ 279.216685][ T6237] ntfs: volume version 3.1. [pid 6236] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6237] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6237] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6237] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6236] <... futex resumed>) = 0 [pid 6236] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6237] <... futex resumed>) = 0 [pid 6236] <... futex resumed>) = 1 [pid 6237] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6236] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6236] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6236] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6236] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6236] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6236] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6238 attached [pid 6238] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6236] <... clone3 resumed> => {parent_tid=[1162]}, 88) = 1162 [pid 6238] <... rseq resumed>) = 0 [pid 6236] rt_sigprocmask(SIG_SETMASK, [], [pid 6238] set_robust_list(0x7eff0a3299a0, 24 [pid 6236] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6238] <... set_robust_list resumed>) = 0 [pid 6236] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6238] rt_sigprocmask(SIG_SETMASK, [], [pid 6236] <... futex resumed>) = 0 [pid 6238] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6236] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6238] creat("./file1", 000) = 5 [pid 6237] <... write resumed>) = 1048064 [pid 6238] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6236] <... futex resumed>) = 0 [pid 6238] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6237] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6237] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6236] close(3) = 0 [pid 6236] close(4) = 0 [pid 6236] close(5) = 0 [pid 6236] close(6) = -1 EBADF (Bad file descriptor) [pid 6236] close(7) = -1 EBADF (Bad file descriptor) [pid 6236] close(8) = -1 EBADF (Bad file descriptor) [pid 6236] close(9) = -1 EBADF (Bad file descriptor) [pid 6236] close(10) = -1 EBADF (Bad file descriptor) [pid 6236] close(11) = -1 EBADF (Bad file descriptor) [pid 6236] close(12) = -1 EBADF (Bad file descriptor) [pid 6236] close(13) = -1 EBADF (Bad file descriptor) [pid 6236] close(14) = -1 EBADF (Bad file descriptor) [pid 6236] close(15) = -1 EBADF (Bad file descriptor) [pid 6236] close(16) = -1 EBADF (Bad file descriptor) [pid 6236] close(17) = -1 EBADF (Bad file descriptor) [pid 6236] close(18) = -1 EBADF (Bad file descriptor) [pid 6236] close(19) = -1 EBADF (Bad file descriptor) [pid 6236] close(20) = -1 EBADF (Bad file descriptor) [pid 6236] close(21) = -1 EBADF (Bad file descriptor) [pid 6236] close(22) = -1 EBADF (Bad file descriptor) [pid 6236] close(23) = -1 EBADF (Bad file descriptor) [pid 6236] close(24) = -1 EBADF (Bad file descriptor) [pid 6236] close(25) = -1 EBADF (Bad file descriptor) [pid 6236] close(26) = -1 EBADF (Bad file descriptor) [pid 6236] close(27) = -1 EBADF (Bad file descriptor) [pid 6236] close(28) = -1 EBADF (Bad file descriptor) [pid 6236] close(29) = -1 EBADF (Bad file descriptor) [pid 6236] exit_group(0 [pid 6237] <... futex resumed>) = ? [pid 6236] <... exit_group resumed>) = ? [pid 6238] <... futex resumed>) = ? [pid 6237] +++ exited with 0 +++ [pid 6238] +++ exited with 0 +++ [pid 6236] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1160, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./386", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./386", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./386/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./386/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./386/cgroup.cpu") = 0 [pid 5063] umount2("./386/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./386/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./386/binderfs") = 0 [pid 5063] umount2("./386/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./386/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./386/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./386/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./386/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./386/file0") = 0 [pid 5063] umount2("./386/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./386/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./386/cgroup") = 0 [pid 5063] umount2("./386/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./386/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./386/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./386") = 0 [pid 5063] mkdir("./387", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6239 attached , child_tidptr=0x5555560b8690) = 1163 [pid 6239] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6239] chdir("./387") = 0 [pid 6239] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6239] setpgid(0, 0) = 0 [pid 6239] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6239] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6239] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6239] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6239] write(3, "1000", 4) = 4 [pid 6239] close(3) = 0 [pid 6239] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6239] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6239] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6239] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6239] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6239] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6239] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6239] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6240 attached => {parent_tid=[1164]}, 88) = 1164 [pid 6240] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6239] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6239] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6239] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6240] <... rseq resumed>) = 0 [pid 6240] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6240] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6240] memfd_create("syzkaller", 0) = 3 [pid 6240] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6240] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6240] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6240] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6240] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6240] close(3) = 0 [pid 6240] mkdir("./file0", 0777) = 0 [pid 6240] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6240] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6240] chdir("./file0") = 0 [pid 6240] ioctl(4, LOOP_CLR_FD) = 0 [pid 6240] close(4) = 0 [pid 6240] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6239] <... futex resumed>) = 0 [pid 6240] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6239] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6240] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6239] <... futex resumed>) = 0 [pid 6240] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 279.872828][ T6240] loop0: detected capacity change from 0 to 4096 [ 279.902653][ T6240] ntfs: volume version 3.1. [pid 6239] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6240] <... openat resumed>) = 4 [pid 6240] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6240] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6239] <... futex resumed>) = 0 [pid 6239] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6240] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6239] <... futex resumed>) = 0 [pid 6239] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6240] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6239] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6239] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6239] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6239] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6239] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6239] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6241 attached [pid 6241] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6239] <... clone3 resumed> => {parent_tid=[1165]}, 88) = 1165 [pid 6241] <... rseq resumed>) = 0 [pid 6239] rt_sigprocmask(SIG_SETMASK, [], [pid 6241] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6239] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6241] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6239] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6241] creat("./file1", 000 [pid 6239] <... futex resumed>) = 0 [pid 6239] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6241] <... creat resumed>) = 5 [pid 6240] <... write resumed>) = 1048064 [pid 6240] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6241] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6239] <... futex resumed>) = 0 [pid 6241] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6239] close(3) = 0 [pid 6239] close(4 [pid 6240] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6239] <... close resumed>) = 0 [pid 6239] close(5) = 0 [pid 6239] close(6) = -1 EBADF (Bad file descriptor) [pid 6239] close(7) = -1 EBADF (Bad file descriptor) [pid 6239] close(8) = -1 EBADF (Bad file descriptor) [pid 6239] close(9) = -1 EBADF (Bad file descriptor) [pid 6239] close(10) = -1 EBADF (Bad file descriptor) [pid 6239] close(11) = -1 EBADF (Bad file descriptor) [pid 6239] close(12) = -1 EBADF (Bad file descriptor) [pid 6239] close(13) = -1 EBADF (Bad file descriptor) [pid 6239] close(14) = -1 EBADF (Bad file descriptor) [pid 6239] close(15) = -1 EBADF (Bad file descriptor) [pid 6239] close(16) = -1 EBADF (Bad file descriptor) [pid 6239] close(17) = -1 EBADF (Bad file descriptor) [pid 6239] close(18) = -1 EBADF (Bad file descriptor) [pid 6239] close(19) = -1 EBADF (Bad file descriptor) [pid 6239] close(20) = -1 EBADF (Bad file descriptor) [pid 6239] close(21) = -1 EBADF (Bad file descriptor) [pid 6239] close(22) = -1 EBADF (Bad file descriptor) [pid 6239] close(23) = -1 EBADF (Bad file descriptor) [pid 6239] close(24) = -1 EBADF (Bad file descriptor) [pid 6239] close(25) = -1 EBADF (Bad file descriptor) [pid 6239] close(26) = -1 EBADF (Bad file descriptor) [pid 6239] close(27) = -1 EBADF (Bad file descriptor) [pid 6239] close(28) = -1 EBADF (Bad file descriptor) [pid 6239] close(29) = -1 EBADF (Bad file descriptor) [pid 6239] exit_group(0 [pid 6241] <... futex resumed>) = ? [pid 6240] <... futex resumed>) = ? [pid 6241] +++ exited with 0 +++ [pid 6239] <... exit_group resumed>) = ? [pid 6240] +++ exited with 0 +++ [pid 6239] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1163, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./387", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./387", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./387/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./387/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./387/cgroup.cpu") = 0 [pid 5063] umount2("./387/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./387/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./387/binderfs") = 0 [pid 5063] umount2("./387/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./387/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./387/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./387/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./387/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./387/file0") = 0 [pid 5063] umount2("./387/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./387/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./387/cgroup") = 0 [pid 5063] umount2("./387/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./387/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./387/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./387") = 0 [pid 5063] mkdir("./388", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6242 attached , child_tidptr=0x5555560b8690) = 1166 [pid 6242] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6242] chdir("./388") = 0 [pid 6242] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6242] setpgid(0, 0) = 0 [pid 6242] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6242] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6242] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6242] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6242] write(3, "1000", 4) = 4 [pid 6242] close(3) = 0 [pid 6242] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6242] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6242] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6242] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6242] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6242] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6242] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6242] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6243 attached => {parent_tid=[1167]}, 88) = 1167 [pid 6243] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6242] rt_sigprocmask(SIG_SETMASK, [], [pid 6243] <... rseq resumed>) = 0 [pid 6242] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6242] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6242] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6243] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6243] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6243] memfd_create("syzkaller", 0) = 3 [pid 6243] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6243] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6243] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6243] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6243] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6243] close(3) = 0 [pid 6243] mkdir("./file0", 0777) = 0 [pid 6243] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6243] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6243] chdir("./file0") = 0 [pid 6243] ioctl(4, LOOP_CLR_FD) = 0 [pid 6243] close(4) = 0 [pid 6243] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6243] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6242] <... futex resumed>) = 0 [pid 6242] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6243] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6242] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6243] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6243] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6242] <... futex resumed>) = 0 [pid 6243] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6242] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6243] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6242] <... futex resumed>) = 0 [pid 6243] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 280.464620][ T6243] loop0: detected capacity change from 0 to 4096 [ 280.494272][ T6243] ntfs: volume version 3.1. [pid 6242] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6242] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6242] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6242] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6242] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6242] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1168]}, 88) = 1168 ./strace-static-x86_64: Process 6244 attached [pid 6242] rt_sigprocmask(SIG_SETMASK, [], [pid 6244] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6244] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6242] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6244] rt_sigprocmask(SIG_SETMASK, [], [pid 6242] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6244] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6244] creat("./file1", 000 [pid 6242] <... futex resumed>) = 0 [pid 6244] <... creat resumed>) = 5 [pid 6243] <... write resumed>) = 1048064 [pid 6242] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6243] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6244] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6244] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6243] <... futex resumed>) = 0 [pid 6242] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6243] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6242] close(3) = 0 [pid 6242] close(4) = 0 [pid 6242] close(5) = 0 [pid 6242] close(6) = -1 EBADF (Bad file descriptor) [pid 6242] close(7) = -1 EBADF (Bad file descriptor) [pid 6242] close(8) = -1 EBADF (Bad file descriptor) [pid 6242] close(9) = -1 EBADF (Bad file descriptor) [pid 6242] close(10) = -1 EBADF (Bad file descriptor) [pid 6242] close(11) = -1 EBADF (Bad file descriptor) [pid 6242] close(12) = -1 EBADF (Bad file descriptor) [pid 6242] close(13) = -1 EBADF (Bad file descriptor) [pid 6242] close(14) = -1 EBADF (Bad file descriptor) [pid 6242] close(15) = -1 EBADF (Bad file descriptor) [pid 6242] close(16) = -1 EBADF (Bad file descriptor) [pid 6242] close(17) = -1 EBADF (Bad file descriptor) [pid 6242] close(18) = -1 EBADF (Bad file descriptor) [pid 6242] close(19) = -1 EBADF (Bad file descriptor) [pid 6242] close(20) = -1 EBADF (Bad file descriptor) [pid 6242] close(21) = -1 EBADF (Bad file descriptor) [pid 6242] close(22) = -1 EBADF (Bad file descriptor) [pid 6242] close(23) = -1 EBADF (Bad file descriptor) [pid 6242] close(24) = -1 EBADF (Bad file descriptor) [pid 6242] close(25) = -1 EBADF (Bad file descriptor) [pid 6242] close(26) = -1 EBADF (Bad file descriptor) [pid 6242] close(27) = -1 EBADF (Bad file descriptor) [pid 6242] close(28) = -1 EBADF (Bad file descriptor) [pid 6242] close(29) = -1 EBADF (Bad file descriptor) [pid 6242] exit_group(0 [pid 6244] <... futex resumed>) = ? [pid 6243] <... futex resumed>) = ? [pid 6242] <... exit_group resumed>) = ? [pid 6244] +++ exited with 0 +++ [pid 6243] +++ exited with 0 +++ [pid 6242] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1166, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./388", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./388", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./388/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./388/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./388/cgroup.cpu") = 0 [pid 5063] umount2("./388/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./388/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./388/binderfs") = 0 [pid 5063] umount2("./388/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./388/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./388/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./388/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./388/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./388/file0") = 0 [pid 5063] umount2("./388/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./388/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./388/cgroup") = 0 [pid 5063] umount2("./388/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./388/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./388/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./388") = 0 [pid 5063] mkdir("./389", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6245 attached , child_tidptr=0x5555560b8690) = 1169 [pid 6245] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6245] chdir("./389") = 0 [pid 6245] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6245] setpgid(0, 0) = 0 [pid 6245] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6245] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6245] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6245] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6245] write(3, "1000", 4) = 4 [pid 6245] close(3) = 0 [pid 6245] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6245] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6245] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6245] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6245] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6245] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6245] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6246 attached => {parent_tid=[1170]}, 88) = 1170 [pid 6246] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6245] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6246] <... rseq resumed>) = 0 [pid 6245] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6246] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6245] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6246] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6246] memfd_create("syzkaller", 0) = 3 [pid 6246] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6246] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6246] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6246] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6246] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6246] close(3) = 0 [pid 6246] mkdir("./file0", 0777) = 0 [pid 6246] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6246] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6246] chdir("./file0") = 0 [pid 6246] ioctl(4, LOOP_CLR_FD) = 0 [pid 6246] close(4) = 0 [pid 6246] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6245] <... futex resumed>) = 0 [pid 6246] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6245] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6246] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6245] <... futex resumed>) = 0 [pid 6246] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6245] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6246] <... openat resumed>) = 4 [ 280.972030][ T6246] loop0: detected capacity change from 0 to 4096 [ 281.005499][ T6246] ntfs: volume version 3.1. [pid 6246] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6245] <... futex resumed>) = 0 [pid 6246] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6245] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6246] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6245] <... futex resumed>) = 0 [pid 6246] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6245] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6245] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6245] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6245] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6245] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6245] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6247 attached [pid 6247] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6245] <... clone3 resumed> => {parent_tid=[1171]}, 88) = 1171 [pid 6247] set_robust_list(0x7eff0a3299a0, 24 [pid 6245] rt_sigprocmask(SIG_SETMASK, [], [pid 6247] <... set_robust_list resumed>) = 0 [pid 6247] rt_sigprocmask(SIG_SETMASK, [], [pid 6245] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6247] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6245] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6247] creat("./file1", 000 [pid 6245] <... futex resumed>) = 0 [pid 6245] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6247] <... creat resumed>) = 5 [pid 6246] <... write resumed>) = 1048064 [pid 6247] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6246] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6245] <... futex resumed>) = 0 [pid 6247] <... futex resumed>) = 1 [pid 6246] <... futex resumed>) = 0 [pid 6245] close(3 [pid 6247] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6246] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6245] <... close resumed>) = 0 [pid 6245] close(4) = 0 [pid 6245] close(5) = 0 [pid 6245] close(6) = -1 EBADF (Bad file descriptor) [pid 6245] close(7) = -1 EBADF (Bad file descriptor) [pid 6245] close(8) = -1 EBADF (Bad file descriptor) [pid 6245] close(9) = -1 EBADF (Bad file descriptor) [pid 6245] close(10) = -1 EBADF (Bad file descriptor) [pid 6245] close(11) = -1 EBADF (Bad file descriptor) [pid 6245] close(12) = -1 EBADF (Bad file descriptor) [pid 6245] close(13) = -1 EBADF (Bad file descriptor) [pid 6245] close(14) = -1 EBADF (Bad file descriptor) [pid 6245] close(15) = -1 EBADF (Bad file descriptor) [pid 6245] close(16) = -1 EBADF (Bad file descriptor) [pid 6245] close(17) = -1 EBADF (Bad file descriptor) [pid 6245] close(18) = -1 EBADF (Bad file descriptor) [pid 6245] close(19) = -1 EBADF (Bad file descriptor) [pid 6245] close(20) = -1 EBADF (Bad file descriptor) [pid 6245] close(21) = -1 EBADF (Bad file descriptor) [pid 6245] close(22) = -1 EBADF (Bad file descriptor) [pid 6245] close(23) = -1 EBADF (Bad file descriptor) [pid 6245] close(24) = -1 EBADF (Bad file descriptor) [pid 6245] close(25) = -1 EBADF (Bad file descriptor) [pid 6245] close(26) = -1 EBADF (Bad file descriptor) [pid 6245] close(27) = -1 EBADF (Bad file descriptor) [pid 6245] close(28) = -1 EBADF (Bad file descriptor) [pid 6245] close(29) = -1 EBADF (Bad file descriptor) [pid 6245] exit_group(0) = ? [pid 6247] <... futex resumed>) = ? [pid 6246] <... futex resumed>) = ? [pid 6246] +++ exited with 0 +++ [pid 6247] +++ exited with 0 +++ [pid 6245] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1169, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./389", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./389", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./389/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./389/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./389/cgroup.cpu") = 0 [pid 5063] umount2("./389/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./389/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./389/binderfs") = 0 [pid 5063] umount2("./389/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./389/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./389/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./389/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./389/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./389/file0") = 0 [pid 5063] umount2("./389/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./389/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./389/cgroup") = 0 [pid 5063] umount2("./389/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./389/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./389/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./389") = 0 [pid 5063] mkdir("./390", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1172 ./strace-static-x86_64: Process 6248 attached [pid 6248] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6248] chdir("./390") = 0 [pid 6248] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6248] setpgid(0, 0) = 0 [pid 6248] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6248] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6248] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6248] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6248] write(3, "1000", 4) = 4 [pid 6248] close(3) = 0 [pid 6248] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6248] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6248] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6248] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6248] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6248] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6248] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6248] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6249 attached [pid 6249] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6248] <... clone3 resumed> => {parent_tid=[1173]}, 88) = 1173 [pid 6249] set_robust_list(0x7eff0a34a9a0, 24 [pid 6248] rt_sigprocmask(SIG_SETMASK, [], [pid 6249] <... set_robust_list resumed>) = 0 [pid 6249] rt_sigprocmask(SIG_SETMASK, [], [pid 6248] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6249] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6248] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6248] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6249] memfd_create("syzkaller", 0) = 3 [pid 6249] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6249] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6249] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6249] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6249] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6249] close(3) = 0 [pid 6249] mkdir("./file0", 0777) = 0 [pid 6249] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6249] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6249] chdir("./file0") = 0 [pid 6249] ioctl(4, LOOP_CLR_FD) = 0 [pid 6249] close(4) = 0 [pid 6249] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6248] <... futex resumed>) = 0 [pid 6249] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6248] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6249] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6248] <... futex resumed>) = 0 [pid 6249] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6248] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6249] <... openat resumed>) = 4 [pid 6249] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6248] <... futex resumed>) = 0 [pid 6249] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6248] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6249] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6248] <... futex resumed>) = 0 [ 281.541846][ T6249] loop0: detected capacity change from 0 to 4096 [ 281.576153][ T6249] ntfs: volume version 3.1. [pid 6248] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6248] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6248] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6248] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6248] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6248] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6250 attached => {parent_tid=[1174]}, 88) = 1174 [pid 6250] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6248] rt_sigprocmask(SIG_SETMASK, [], [pid 6250] <... rseq resumed>) = 0 [pid 6248] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6250] set_robust_list(0x7eff0a3299a0, 24 [pid 6248] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6250] <... set_robust_list resumed>) = 0 [pid 6248] <... futex resumed>) = 0 [pid 6250] rt_sigprocmask(SIG_SETMASK, [], [pid 6248] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6250] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6250] creat("./file1", 000) = 5 [pid 6249] <... write resumed>) = 1048064 [pid 6250] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6249] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6248] <... futex resumed>) = 0 [pid 6250] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6249] <... futex resumed>) = 0 [pid 6249] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6248] close(3) = 0 [pid 6248] close(4) = 0 [pid 6248] close(5) = 0 [pid 6248] close(6) = -1 EBADF (Bad file descriptor) [pid 6248] close(7) = -1 EBADF (Bad file descriptor) [pid 6248] close(8) = -1 EBADF (Bad file descriptor) [pid 6248] close(9) = -1 EBADF (Bad file descriptor) [pid 6248] close(10) = -1 EBADF (Bad file descriptor) [pid 6248] close(11) = -1 EBADF (Bad file descriptor) [pid 6248] close(12) = -1 EBADF (Bad file descriptor) [pid 6248] close(13) = -1 EBADF (Bad file descriptor) [pid 6248] close(14) = -1 EBADF (Bad file descriptor) [pid 6248] close(15) = -1 EBADF (Bad file descriptor) [pid 6248] close(16) = -1 EBADF (Bad file descriptor) [pid 6248] close(17) = -1 EBADF (Bad file descriptor) [pid 6248] close(18) = -1 EBADF (Bad file descriptor) [pid 6248] close(19) = -1 EBADF (Bad file descriptor) [pid 6248] close(20) = -1 EBADF (Bad file descriptor) [pid 6248] close(21) = -1 EBADF (Bad file descriptor) [pid 6248] close(22) = -1 EBADF (Bad file descriptor) [pid 6248] close(23) = -1 EBADF (Bad file descriptor) [pid 6248] close(24) = -1 EBADF (Bad file descriptor) [pid 6248] close(25) = -1 EBADF (Bad file descriptor) [pid 6248] close(26) = -1 EBADF (Bad file descriptor) [pid 6248] close(27) = -1 EBADF (Bad file descriptor) [pid 6248] close(28) = -1 EBADF (Bad file descriptor) [pid 6248] close(29) = -1 EBADF (Bad file descriptor) [pid 6248] exit_group(0 [pid 6250] <... futex resumed>) = ? [pid 6248] <... exit_group resumed>) = ? [pid 6250] +++ exited with 0 +++ [pid 6249] <... futex resumed>) = ? [pid 6249] +++ exited with 0 +++ [pid 6248] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1172, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./390", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./390", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./390/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./390/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./390/cgroup.cpu") = 0 [pid 5063] umount2("./390/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./390/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./390/binderfs") = 0 [pid 5063] umount2("./390/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./390/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./390/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./390/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./390/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./390/file0") = 0 [pid 5063] umount2("./390/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./390/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./390/cgroup") = 0 [pid 5063] umount2("./390/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./390/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./390/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./390") = 0 [pid 5063] mkdir("./391", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6251 attached , child_tidptr=0x5555560b8690) = 1175 [pid 6251] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6251] chdir("./391") = 0 [pid 6251] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6251] setpgid(0, 0) = 0 [pid 6251] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6251] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6251] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6251] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6251] write(3, "1000", 4) = 4 [pid 6251] close(3) = 0 [pid 6251] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6251] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6251] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6251] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6251] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6251] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6251] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6252 attached [pid 6252] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6251] <... clone3 resumed> => {parent_tid=[1176]}, 88) = 1176 [pid 6252] <... rseq resumed>) = 0 [pid 6252] set_robust_list(0x7eff0a34a9a0, 24 [pid 6251] rt_sigprocmask(SIG_SETMASK, [], [pid 6252] <... set_robust_list resumed>) = 0 [pid 6251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6252] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6252] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6251] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6252] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6251] <... futex resumed>) = 0 [pid 6251] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6252] memfd_create("syzkaller", 0) = 3 [pid 6252] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6252] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6252] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6252] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6252] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6252] close(3) = 0 [pid 6252] mkdir("./file0", 0777) = 0 [pid 6252] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6252] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6252] chdir("./file0") = 0 [pid 6252] ioctl(4, LOOP_CLR_FD) = 0 [pid 6252] close(4) = 0 [pid 6252] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6251] <... futex resumed>) = 0 [pid 6252] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6251] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 282.062955][ T6252] loop0: detected capacity change from 0 to 4096 [ 282.088056][ T6252] ntfs: volume version 3.1. [pid 6251] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6252] <... openat resumed>) = 4 [pid 6252] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6251] <... futex resumed>) = 0 [pid 6252] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6251] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6251] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6251] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6251] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6251] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6251] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6251] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6253 attached [pid 6253] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6251] <... clone3 resumed> => {parent_tid=[1177]}, 88) = 1177 [pid 6253] <... rseq resumed>) = 0 [pid 6251] rt_sigprocmask(SIG_SETMASK, [], [pid 6253] set_robust_list(0x7eff0a3299a0, 24 [pid 6251] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6253] <... set_robust_list resumed>) = 0 [pid 6251] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6253] rt_sigprocmask(SIG_SETMASK, [], [pid 6251] <... futex resumed>) = 0 [pid 6253] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6251] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6253] creat("./file1", 000) = 5 [pid 6253] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6252] <... write resumed>) = 1048064 [pid 6253] <... futex resumed>) = 1 [pid 6251] <... futex resumed>) = 0 [pid 6252] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6251] close(3 [pid 6252] <... futex resumed>) = 0 [pid 6251] <... close resumed>) = 0 [pid 6252] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6251] close(4) = 0 [pid 6251] close(5) = 0 [pid 6253] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6251] close(6) = -1 EBADF (Bad file descriptor) [pid 6251] close(7) = -1 EBADF (Bad file descriptor) [pid 6251] close(8) = -1 EBADF (Bad file descriptor) [pid 6251] close(9) = -1 EBADF (Bad file descriptor) [pid 6251] close(10) = -1 EBADF (Bad file descriptor) [pid 6251] close(11) = -1 EBADF (Bad file descriptor) [pid 6251] close(12) = -1 EBADF (Bad file descriptor) [pid 6251] close(13) = -1 EBADF (Bad file descriptor) [pid 6251] close(14) = -1 EBADF (Bad file descriptor) [pid 6251] close(15) = -1 EBADF (Bad file descriptor) [pid 6251] close(16) = -1 EBADF (Bad file descriptor) [pid 6251] close(17) = -1 EBADF (Bad file descriptor) [pid 6251] close(18) = -1 EBADF (Bad file descriptor) [pid 6251] close(19) = -1 EBADF (Bad file descriptor) [pid 6251] close(20) = -1 EBADF (Bad file descriptor) [pid 6251] close(21) = -1 EBADF (Bad file descriptor) [pid 6251] close(22) = -1 EBADF (Bad file descriptor) [pid 6251] close(23) = -1 EBADF (Bad file descriptor) [pid 6251] close(24) = -1 EBADF (Bad file descriptor) [pid 6251] close(25) = -1 EBADF (Bad file descriptor) [pid 6251] close(26) = -1 EBADF (Bad file descriptor) [pid 6251] close(27) = -1 EBADF (Bad file descriptor) [pid 6251] close(28) = -1 EBADF (Bad file descriptor) [pid 6251] close(29) = -1 EBADF (Bad file descriptor) [pid 6251] exit_group(0) = ? [pid 6252] <... futex resumed>) = ? [pid 6253] <... futex resumed>) = ? [pid 6252] +++ exited with 0 +++ [pid 6253] +++ exited with 0 +++ [pid 6251] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1175, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./391", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./391", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./391/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./391/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./391/cgroup.cpu") = 0 [pid 5063] umount2("./391/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./391/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./391/binderfs") = 0 [pid 5063] umount2("./391/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./391/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./391/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./391/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./391/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./391/file0") = 0 [pid 5063] umount2("./391/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./391/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./391/cgroup") = 0 [pid 5063] umount2("./391/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./391/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./391/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./391") = 0 [pid 5063] mkdir("./392", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6254 attached [pid 6254] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1178 [pid 6254] <... set_robust_list resumed>) = 0 [pid 6254] chdir("./392") = 0 [pid 6254] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6254] setpgid(0, 0) = 0 [pid 6254] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6254] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6254] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6254] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6254] write(3, "1000", 4) = 4 [pid 6254] close(3) = 0 [pid 6254] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6254] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6254] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6254] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6254] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6254] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6254] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6254] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6255 attached => {parent_tid=[1179]}, 88) = 1179 [pid 6255] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6254] rt_sigprocmask(SIG_SETMASK, [], [pid 6255] <... rseq resumed>) = 0 [pid 6255] set_robust_list(0x7eff0a34a9a0, 24 [pid 6254] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6254] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6255] <... set_robust_list resumed>) = 0 [pid 6254] <... futex resumed>) = 0 [pid 6254] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6255] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6255] memfd_create("syzkaller", 0) = 3 [pid 6255] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6255] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6255] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6255] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6255] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6255] close(3) = 0 [pid 6255] mkdir("./file0", 0777) = 0 [ 282.613612][ T6255] loop0: detected capacity change from 0 to 4096 [ 282.628279][ T6255] __ntfs_warning: 170 callbacks suppressed [ 282.628289][ T6255] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 282.654883][ T6255] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 282.664437][ T6255] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 282.680180][ T6255] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 282.688914][ T6255] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 282.708889][ T6255] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 282.717620][ T6255] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 282.737746][ T6255] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6255] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6255] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6255] chdir("./file0") = 0 [pid 6255] ioctl(4, LOOP_CLR_FD) = 0 [pid 6255] close(4) = 0 [pid 6255] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6255] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6254] <... futex resumed>) = 0 [pid 6254] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6255] <... futex resumed>) = 0 [pid 6254] <... futex resumed>) = 1 [pid 6255] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6254] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6255] <... openat resumed>) = 4 [pid 6255] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6254] <... futex resumed>) = 0 [pid 6255] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6254] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6255] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6255] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6254] <... futex resumed>) = 0 [ 282.746458][ T6255] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 282.766557][ T6255] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 282.777072][ T6255] ntfs: volume version 3.1. [pid 6254] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6254] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6254] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6254] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6254] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6254] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6256 attached => {parent_tid=[1180]}, 88) = 1180 [pid 6256] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6254] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6256] set_robust_list(0x7eff0a3299a0, 24 [pid 6254] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6254] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6256] <... set_robust_list resumed>) = 0 [pid 6256] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6256] creat("./file1", 000) = 5 [pid 6256] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6255] <... write resumed>) = 1048064 [pid 6256] <... futex resumed>) = 1 [pid 6255] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6254] <... futex resumed>) = 0 [pid 6256] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6255] <... futex resumed>) = 0 [pid 6254] close(3 [pid 6255] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6254] <... close resumed>) = 0 [pid 6254] close(4) = 0 [pid 6254] close(5) = 0 [pid 6254] close(6) = -1 EBADF (Bad file descriptor) [pid 6254] close(7) = -1 EBADF (Bad file descriptor) [pid 6254] close(8) = -1 EBADF (Bad file descriptor) [pid 6254] close(9) = -1 EBADF (Bad file descriptor) [pid 6254] close(10) = -1 EBADF (Bad file descriptor) [pid 6254] close(11) = -1 EBADF (Bad file descriptor) [pid 6254] close(12) = -1 EBADF (Bad file descriptor) [pid 6254] close(13) = -1 EBADF (Bad file descriptor) [pid 6254] close(14) = -1 EBADF (Bad file descriptor) [pid 6254] close(15) = -1 EBADF (Bad file descriptor) [pid 6254] close(16) = -1 EBADF (Bad file descriptor) [pid 6254] close(17) = -1 EBADF (Bad file descriptor) [pid 6254] close(18) = -1 EBADF (Bad file descriptor) [pid 6254] close(19) = -1 EBADF (Bad file descriptor) [pid 6254] close(20) = -1 EBADF (Bad file descriptor) [pid 6254] close(21) = -1 EBADF (Bad file descriptor) [pid 6254] close(22) = -1 EBADF (Bad file descriptor) [pid 6254] close(23) = -1 EBADF (Bad file descriptor) [pid 6254] close(24) = -1 EBADF (Bad file descriptor) [pid 6254] close(25) = -1 EBADF (Bad file descriptor) [pid 6254] close(26) = -1 EBADF (Bad file descriptor) [pid 6254] close(27) = -1 EBADF (Bad file descriptor) [pid 6254] close(28) = -1 EBADF (Bad file descriptor) [pid 6254] close(29) = -1 EBADF (Bad file descriptor) [pid 6254] exit_group(0) = ? [pid 6256] <... futex resumed>) = ? [pid 6255] <... futex resumed>) = ? [pid 6256] +++ exited with 0 +++ [pid 6255] +++ exited with 0 +++ [pid 6254] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1178, si_uid=0, si_status=0, si_utime=0, si_stime=25 /* 0.25 s */} --- [pid 5063] umount2("./392", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./392", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./392/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./392/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./392/cgroup.cpu") = 0 [pid 5063] umount2("./392/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./392/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./392/binderfs") = 0 [pid 5063] umount2("./392/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./392/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./392/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./392/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./392/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./392/file0") = 0 [pid 5063] umount2("./392/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./392/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./392/cgroup") = 0 [pid 5063] umount2("./392/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./392/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./392/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./392") = 0 [pid 5063] mkdir("./393", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6257 attached , child_tidptr=0x5555560b8690) = 1181 [pid 6257] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6257] chdir("./393") = 0 [pid 6257] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6257] setpgid(0, 0) = 0 [pid 6257] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6257] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6257] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6257] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6257] write(3, "1000", 4) = 4 [pid 6257] close(3) = 0 [pid 6257] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6257] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6257] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6257] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6257] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6257] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6257] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6257] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6258 attached => {parent_tid=[1182]}, 88) = 1182 [pid 6258] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6257] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6257] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6257] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6258] <... rseq resumed>) = 0 [pid 6258] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6258] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6258] memfd_create("syzkaller", 0) = 3 [pid 6258] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6258] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6258] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6258] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6258] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6258] close(3) = 0 [pid 6258] mkdir("./file0", 0777) = 0 [pid 6258] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6258] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6258] chdir("./file0") = 0 [pid 6258] ioctl(4, LOOP_CLR_FD) = 0 [pid 6258] close(4) = 0 [pid 6258] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6258] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6257] <... futex resumed>) = 0 [pid 6257] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6258] <... futex resumed>) = 0 [pid 6257] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6258] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6258] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6257] <... futex resumed>) = 0 [pid 6258] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6257] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6258] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6257] <... futex resumed>) = 0 [pid 6258] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 283.402530][ T6258] loop0: detected capacity change from 0 to 4096 [ 283.433647][ T6258] ntfs: volume version 3.1. [pid 6257] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6257] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6257] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6257] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6257] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6257] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6259 attached => {parent_tid=[1183]}, 88) = 1183 [pid 6259] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6257] rt_sigprocmask(SIG_SETMASK, [], [pid 6259] <... rseq resumed>) = 0 [pid 6257] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6259] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6259] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6259] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6257] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6259] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6257] <... futex resumed>) = 0 [pid 6257] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6259] creat("./file1", 000) = 5 [pid 6259] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6258] <... write resumed>) = 1048064 [pid 6259] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6257] <... futex resumed>) = 0 [pid 6258] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6257] close(3) = 0 [pid 6257] close(4 [pid 6258] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6257] <... close resumed>) = 0 [pid 6257] close(5) = 0 [pid 6257] close(6) = -1 EBADF (Bad file descriptor) [pid 6257] close(7) = -1 EBADF (Bad file descriptor) [pid 6257] close(8) = -1 EBADF (Bad file descriptor) [pid 6257] close(9) = -1 EBADF (Bad file descriptor) [pid 6257] close(10) = -1 EBADF (Bad file descriptor) [pid 6257] close(11) = -1 EBADF (Bad file descriptor) [pid 6257] close(12) = -1 EBADF (Bad file descriptor) [pid 6257] close(13) = -1 EBADF (Bad file descriptor) [pid 6257] close(14) = -1 EBADF (Bad file descriptor) [pid 6257] close(15) = -1 EBADF (Bad file descriptor) [pid 6257] close(16) = -1 EBADF (Bad file descriptor) [pid 6257] close(17) = -1 EBADF (Bad file descriptor) [pid 6257] close(18) = -1 EBADF (Bad file descriptor) [pid 6257] close(19) = -1 EBADF (Bad file descriptor) [pid 6257] close(20) = -1 EBADF (Bad file descriptor) [pid 6257] close(21) = -1 EBADF (Bad file descriptor) [pid 6257] close(22) = -1 EBADF (Bad file descriptor) [pid 6257] close(23) = -1 EBADF (Bad file descriptor) [pid 6257] close(24) = -1 EBADF (Bad file descriptor) [pid 6257] close(25) = -1 EBADF (Bad file descriptor) [pid 6257] close(26) = -1 EBADF (Bad file descriptor) [pid 6257] close(27) = -1 EBADF (Bad file descriptor) [pid 6257] close(28) = -1 EBADF (Bad file descriptor) [pid 6257] close(29) = -1 EBADF (Bad file descriptor) [pid 6257] exit_group(0 [pid 6258] <... futex resumed>) = ? [pid 6259] <... futex resumed>) = ? [pid 6257] <... exit_group resumed>) = ? [pid 6259] +++ exited with 0 +++ [pid 6258] +++ exited with 0 +++ [pid 6257] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1181, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5063] umount2("./393", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./393", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./393/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./393/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./393/cgroup.cpu") = 0 [pid 5063] umount2("./393/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./393/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./393/binderfs") = 0 [pid 5063] umount2("./393/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./393/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./393/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./393/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./393/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./393/file0") = 0 [pid 5063] umount2("./393/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./393/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./393/cgroup") = 0 [pid 5063] umount2("./393/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./393/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./393/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./393") = 0 [pid 5063] mkdir("./394", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6260 attached , child_tidptr=0x5555560b8690) = 1184 [pid 6260] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6260] chdir("./394") = 0 [pid 6260] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6260] setpgid(0, 0) = 0 [pid 6260] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6260] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6260] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6260] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6260] write(3, "1000", 4) = 4 [pid 6260] close(3) = 0 [pid 6260] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6260] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6260] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6260] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6260] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6260] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6260] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6260] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6261 attached => {parent_tid=[1185]}, 88) = 1185 [pid 6261] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6260] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6260] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6261] <... rseq resumed>) = 0 [pid 6261] set_robust_list(0x7eff0a34a9a0, 24 [pid 6260] <... futex resumed>) = 0 [pid 6261] <... set_robust_list resumed>) = 0 [pid 6260] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6261] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6261] memfd_create("syzkaller", 0) = 3 [pid 6261] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6261] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6261] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6261] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6261] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6261] close(3) = 0 [pid 6261] mkdir("./file0", 0777) = 0 [pid 6261] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6261] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6261] chdir("./file0") = 0 [pid 6261] ioctl(4, LOOP_CLR_FD) = 0 [pid 6261] close(4) = 0 [pid 6261] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6260] <... futex resumed>) = 0 [pid 6260] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6260] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6261] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6261] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6260] <... futex resumed>) = 0 [pid 6261] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6260] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6261] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6260] <... futex resumed>) = 0 [pid 6261] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 284.032126][ T6261] loop0: detected capacity change from 0 to 4096 [ 284.064372][ T6261] ntfs: volume version 3.1. [pid 6260] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6260] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6260] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6260] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6260] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6260] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6262 attached => {parent_tid=[1186]}, 88) = 1186 [pid 6262] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6260] rt_sigprocmask(SIG_SETMASK, [], [pid 6262] <... rseq resumed>) = 0 [pid 6260] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6262] set_robust_list(0x7eff0a3299a0, 24 [pid 6260] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6262] <... set_robust_list resumed>) = 0 [pid 6260] <... futex resumed>) = 0 [pid 6262] rt_sigprocmask(SIG_SETMASK, [], [pid 6260] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6262] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6262] creat("./file1", 000) = 5 [pid 6261] <... write resumed>) = 1048064 [pid 6262] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6261] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6262] <... futex resumed>) = 1 [pid 6260] <... futex resumed>) = 0 [pid 6262] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6261] <... futex resumed>) = 0 [pid 6260] close(3 [pid 6261] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6260] <... close resumed>) = 0 [pid 6260] close(4) = 0 [pid 6260] close(5) = 0 [pid 6260] close(6) = -1 EBADF (Bad file descriptor) [pid 6260] close(7) = -1 EBADF (Bad file descriptor) [pid 6260] close(8) = -1 EBADF (Bad file descriptor) [pid 6260] close(9) = -1 EBADF (Bad file descriptor) [pid 6260] close(10) = -1 EBADF (Bad file descriptor) [pid 6260] close(11) = -1 EBADF (Bad file descriptor) [pid 6260] close(12) = -1 EBADF (Bad file descriptor) [pid 6260] close(13) = -1 EBADF (Bad file descriptor) [pid 6260] close(14) = -1 EBADF (Bad file descriptor) [pid 6260] close(15) = -1 EBADF (Bad file descriptor) [pid 6260] close(16) = -1 EBADF (Bad file descriptor) [pid 6260] close(17) = -1 EBADF (Bad file descriptor) [pid 6260] close(18) = -1 EBADF (Bad file descriptor) [pid 6260] close(19) = -1 EBADF (Bad file descriptor) [pid 6260] close(20) = -1 EBADF (Bad file descriptor) [pid 6260] close(21) = -1 EBADF (Bad file descriptor) [pid 6260] close(22) = -1 EBADF (Bad file descriptor) [pid 6260] close(23) = -1 EBADF (Bad file descriptor) [pid 6260] close(24) = -1 EBADF (Bad file descriptor) [pid 6260] close(25) = -1 EBADF (Bad file descriptor) [pid 6260] close(26) = -1 EBADF (Bad file descriptor) [pid 6260] close(27) = -1 EBADF (Bad file descriptor) [pid 6260] close(28) = -1 EBADF (Bad file descriptor) [pid 6260] close(29) = -1 EBADF (Bad file descriptor) [pid 6260] exit_group(0) = ? [pid 6262] <... futex resumed>) = ? [pid 6261] <... futex resumed>) = ? [pid 6261] +++ exited with 0 +++ [pid 6262] +++ exited with 0 +++ [pid 6260] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1184, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./394", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./394", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./394/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./394/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./394/cgroup.cpu") = 0 [pid 5063] umount2("./394/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./394/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./394/binderfs") = 0 [pid 5063] umount2("./394/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./394/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./394/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./394/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./394/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./394/file0") = 0 [pid 5063] umount2("./394/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./394/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./394/cgroup") = 0 [pid 5063] umount2("./394/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./394/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./394/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./394") = 0 [pid 5063] mkdir("./395", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6263 attached [pid 6263] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1187 [pid 6263] <... set_robust_list resumed>) = 0 [pid 6263] chdir("./395") = 0 [pid 6263] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6263] setpgid(0, 0) = 0 [pid 6263] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6263] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6263] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6263] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6263] write(3, "1000", 4) = 4 [pid 6263] close(3) = 0 [pid 6263] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6263] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6263] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6263] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6263] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6263] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6263] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6263] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6264 attached [pid 6264] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6263] <... clone3 resumed> => {parent_tid=[1188]}, 88) = 1188 [pid 6264] <... rseq resumed>) = 0 [pid 6264] set_robust_list(0x7eff0a34a9a0, 24 [pid 6263] rt_sigprocmask(SIG_SETMASK, [], [pid 6264] <... set_robust_list resumed>) = 0 [pid 6263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6264] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6263] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6263] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6264] memfd_create("syzkaller", 0) = 3 [pid 6264] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6264] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6264] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6264] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6264] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6264] close(3) = 0 [pid 6264] mkdir("./file0", 0777) = 0 [pid 6264] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6264] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6264] chdir("./file0") = 0 [pid 6264] ioctl(4, LOOP_CLR_FD) = 0 [pid 6264] close(4) = 0 [pid 6264] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6263] <... futex resumed>) = 0 [pid 6263] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6264] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6263] <... futex resumed>) = 0 [pid 6264] <... openat resumed>) = 4 [pid 6263] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 284.669607][ T6264] loop0: detected capacity change from 0 to 4096 [ 284.694790][ T6264] ntfs: volume version 3.1. [pid 6264] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6263] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6264] <... futex resumed>) = 0 [pid 6263] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6264] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6263] <... futex resumed>) = 0 [pid 6263] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6263] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6263] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6263] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6263] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6263] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6265 attached [pid 6265] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6263] <... clone3 resumed> => {parent_tid=[1189]}, 88) = 1189 [pid 6265] <... rseq resumed>) = 0 [pid 6265] set_robust_list(0x7eff0a3299a0, 24 [pid 6263] rt_sigprocmask(SIG_SETMASK, [], [pid 6265] <... set_robust_list resumed>) = 0 [pid 6263] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6265] rt_sigprocmask(SIG_SETMASK, [], [pid 6263] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6265] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6264] <... write resumed>) = 1048064 [pid 6263] <... futex resumed>) = 0 [pid 6265] creat("./file1", 000 [pid 6264] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6263] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6264] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6265] <... creat resumed>) = 5 [pid 6265] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6263] <... futex resumed>) = 0 [pid 6265] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6263] close(3) = 0 [pid 6263] close(4) = 0 [pid 6263] close(5) = 0 [pid 6263] close(6) = -1 EBADF (Bad file descriptor) [pid 6263] close(7) = -1 EBADF (Bad file descriptor) [pid 6263] close(8) = -1 EBADF (Bad file descriptor) [pid 6263] close(9) = -1 EBADF (Bad file descriptor) [pid 6263] close(10) = -1 EBADF (Bad file descriptor) [pid 6263] close(11) = -1 EBADF (Bad file descriptor) [pid 6263] close(12) = -1 EBADF (Bad file descriptor) [pid 6263] close(13) = -1 EBADF (Bad file descriptor) [pid 6263] close(14) = -1 EBADF (Bad file descriptor) [pid 6263] close(15) = -1 EBADF (Bad file descriptor) [pid 6263] close(16) = -1 EBADF (Bad file descriptor) [pid 6263] close(17) = -1 EBADF (Bad file descriptor) [pid 6263] close(18) = -1 EBADF (Bad file descriptor) [pid 6263] close(19) = -1 EBADF (Bad file descriptor) [pid 6263] close(20) = -1 EBADF (Bad file descriptor) [pid 6263] close(21) = -1 EBADF (Bad file descriptor) [pid 6263] close(22) = -1 EBADF (Bad file descriptor) [pid 6263] close(23) = -1 EBADF (Bad file descriptor) [pid 6263] close(24) = -1 EBADF (Bad file descriptor) [pid 6263] close(25) = -1 EBADF (Bad file descriptor) [pid 6263] close(26) = -1 EBADF (Bad file descriptor) [pid 6263] close(27) = -1 EBADF (Bad file descriptor) [pid 6263] close(28) = -1 EBADF (Bad file descriptor) [pid 6263] close(29) = -1 EBADF (Bad file descriptor) [pid 6263] exit_group(0) = ? [pid 6265] <... futex resumed>) = ? [pid 6264] <... futex resumed>) = ? [pid 6265] +++ exited with 0 +++ [pid 6264] +++ exited with 0 +++ [pid 6263] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1187, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./395", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./395", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./395/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./395/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./395/cgroup.cpu") = 0 [pid 5063] umount2("./395/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./395/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./395/binderfs") = 0 [pid 5063] umount2("./395/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./395/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./395/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./395/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./395/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./395/file0") = 0 [pid 5063] umount2("./395/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./395/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./395/cgroup") = 0 [pid 5063] umount2("./395/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./395/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./395/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./395") = 0 [pid 5063] mkdir("./396", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6266 attached , child_tidptr=0x5555560b8690) = 1190 [pid 6266] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6266] chdir("./396") = 0 [pid 6266] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6266] setpgid(0, 0) = 0 [pid 6266] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6266] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6266] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6266] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6266] write(3, "1000", 4) = 4 [pid 6266] close(3) = 0 [pid 6266] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6266] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6266] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6266] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6266] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6266] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6266] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6267 attached => {parent_tid=[1191]}, 88) = 1191 [pid 6267] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6266] rt_sigprocmask(SIG_SETMASK, [], [pid 6267] <... rseq resumed>) = 0 [pid 6266] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6267] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6266] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6267] rt_sigprocmask(SIG_SETMASK, [], [pid 6266] <... futex resumed>) = 0 [pid 6267] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6266] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6267] memfd_create("syzkaller", 0) = 3 [pid 6267] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6267] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6267] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6267] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6267] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6267] close(3) = 0 [pid 6267] mkdir("./file0", 0777) = 0 [pid 6267] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6267] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6267] chdir("./file0") = 0 [pid 6267] ioctl(4, LOOP_CLR_FD) = 0 [pid 6267] close(4) = 0 [pid 6267] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6267] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6266] <... futex resumed>) = 0 [pid 6266] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6266] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6267] <... futex resumed>) = 0 [ 285.306966][ T6267] loop0: detected capacity change from 0 to 4096 [ 285.329513][ T6267] ntfs: volume version 3.1. [pid 6267] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6267] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6266] <... futex resumed>) = 0 [pid 6267] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6266] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6267] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6266] <... futex resumed>) = 0 [pid 6267] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6266] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6266] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6266] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6266] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6266] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6266] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6268 attached => {parent_tid=[1192]}, 88) = 1192 [pid 6268] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6266] rt_sigprocmask(SIG_SETMASK, [], [pid 6268] set_robust_list(0x7eff0a3299a0, 24 [pid 6266] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6268] <... set_robust_list resumed>) = 0 [pid 6266] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6268] rt_sigprocmask(SIG_SETMASK, [], [pid 6266] <... futex resumed>) = 0 [pid 6268] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6266] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6268] creat("./file1", 000) = 5 [pid 6267] <... write resumed>) = 1048064 [pid 6267] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6267] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6268] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6268] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6266] <... futex resumed>) = 0 [pid 6266] close(3) = 0 [pid 6266] close(4) = 0 [pid 6266] close(5) = 0 [pid 6266] close(6) = -1 EBADF (Bad file descriptor) [pid 6266] close(7) = -1 EBADF (Bad file descriptor) [pid 6266] close(8) = -1 EBADF (Bad file descriptor) [pid 6266] close(9) = -1 EBADF (Bad file descriptor) [pid 6266] close(10) = -1 EBADF (Bad file descriptor) [pid 6266] close(11) = -1 EBADF (Bad file descriptor) [pid 6266] close(12) = -1 EBADF (Bad file descriptor) [pid 6266] close(13) = -1 EBADF (Bad file descriptor) [pid 6266] close(14) = -1 EBADF (Bad file descriptor) [pid 6266] close(15) = -1 EBADF (Bad file descriptor) [pid 6266] close(16) = -1 EBADF (Bad file descriptor) [pid 6266] close(17) = -1 EBADF (Bad file descriptor) [pid 6266] close(18) = -1 EBADF (Bad file descriptor) [pid 6266] close(19) = -1 EBADF (Bad file descriptor) [pid 6266] close(20) = -1 EBADF (Bad file descriptor) [pid 6266] close(21) = -1 EBADF (Bad file descriptor) [pid 6266] close(22) = -1 EBADF (Bad file descriptor) [pid 6266] close(23) = -1 EBADF (Bad file descriptor) [pid 6266] close(24) = -1 EBADF (Bad file descriptor) [pid 6266] close(25) = -1 EBADF (Bad file descriptor) [pid 6266] close(26) = -1 EBADF (Bad file descriptor) [pid 6266] close(27) = -1 EBADF (Bad file descriptor) [pid 6266] close(28) = -1 EBADF (Bad file descriptor) [pid 6266] close(29) = -1 EBADF (Bad file descriptor) [pid 6266] exit_group(0) = ? [pid 6268] <... futex resumed>) = ? [pid 6267] <... futex resumed>) = ? [pid 6268] +++ exited with 0 +++ [pid 6267] +++ exited with 0 +++ [pid 6266] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1190, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./396", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./396", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./396/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./396/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./396/cgroup.cpu") = 0 [pid 5063] umount2("./396/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./396/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./396/binderfs") = 0 [pid 5063] umount2("./396/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./396/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./396/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./396/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./396/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./396/file0") = 0 [pid 5063] umount2("./396/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./396/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./396/cgroup") = 0 [pid 5063] umount2("./396/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./396/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./396/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./396") = 0 [pid 5063] mkdir("./397", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6269 attached , child_tidptr=0x5555560b8690) = 1193 [pid 6269] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6269] chdir("./397") = 0 [pid 6269] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6269] setpgid(0, 0) = 0 [pid 6269] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6269] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6269] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6269] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6269] write(3, "1000", 4) = 4 [pid 6269] close(3) = 0 [pid 6269] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6269] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6269] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6269] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6269] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6269] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6269] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6269] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6270 attached => {parent_tid=[1194]}, 88) = 1194 [pid 6270] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6269] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6269] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6270] set_robust_list(0x7eff0a34a9a0, 24 [pid 6269] <... futex resumed>) = 0 [pid 6270] <... set_robust_list resumed>) = 0 [pid 6270] rt_sigprocmask(SIG_SETMASK, [], [pid 6269] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6270] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6270] memfd_create("syzkaller", 0) = 3 [pid 6270] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6270] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6270] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6270] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6270] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6270] close(3) = 0 [pid 6270] mkdir("./file0", 0777) = 0 [pid 6270] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6270] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6270] chdir("./file0") = 0 [pid 6270] ioctl(4, LOOP_CLR_FD) = 0 [pid 6270] close(4) = 0 [ 285.852529][ T6270] loop0: detected capacity change from 0 to 4096 [ 285.886606][ T6270] ntfs: volume version 3.1. [pid 6270] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6269] <... futex resumed>) = 0 [pid 6270] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6269] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6270] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6269] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6270] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6270] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6269] <... futex resumed>) = 0 [pid 6270] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6269] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6270] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6269] <... futex resumed>) = 0 [pid 6269] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6269] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6269] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6269] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6269] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6269] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6271 attached [pid 6271] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6269] <... clone3 resumed> => {parent_tid=[1195]}, 88) = 1195 [pid 6271] <... rseq resumed>) = 0 [pid 6269] rt_sigprocmask(SIG_SETMASK, [], [pid 6271] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6269] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6269] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6271] rt_sigprocmask(SIG_SETMASK, [], [pid 6270] <... write resumed>) = 1048064 [pid 6271] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6270] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6269] <... futex resumed>) = 0 [pid 6271] creat("./file1", 000 [pid 6270] <... futex resumed>) = 0 [pid 6269] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6271] <... creat resumed>) = 5 [pid 6270] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6271] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6269] <... futex resumed>) = 0 [pid 6271] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6269] close(3) = 0 [pid 6269] close(4) = 0 [pid 6269] close(5) = 0 [pid 6269] close(6) = -1 EBADF (Bad file descriptor) [pid 6269] close(7) = -1 EBADF (Bad file descriptor) [pid 6269] close(8) = -1 EBADF (Bad file descriptor) [pid 6269] close(9) = -1 EBADF (Bad file descriptor) [pid 6269] close(10) = -1 EBADF (Bad file descriptor) [pid 6269] close(11) = -1 EBADF (Bad file descriptor) [pid 6269] close(12) = -1 EBADF (Bad file descriptor) [pid 6269] close(13) = -1 EBADF (Bad file descriptor) [pid 6269] close(14) = -1 EBADF (Bad file descriptor) [pid 6269] close(15) = -1 EBADF (Bad file descriptor) [pid 6269] close(16) = -1 EBADF (Bad file descriptor) [pid 6269] close(17) = -1 EBADF (Bad file descriptor) [pid 6269] close(18) = -1 EBADF (Bad file descriptor) [pid 6269] close(19) = -1 EBADF (Bad file descriptor) [pid 6269] close(20) = -1 EBADF (Bad file descriptor) [pid 6269] close(21) = -1 EBADF (Bad file descriptor) [pid 6269] close(22) = -1 EBADF (Bad file descriptor) [pid 6269] close(23) = -1 EBADF (Bad file descriptor) [pid 6269] close(24) = -1 EBADF (Bad file descriptor) [pid 6269] close(25) = -1 EBADF (Bad file descriptor) [pid 6269] close(26) = -1 EBADF (Bad file descriptor) [pid 6269] close(27) = -1 EBADF (Bad file descriptor) [pid 6269] close(28) = -1 EBADF (Bad file descriptor) [pid 6269] close(29) = -1 EBADF (Bad file descriptor) [pid 6269] exit_group(0) = ? [pid 6270] <... futex resumed>) = ? [pid 6271] <... futex resumed>) = ? [pid 6270] +++ exited with 0 +++ [pid 6271] +++ exited with 0 +++ [pid 6269] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1193, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./397", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./397", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./397/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./397/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./397/cgroup.cpu") = 0 [pid 5063] umount2("./397/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./397/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./397/binderfs") = 0 [pid 5063] umount2("./397/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./397/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./397/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./397/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./397/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./397/file0") = 0 [pid 5063] umount2("./397/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./397/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./397/cgroup") = 0 [pid 5063] umount2("./397/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./397/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./397/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./397") = 0 [pid 5063] mkdir("./398", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6272 attached [pid 6272] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1196 [pid 6272] <... set_robust_list resumed>) = 0 [pid 6272] chdir("./398") = 0 [pid 6272] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6272] setpgid(0, 0) = 0 [pid 6272] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6272] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6272] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6272] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6272] write(3, "1000", 4) = 4 [pid 6272] close(3) = 0 [pid 6272] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6272] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6272] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6272] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6272] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6272] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6272] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6272] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6273 attached => {parent_tid=[1197]}, 88) = 1197 [pid 6273] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6272] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6272] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6272] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6273] <... rseq resumed>) = 0 [pid 6273] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6273] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6273] memfd_create("syzkaller", 0) = 3 [pid 6273] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6273] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6273] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6273] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6273] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6273] close(3) = 0 [pid 6273] mkdir("./file0", 0777) = 0 [pid 6273] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6273] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6273] chdir("./file0") = 0 [pid 6273] ioctl(4, LOOP_CLR_FD) = 0 [pid 6273] close(4) = 0 [pid 6273] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6272] <... futex resumed>) = 0 [pid 6273] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6272] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6273] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6272] <... futex resumed>) = 0 [pid 6273] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6272] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6273] <... openat resumed>) = 4 [pid 6273] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6272] <... futex resumed>) = 0 [pid 6273] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6272] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6273] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6272] <... futex resumed>) = 0 [ 286.515189][ T6273] loop0: detected capacity change from 0 to 4096 [ 286.539818][ T6273] ntfs: volume version 3.1. [pid 6272] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6272] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6272] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6272] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6272] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6272] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6274 attached => {parent_tid=[1198]}, 88) = 1198 [pid 6274] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6272] rt_sigprocmask(SIG_SETMASK, [], [pid 6274] <... rseq resumed>) = 0 [pid 6272] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6274] set_robust_list(0x7eff0a3299a0, 24 [pid 6272] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6274] <... set_robust_list resumed>) = 0 [pid 6272] <... futex resumed>) = 0 [pid 6274] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6272] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6274] creat("./file1", 000) = 5 [pid 6273] <... write resumed>) = 1048064 [pid 6274] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6273] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6274] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6273] <... futex resumed>) = 0 [pid 6273] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6272] <... futex resumed>) = 0 [pid 6272] close(3) = 0 [pid 6272] close(4) = 0 [pid 6272] close(5) = 0 [pid 6272] close(6) = -1 EBADF (Bad file descriptor) [pid 6272] close(7) = -1 EBADF (Bad file descriptor) [pid 6272] close(8) = -1 EBADF (Bad file descriptor) [pid 6272] close(9) = -1 EBADF (Bad file descriptor) [pid 6272] close(10) = -1 EBADF (Bad file descriptor) [pid 6272] close(11) = -1 EBADF (Bad file descriptor) [pid 6272] close(12) = -1 EBADF (Bad file descriptor) [pid 6272] close(13) = -1 EBADF (Bad file descriptor) [pid 6272] close(14) = -1 EBADF (Bad file descriptor) [pid 6272] close(15) = -1 EBADF (Bad file descriptor) [pid 6272] close(16) = -1 EBADF (Bad file descriptor) [pid 6272] close(17) = -1 EBADF (Bad file descriptor) [pid 6272] close(18) = -1 EBADF (Bad file descriptor) [pid 6272] close(19) = -1 EBADF (Bad file descriptor) [pid 6272] close(20) = -1 EBADF (Bad file descriptor) [pid 6272] close(21) = -1 EBADF (Bad file descriptor) [pid 6272] close(22) = -1 EBADF (Bad file descriptor) [pid 6272] close(23) = -1 EBADF (Bad file descriptor) [pid 6272] close(24) = -1 EBADF (Bad file descriptor) [pid 6272] close(25) = -1 EBADF (Bad file descriptor) [pid 6272] close(26) = -1 EBADF (Bad file descriptor) [pid 6272] close(27) = -1 EBADF (Bad file descriptor) [pid 6272] close(28) = -1 EBADF (Bad file descriptor) [pid 6272] close(29) = -1 EBADF (Bad file descriptor) [pid 6272] exit_group(0) = ? [pid 6274] <... futex resumed>) = ? [pid 6273] <... futex resumed>) = ? [pid 6274] +++ exited with 0 +++ [pid 6273] +++ exited with 0 +++ [pid 6272] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1196, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./398", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./398", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./398/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./398/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./398/cgroup.cpu") = 0 [pid 5063] umount2("./398/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./398/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./398/binderfs") = 0 [pid 5063] umount2("./398/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./398/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./398/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./398/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./398/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./398/file0") = 0 [pid 5063] umount2("./398/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./398/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./398/cgroup") = 0 [pid 5063] umount2("./398/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./398/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./398/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./398") = 0 [pid 5063] mkdir("./399", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6275 attached , child_tidptr=0x5555560b8690) = 1199 [pid 6275] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6275] chdir("./399") = 0 [pid 6275] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6275] setpgid(0, 0) = 0 [pid 6275] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6275] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6275] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6275] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6275] write(3, "1000", 4) = 4 [pid 6275] close(3) = 0 [pid 6275] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6275] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6275] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6275] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6275] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6275] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6275] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6275] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6276 attached => {parent_tid=[1200]}, 88) = 1200 [pid 6276] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6275] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6275] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6275] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6276] <... rseq resumed>) = 0 [pid 6276] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6276] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6276] memfd_create("syzkaller", 0) = 3 [pid 6276] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6276] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6276] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6276] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6276] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6276] close(3) = 0 [pid 6276] mkdir("./file0", 0777) = 0 [pid 6276] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6276] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6276] chdir("./file0") = 0 [pid 6276] ioctl(4, LOOP_CLR_FD) = 0 [pid 6276] close(4) = 0 [pid 6276] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 287.138658][ T6276] loop0: detected capacity change from 0 to 4096 [ 287.163597][ T6276] ntfs: volume version 3.1. [pid 6276] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6275] <... futex resumed>) = 0 [pid 6275] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6276] <... futex resumed>) = 0 [pid 6275] <... futex resumed>) = 1 [pid 6276] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6275] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6276] <... openat resumed>) = 4 [pid 6276] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6275] <... futex resumed>) = 0 [pid 6276] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6275] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6276] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6275] <... futex resumed>) = 0 [pid 6276] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6275] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6275] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6275] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6275] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6275] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6275] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6277 attached => {parent_tid=[1201]}, 88) = 1201 [pid 6277] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6275] rt_sigprocmask(SIG_SETMASK, [], [pid 6277] set_robust_list(0x7eff0a3299a0, 24 [pid 6275] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6277] <... set_robust_list resumed>) = 0 [pid 6275] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6277] rt_sigprocmask(SIG_SETMASK, [], [pid 6275] <... futex resumed>) = 0 [pid 6275] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6277] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6277] creat("./file1", 000) = 5 [pid 6276] <... write resumed>) = 1048064 [pid 6277] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6276] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6275] <... futex resumed>) = 0 [pid 6277] <... futex resumed>) = 1 [pid 6276] <... futex resumed>) = 0 [pid 6275] close(3 [pid 6277] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6275] <... close resumed>) = 0 [pid 6276] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6275] close(4) = 0 [pid 6275] close(5) = 0 [pid 6275] close(6) = -1 EBADF (Bad file descriptor) [pid 6275] close(7) = -1 EBADF (Bad file descriptor) [pid 6275] close(8) = -1 EBADF (Bad file descriptor) [pid 6275] close(9) = -1 EBADF (Bad file descriptor) [pid 6275] close(10) = -1 EBADF (Bad file descriptor) [pid 6275] close(11) = -1 EBADF (Bad file descriptor) [pid 6275] close(12) = -1 EBADF (Bad file descriptor) [pid 6275] close(13) = -1 EBADF (Bad file descriptor) [pid 6275] close(14) = -1 EBADF (Bad file descriptor) [pid 6275] close(15) = -1 EBADF (Bad file descriptor) [pid 6275] close(16) = -1 EBADF (Bad file descriptor) [pid 6275] close(17) = -1 EBADF (Bad file descriptor) [pid 6275] close(18) = -1 EBADF (Bad file descriptor) [pid 6275] close(19) = -1 EBADF (Bad file descriptor) [pid 6275] close(20) = -1 EBADF (Bad file descriptor) [pid 6275] close(21) = -1 EBADF (Bad file descriptor) [pid 6275] close(22) = -1 EBADF (Bad file descriptor) [pid 6275] close(23) = -1 EBADF (Bad file descriptor) [pid 6275] close(24) = -1 EBADF (Bad file descriptor) [pid 6275] close(25) = -1 EBADF (Bad file descriptor) [pid 6275] close(26) = -1 EBADF (Bad file descriptor) [pid 6275] close(27) = -1 EBADF (Bad file descriptor) [pid 6275] close(28) = -1 EBADF (Bad file descriptor) [pid 6275] close(29) = -1 EBADF (Bad file descriptor) [pid 6275] exit_group(0 [pid 6276] <... futex resumed>) = ? [pid 6275] <... exit_group resumed>) = ? [pid 6277] <... futex resumed>) = ? [pid 6276] +++ exited with 0 +++ [pid 6277] +++ exited with 0 +++ [pid 6275] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1199, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./399", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./399", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./399/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./399/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./399/cgroup.cpu") = 0 [pid 5063] umount2("./399/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./399/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./399/binderfs") = 0 [pid 5063] umount2("./399/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./399/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./399/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./399/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./399/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./399/file0") = 0 [pid 5063] umount2("./399/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./399/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./399/cgroup") = 0 [pid 5063] umount2("./399/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./399/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./399/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./399") = 0 [pid 5063] mkdir("./400", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6278 attached , child_tidptr=0x5555560b8690) = 1202 [pid 6278] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6278] chdir("./400") = 0 [pid 6278] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6278] setpgid(0, 0) = 0 [pid 6278] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6278] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6278] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6278] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6278] write(3, "1000", 4) = 4 [pid 6278] close(3) = 0 [pid 6278] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6278] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6278] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6278] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6278] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6278] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6278] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6279 attached => {parent_tid=[1203]}, 88) = 1203 [pid 6279] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6278] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6278] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6278] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6279] <... rseq resumed>) = 0 [pid 6279] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6279] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6279] memfd_create("syzkaller", 0) = 3 [pid 6279] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6279] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6279] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6279] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6279] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6279] close(3) = 0 [pid 6279] mkdir("./file0", 0777) = 0 [ 287.773354][ T6279] loop0: detected capacity change from 0 to 4096 [ 287.797188][ T6279] __ntfs_warning: 150 callbacks suppressed [ 287.797202][ T6279] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 287.824290][ T6279] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 287.834041][ T6279] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 287.850461][ T6279] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 287.859222][ T6279] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 287.879296][ T6279] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 287.888093][ T6279] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 287.908723][ T6279] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6279] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6279] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6279] chdir("./file0") = 0 [pid 6279] ioctl(4, LOOP_CLR_FD) = 0 [pid 6279] close(4) = 0 [pid 6279] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6278] <... futex resumed>) = 0 [pid 6279] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6278] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6279] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6278] <... futex resumed>) = 0 [pid 6279] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 287.917482][ T6279] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 287.937522][ T6279] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 287.947956][ T6279] ntfs: volume version 3.1. [pid 6278] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6279] <... openat resumed>) = 4 [pid 6279] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6278] <... futex resumed>) = 0 [pid 6279] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6278] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6279] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6278] <... futex resumed>) = 0 [pid 6279] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6278] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6278] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6278] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6278] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6278] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6278] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6280 attached [pid 6280] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6278] <... clone3 resumed> => {parent_tid=[1204]}, 88) = 1204 [pid 6280] <... rseq resumed>) = 0 [pid 6278] rt_sigprocmask(SIG_SETMASK, [], [pid 6280] set_robust_list(0x7eff0a3299a0, 24 [pid 6278] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6278] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6280] <... set_robust_list resumed>) = 0 [pid 6279] <... write resumed>) = 1048064 [pid 6280] rt_sigprocmask(SIG_SETMASK, [], [pid 6279] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6278] <... futex resumed>) = 0 [pid 6280] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6279] <... futex resumed>) = 0 [pid 6278] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6280] creat("./file1", 000 [pid 6279] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6280] <... creat resumed>) = 5 [pid 6280] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6278] <... futex resumed>) = 0 [pid 6280] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6278] close(3) = 0 [pid 6278] close(4) = 0 [pid 6278] close(5) = 0 [pid 6278] close(6) = -1 EBADF (Bad file descriptor) [pid 6278] close(7) = -1 EBADF (Bad file descriptor) [pid 6278] close(8) = -1 EBADF (Bad file descriptor) [pid 6278] close(9) = -1 EBADF (Bad file descriptor) [pid 6278] close(10) = -1 EBADF (Bad file descriptor) [pid 6278] close(11) = -1 EBADF (Bad file descriptor) [pid 6278] close(12) = -1 EBADF (Bad file descriptor) [pid 6278] close(13) = -1 EBADF (Bad file descriptor) [pid 6278] close(14) = -1 EBADF (Bad file descriptor) [pid 6278] close(15) = -1 EBADF (Bad file descriptor) [pid 6278] close(16) = -1 EBADF (Bad file descriptor) [pid 6278] close(17) = -1 EBADF (Bad file descriptor) [pid 6278] close(18) = -1 EBADF (Bad file descriptor) [pid 6278] close(19) = -1 EBADF (Bad file descriptor) [pid 6278] close(20) = -1 EBADF (Bad file descriptor) [pid 6278] close(21) = -1 EBADF (Bad file descriptor) [pid 6278] close(22) = -1 EBADF (Bad file descriptor) [pid 6278] close(23) = -1 EBADF (Bad file descriptor) [pid 6278] close(24) = -1 EBADF (Bad file descriptor) [pid 6278] close(25) = -1 EBADF (Bad file descriptor) [pid 6278] close(26) = -1 EBADF (Bad file descriptor) [pid 6278] close(27) = -1 EBADF (Bad file descriptor) [pid 6278] close(28) = -1 EBADF (Bad file descriptor) [pid 6278] close(29) = -1 EBADF (Bad file descriptor) [pid 6278] exit_group(0) = ? [pid 6280] <... futex resumed>) = ? [pid 6279] <... futex resumed>) = ? [pid 6280] +++ exited with 0 +++ [pid 6279] +++ exited with 0 +++ [pid 6278] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1202, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] umount2("./400", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./400", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./400/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./400/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./400/cgroup.cpu") = 0 [pid 5063] umount2("./400/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./400/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./400/binderfs") = 0 [pid 5063] umount2("./400/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./400/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./400/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./400/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./400/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./400/file0") = 0 [pid 5063] umount2("./400/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./400/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./400/cgroup") = 0 [pid 5063] umount2("./400/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./400/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./400/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./400") = 0 [pid 5063] mkdir("./401", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1205 ./strace-static-x86_64: Process 6281 attached [pid 6281] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6281] chdir("./401") = 0 [pid 6281] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6281] setpgid(0, 0) = 0 [pid 6281] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6281] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6281] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6281] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6281] write(3, "1000", 4) = 4 [pid 6281] close(3) = 0 [pid 6281] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6281] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6281] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6281] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6281] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6281] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6281] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6281] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6282 attached [pid 6282] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6281] <... clone3 resumed> => {parent_tid=[1206]}, 88) = 1206 [pid 6282] <... rseq resumed>) = 0 [pid 6281] rt_sigprocmask(SIG_SETMASK, [], [pid 6282] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6281] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6282] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6281] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6282] memfd_create("syzkaller", 0 [pid 6281] <... futex resumed>) = 0 [pid 6281] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6282] <... memfd_create resumed>) = 3 [pid 6282] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6282] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6282] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6282] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6282] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6282] close(3) = 0 [pid 6282] mkdir("./file0", 0777) = 0 [pid 6282] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6282] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6282] chdir("./file0") = 0 [pid 6282] ioctl(4, LOOP_CLR_FD) = 0 [pid 6282] close(4) = 0 [pid 6282] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6281] <... futex resumed>) = 0 [pid 6282] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6281] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6282] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6281] <... futex resumed>) = 0 [ 288.525118][ T6282] loop0: detected capacity change from 0 to 4096 [ 288.554694][ T6282] ntfs: volume version 3.1. [pid 6282] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6281] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6282] <... openat resumed>) = 4 [pid 6282] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6282] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6281] <... futex resumed>) = 0 [pid 6281] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6281] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6282] <... futex resumed>) = 0 [pid 6282] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6281] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6281] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6281] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6281] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6281] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6281] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6283 attached [pid 6283] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6281] <... clone3 resumed> => {parent_tid=[1207]}, 88) = 1207 [pid 6283] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6283] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6283] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6281] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6281] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6283] <... futex resumed>) = 0 [pid 6283] creat("./file1", 000 [pid 6281] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6283] <... creat resumed>) = 5 [pid 6283] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6282] <... write resumed>) = 1048064 [pid 6283] <... futex resumed>) = 1 [pid 6282] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6281] <... futex resumed>) = 0 [pid 6283] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6282] <... futex resumed>) = 0 [pid 6281] close(3 [pid 6282] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6281] <... close resumed>) = 0 [pid 6281] close(4) = 0 [pid 6281] close(5) = 0 [pid 6281] close(6) = -1 EBADF (Bad file descriptor) [pid 6281] close(7) = -1 EBADF (Bad file descriptor) [pid 6281] close(8) = -1 EBADF (Bad file descriptor) [pid 6281] close(9) = -1 EBADF (Bad file descriptor) [pid 6281] close(10) = -1 EBADF (Bad file descriptor) [pid 6281] close(11) = -1 EBADF (Bad file descriptor) [pid 6281] close(12) = -1 EBADF (Bad file descriptor) [pid 6281] close(13) = -1 EBADF (Bad file descriptor) [pid 6281] close(14) = -1 EBADF (Bad file descriptor) [pid 6281] close(15) = -1 EBADF (Bad file descriptor) [pid 6281] close(16) = -1 EBADF (Bad file descriptor) [pid 6281] close(17) = -1 EBADF (Bad file descriptor) [pid 6281] close(18) = -1 EBADF (Bad file descriptor) [pid 6281] close(19) = -1 EBADF (Bad file descriptor) [pid 6281] close(20) = -1 EBADF (Bad file descriptor) [pid 6281] close(21) = -1 EBADF (Bad file descriptor) [pid 6281] close(22) = -1 EBADF (Bad file descriptor) [pid 6281] close(23) = -1 EBADF (Bad file descriptor) [pid 6281] close(24) = -1 EBADF (Bad file descriptor) [pid 6281] close(25) = -1 EBADF (Bad file descriptor) [pid 6281] close(26) = -1 EBADF (Bad file descriptor) [pid 6281] close(27) = -1 EBADF (Bad file descriptor) [pid 6281] close(28) = -1 EBADF (Bad file descriptor) [pid 6281] close(29) = -1 EBADF (Bad file descriptor) [pid 6281] exit_group(0 [pid 6282] <... futex resumed>) = ? [pid 6283] <... futex resumed>) = ? [pid 6281] <... exit_group resumed>) = ? [pid 6283] +++ exited with 0 +++ [pid 6282] +++ exited with 0 +++ [pid 6281] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1205, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./401", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./401", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./401/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./401/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./401/cgroup.cpu") = 0 [pid 5063] umount2("./401/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./401/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./401/binderfs") = 0 [pid 5063] umount2("./401/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./401/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./401/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./401/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./401/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./401/file0") = 0 [pid 5063] umount2("./401/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./401/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./401/cgroup") = 0 [pid 5063] umount2("./401/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./401/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./401/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./401") = 0 [pid 5063] mkdir("./402", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1208 ./strace-static-x86_64: Process 6284 attached [pid 6284] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6284] chdir("./402") = 0 [pid 6284] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6284] setpgid(0, 0) = 0 [pid 6284] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6284] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6284] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6284] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6284] write(3, "1000", 4) = 4 [pid 6284] close(3) = 0 [pid 6284] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6284] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6284] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6284] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6284] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6284] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6284] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6284] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6285 attached => {parent_tid=[1209]}, 88) = 1209 [pid 6285] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6284] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6284] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6284] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6285] <... rseq resumed>) = 0 [pid 6285] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6285] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6285] memfd_create("syzkaller", 0) = 3 [pid 6285] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6285] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6285] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6285] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6285] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6285] close(3) = 0 [pid 6285] mkdir("./file0", 0777) = 0 [pid 6285] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6285] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6285] chdir("./file0") = 0 [pid 6285] ioctl(4, LOOP_CLR_FD) = 0 [pid 6285] close(4) = 0 [pid 6285] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6284] <... futex resumed>) = 0 [pid 6285] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6284] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6285] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6285] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6284] <... futex resumed>) = 0 [pid 6284] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6285] <... openat resumed>) = 4 [pid 6285] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6284] <... futex resumed>) = 0 [pid 6285] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6284] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6285] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6284] <... futex resumed>) = 0 [pid 6285] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 289.098274][ T6285] loop0: detected capacity change from 0 to 4096 [ 289.129059][ T6285] ntfs: volume version 3.1. [pid 6284] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6284] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6284] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6284] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6284] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6284] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6286 attached => {parent_tid=[1210]}, 88) = 1210 [pid 6286] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6286] set_robust_list(0x7eff0a3299a0, 24 [pid 6284] rt_sigprocmask(SIG_SETMASK, [], [pid 6286] <... set_robust_list resumed>) = 0 [pid 6284] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6286] rt_sigprocmask(SIG_SETMASK, [], [pid 6284] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6286] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6286] creat("./file1", 000 [pid 6284] <... futex resumed>) = 0 [pid 6284] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6286] <... creat resumed>) = 5 [pid 6285] <... write resumed>) = 1048064 [pid 6286] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6285] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6284] <... futex resumed>) = 0 [pid 6285] <... futex resumed>) = 0 [pid 6286] <... futex resumed>) = 1 [pid 6284] close(3 [pid 6286] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6284] <... close resumed>) = 0 [pid 6285] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6284] close(4) = 0 [pid 6284] close(5) = 0 [pid 6284] close(6) = -1 EBADF (Bad file descriptor) [pid 6284] close(7) = -1 EBADF (Bad file descriptor) [pid 6284] close(8) = -1 EBADF (Bad file descriptor) [pid 6284] close(9) = -1 EBADF (Bad file descriptor) [pid 6284] close(10) = -1 EBADF (Bad file descriptor) [pid 6284] close(11) = -1 EBADF (Bad file descriptor) [pid 6284] close(12) = -1 EBADF (Bad file descriptor) [pid 6284] close(13) = -1 EBADF (Bad file descriptor) [pid 6284] close(14) = -1 EBADF (Bad file descriptor) [pid 6284] close(15) = -1 EBADF (Bad file descriptor) [pid 6284] close(16) = -1 EBADF (Bad file descriptor) [pid 6284] close(17) = -1 EBADF (Bad file descriptor) [pid 6284] close(18) = -1 EBADF (Bad file descriptor) [pid 6284] close(19) = -1 EBADF (Bad file descriptor) [pid 6284] close(20) = -1 EBADF (Bad file descriptor) [pid 6284] close(21) = -1 EBADF (Bad file descriptor) [pid 6284] close(22) = -1 EBADF (Bad file descriptor) [pid 6284] close(23) = -1 EBADF (Bad file descriptor) [pid 6284] close(24) = -1 EBADF (Bad file descriptor) [pid 6284] close(25) = -1 EBADF (Bad file descriptor) [pid 6284] close(26) = -1 EBADF (Bad file descriptor) [pid 6284] close(27) = -1 EBADF (Bad file descriptor) [pid 6284] close(28) = -1 EBADF (Bad file descriptor) [pid 6284] close(29) = -1 EBADF (Bad file descriptor) [pid 6284] exit_group(0 [pid 6285] <... futex resumed>) = ? [pid 6284] <... exit_group resumed>) = ? [pid 6286] <... futex resumed>) = ? [pid 6285] +++ exited with 0 +++ [pid 6286] +++ exited with 0 +++ [pid 6284] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1208, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./402", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./402", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./402/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./402/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./402/cgroup.cpu") = 0 [pid 5063] umount2("./402/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./402/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./402/binderfs") = 0 [pid 5063] umount2("./402/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./402/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./402/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./402/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./402/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./402/file0") = 0 [pid 5063] umount2("./402/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./402/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./402/cgroup") = 0 [pid 5063] umount2("./402/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./402/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./402/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./402") = 0 [pid 5063] mkdir("./403", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6287 attached , child_tidptr=0x5555560b8690) = 1211 [pid 6287] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6287] chdir("./403") = 0 [pid 6287] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6287] setpgid(0, 0) = 0 [pid 6287] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6287] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6287] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6287] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6287] write(3, "1000", 4) = 4 [pid 6287] close(3) = 0 [pid 6287] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6287] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6287] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6287] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6287] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6287] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6287] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6287] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6288 attached => {parent_tid=[1212]}, 88) = 1212 [pid 6288] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6287] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6287] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6287] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6288] <... rseq resumed>) = 0 [pid 6288] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6288] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6288] memfd_create("syzkaller", 0) = 3 [pid 6288] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6288] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6288] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6288] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6288] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6288] close(3) = 0 [pid 6288] mkdir("./file0", 0777) = 0 [pid 6288] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6288] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6288] chdir("./file0") = 0 [pid 6288] ioctl(4, LOOP_CLR_FD) = 0 [pid 6288] close(4) = 0 [pid 6288] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6288] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6287] <... futex resumed>) = 0 [pid 6287] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6288] <... futex resumed>) = 0 [pid 6287] <... futex resumed>) = 1 [pid 6288] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6287] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6288] <... openat resumed>) = 4 [ 289.632103][ T6288] loop0: detected capacity change from 0 to 4096 [ 289.661357][ T6288] ntfs: volume version 3.1. [pid 6288] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6287] <... futex resumed>) = 0 [pid 6288] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6287] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6287] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6288] <... futex resumed>) = 0 [pid 6288] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6287] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6287] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6287] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6287] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6287] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6287] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6287] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6289 attached => {parent_tid=[1213]}, 88) = 1213 [pid 6289] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6289] set_robust_list(0x7eff0a3299a0, 24 [pid 6287] rt_sigprocmask(SIG_SETMASK, [], [pid 6289] <... set_robust_list resumed>) = 0 [pid 6289] rt_sigprocmask(SIG_SETMASK, [], [pid 6287] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6289] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6287] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6289] creat("./file1", 000 [pid 6287] <... futex resumed>) = 0 [pid 6287] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6289] <... creat resumed>) = 5 [pid 6289] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6288] <... write resumed>) = 1048064 [pid 6287] <... futex resumed>) = 0 [pid 6288] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6287] close(3 [pid 6289] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6287] <... close resumed>) = 0 [pid 6288] <... futex resumed>) = 0 [pid 6288] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6287] close(4) = 0 [pid 6287] close(5) = 0 [pid 6287] close(6) = -1 EBADF (Bad file descriptor) [pid 6287] close(7) = -1 EBADF (Bad file descriptor) [pid 6287] close(8) = -1 EBADF (Bad file descriptor) [pid 6287] close(9) = -1 EBADF (Bad file descriptor) [pid 6287] close(10) = -1 EBADF (Bad file descriptor) [pid 6287] close(11) = -1 EBADF (Bad file descriptor) [pid 6287] close(12) = -1 EBADF (Bad file descriptor) [pid 6287] close(13) = -1 EBADF (Bad file descriptor) [pid 6287] close(14) = -1 EBADF (Bad file descriptor) [pid 6287] close(15) = -1 EBADF (Bad file descriptor) [pid 6287] close(16) = -1 EBADF (Bad file descriptor) [pid 6287] close(17) = -1 EBADF (Bad file descriptor) [pid 6287] close(18) = -1 EBADF (Bad file descriptor) [pid 6287] close(19) = -1 EBADF (Bad file descriptor) [pid 6287] close(20) = -1 EBADF (Bad file descriptor) [pid 6287] close(21) = -1 EBADF (Bad file descriptor) [pid 6287] close(22) = -1 EBADF (Bad file descriptor) [pid 6287] close(23) = -1 EBADF (Bad file descriptor) [pid 6287] close(24) = -1 EBADF (Bad file descriptor) [pid 6287] close(25) = -1 EBADF (Bad file descriptor) [pid 6287] close(26) = -1 EBADF (Bad file descriptor) [pid 6287] close(27) = -1 EBADF (Bad file descriptor) [pid 6287] close(28) = -1 EBADF (Bad file descriptor) [pid 6287] close(29) = -1 EBADF (Bad file descriptor) [pid 6287] exit_group(0 [pid 6288] <... futex resumed>) = ? [pid 6287] <... exit_group resumed>) = ? [pid 6288] +++ exited with 0 +++ [pid 6289] <... futex resumed>) = ? [pid 6289] +++ exited with 0 +++ [pid 6287] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1211, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./403", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./403", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./403/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./403/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./403/cgroup.cpu") = 0 [pid 5063] umount2("./403/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./403/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./403/binderfs") = 0 [pid 5063] umount2("./403/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./403/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./403/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./403/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./403/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./403/file0") = 0 [pid 5063] umount2("./403/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./403/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./403/cgroup") = 0 [pid 5063] umount2("./403/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./403/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./403/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./403") = 0 [pid 5063] mkdir("./404", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6290 attached , child_tidptr=0x5555560b8690) = 1214 [pid 6290] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6290] chdir("./404") = 0 [pid 6290] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6290] setpgid(0, 0) = 0 [pid 6290] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6290] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6290] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6290] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6290] write(3, "1000", 4) = 4 [pid 6290] close(3) = 0 [pid 6290] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6290] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6290] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6290] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6290] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6290] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6290] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6290] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6291 attached => {parent_tid=[1215]}, 88) = 1215 [pid 6291] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6290] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6290] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6290] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6291] <... rseq resumed>) = 0 [pid 6291] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6291] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6291] memfd_create("syzkaller", 0) = 3 [pid 6291] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6291] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6291] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6291] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6291] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6291] close(3) = 0 [pid 6291] mkdir("./file0", 0777) = 0 [pid 6291] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6291] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6291] chdir("./file0") = 0 [pid 6291] ioctl(4, LOOP_CLR_FD) = 0 [pid 6291] close(4) = 0 [pid 6291] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6290] <... futex resumed>) = 0 [pid 6291] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6290] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6290] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6291] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6291] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6291] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6291] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6290] <... futex resumed>) = 0 [pid 6290] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6291] <... futex resumed>) = 0 [pid 6290] <... futex resumed>) = 1 [pid 6291] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 290.264820][ T6291] loop0: detected capacity change from 0 to 4096 [ 290.281036][ T6291] ntfs: volume version 3.1. [pid 6290] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6290] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6290] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6290] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6290] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6290] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6292 attached => {parent_tid=[1216]}, 88) = 1216 [pid 6292] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6290] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6290] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6292] set_robust_list(0x7eff0a3299a0, 24 [pid 6290] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6292] <... set_robust_list resumed>) = 0 [pid 6292] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6292] creat("./file1", 000) = 5 [pid 6291] <... write resumed>) = 1048064 [pid 6292] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6291] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6292] <... futex resumed>) = 1 [pid 6291] <... futex resumed>) = 0 [pid 6292] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6291] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6290] <... futex resumed>) = 0 [pid 6290] close(3) = 0 [pid 6290] close(4) = 0 [pid 6290] close(5) = 0 [pid 6290] close(6) = -1 EBADF (Bad file descriptor) [pid 6290] close(7) = -1 EBADF (Bad file descriptor) [pid 6290] close(8) = -1 EBADF (Bad file descriptor) [pid 6290] close(9) = -1 EBADF (Bad file descriptor) [pid 6290] close(10) = -1 EBADF (Bad file descriptor) [pid 6290] close(11) = -1 EBADF (Bad file descriptor) [pid 6290] close(12) = -1 EBADF (Bad file descriptor) [pid 6290] close(13) = -1 EBADF (Bad file descriptor) [pid 6290] close(14) = -1 EBADF (Bad file descriptor) [pid 6290] close(15) = -1 EBADF (Bad file descriptor) [pid 6290] close(16) = -1 EBADF (Bad file descriptor) [pid 6290] close(17) = -1 EBADF (Bad file descriptor) [pid 6290] close(18) = -1 EBADF (Bad file descriptor) [pid 6290] close(19) = -1 EBADF (Bad file descriptor) [pid 6290] close(20) = -1 EBADF (Bad file descriptor) [pid 6290] close(21) = -1 EBADF (Bad file descriptor) [pid 6290] close(22) = -1 EBADF (Bad file descriptor) [pid 6290] close(23) = -1 EBADF (Bad file descriptor) [pid 6290] close(24) = -1 EBADF (Bad file descriptor) [pid 6290] close(25) = -1 EBADF (Bad file descriptor) [pid 6290] close(26) = -1 EBADF (Bad file descriptor) [pid 6290] close(27) = -1 EBADF (Bad file descriptor) [pid 6290] close(28) = -1 EBADF (Bad file descriptor) [pid 6290] close(29) = -1 EBADF (Bad file descriptor) [pid 6290] exit_group(0 [pid 6291] <... futex resumed>) = ? [pid 6290] <... exit_group resumed>) = ? [pid 6292] <... futex resumed>) = ? [pid 6292] +++ exited with 0 +++ [pid 6291] +++ exited with 0 +++ [pid 6290] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1214, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./404", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./404", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./404/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./404/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./404/cgroup.cpu") = 0 [pid 5063] umount2("./404/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./404/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./404/binderfs") = 0 [pid 5063] umount2("./404/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./404/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./404/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./404/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./404/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./404/file0") = 0 [pid 5063] umount2("./404/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./404/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./404/cgroup") = 0 [pid 5063] umount2("./404/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./404/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./404/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./404") = 0 [pid 5063] mkdir("./405", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6293 attached , child_tidptr=0x5555560b8690) = 1217 [pid 6293] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6293] chdir("./405") = 0 [pid 6293] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6293] setpgid(0, 0) = 0 [pid 6293] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6293] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6293] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6293] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6293] write(3, "1000", 4) = 4 [pid 6293] close(3) = 0 [pid 6293] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6293] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6293] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6293] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6293] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6293] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6293] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6293] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6294 attached => {parent_tid=[1218]}, 88) = 1218 [pid 6294] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6293] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6294] <... rseq resumed>) = 0 [pid 6293] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6294] set_robust_list(0x7eff0a34a9a0, 24 [pid 6293] <... futex resumed>) = 0 [pid 6294] <... set_robust_list resumed>) = 0 [pid 6294] rt_sigprocmask(SIG_SETMASK, [], [pid 6293] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6294] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6294] memfd_create("syzkaller", 0) = 3 [pid 6294] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6294] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6294] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6294] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6294] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6294] close(3) = 0 [pid 6294] mkdir("./file0", 0777) = 0 [pid 6294] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6294] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6294] chdir("./file0") = 0 [pid 6294] ioctl(4, LOOP_CLR_FD) = 0 [pid 6294] close(4) = 0 [pid 6294] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6293] <... futex resumed>) = 0 [pid 6293] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6294] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6293] <... futex resumed>) = 0 [ 290.890319][ T6294] loop0: detected capacity change from 0 to 4096 [ 290.920202][ T6294] ntfs: volume version 3.1. [pid 6293] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6294] <... openat resumed>) = 4 [pid 6294] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6293] <... futex resumed>) = 0 [pid 6294] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6293] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6294] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6293] <... futex resumed>) = 0 [pid 6294] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6293] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6293] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6293] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6293] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6293] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6293] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6295 attached => {parent_tid=[1219]}, 88) = 1219 [pid 6295] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6294] <... write resumed>) = 1048064 [pid 6293] rt_sigprocmask(SIG_SETMASK, [], [pid 6295] <... rseq resumed>) = 0 [pid 6293] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6295] set_robust_list(0x7eff0a3299a0, 24 [pid 6294] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6293] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6295] <... set_robust_list resumed>) = 0 [pid 6293] <... futex resumed>) = 0 [pid 6295] rt_sigprocmask(SIG_SETMASK, [], [pid 6293] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6295] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6295] creat("./file1", 000 [pid 6294] <... futex resumed>) = 0 [pid 6294] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6295] <... creat resumed>) = 5 [pid 6295] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6295] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6293] <... futex resumed>) = 0 [pid 6293] close(3) = 0 [pid 6293] close(4) = 0 [pid 6293] close(5) = 0 [pid 6293] close(6) = -1 EBADF (Bad file descriptor) [pid 6293] close(7) = -1 EBADF (Bad file descriptor) [pid 6293] close(8) = -1 EBADF (Bad file descriptor) [pid 6293] close(9) = -1 EBADF (Bad file descriptor) [pid 6293] close(10) = -1 EBADF (Bad file descriptor) [pid 6293] close(11) = -1 EBADF (Bad file descriptor) [pid 6293] close(12) = -1 EBADF (Bad file descriptor) [pid 6293] close(13) = -1 EBADF (Bad file descriptor) [pid 6293] close(14) = -1 EBADF (Bad file descriptor) [pid 6293] close(15) = -1 EBADF (Bad file descriptor) [pid 6293] close(16) = -1 EBADF (Bad file descriptor) [pid 6293] close(17) = -1 EBADF (Bad file descriptor) [pid 6293] close(18) = -1 EBADF (Bad file descriptor) [pid 6293] close(19) = -1 EBADF (Bad file descriptor) [pid 6293] close(20) = -1 EBADF (Bad file descriptor) [pid 6293] close(21) = -1 EBADF (Bad file descriptor) [pid 6293] close(22) = -1 EBADF (Bad file descriptor) [pid 6293] close(23) = -1 EBADF (Bad file descriptor) [pid 6293] close(24) = -1 EBADF (Bad file descriptor) [pid 6293] close(25) = -1 EBADF (Bad file descriptor) [pid 6293] close(26) = -1 EBADF (Bad file descriptor) [pid 6293] close(27) = -1 EBADF (Bad file descriptor) [pid 6293] close(28) = -1 EBADF (Bad file descriptor) [pid 6293] close(29) = -1 EBADF (Bad file descriptor) [pid 6293] exit_group(0) = ? [pid 6295] <... futex resumed>) = ? [pid 6294] <... futex resumed>) = ? [pid 6295] +++ exited with 0 +++ [pid 6294] +++ exited with 0 +++ [pid 6293] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1217, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./405", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./405", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./405/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./405/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./405/cgroup.cpu") = 0 [pid 5063] umount2("./405/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./405/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./405/binderfs") = 0 [pid 5063] umount2("./405/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./405/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./405/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./405/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./405/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./405/file0") = 0 [pid 5063] umount2("./405/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./405/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./405/cgroup") = 0 [pid 5063] umount2("./405/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./405/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./405/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./405") = 0 [pid 5063] mkdir("./406", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1220 ./strace-static-x86_64: Process 6296 attached [pid 6296] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6296] chdir("./406") = 0 [pid 6296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6296] setpgid(0, 0) = 0 [pid 6296] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6296] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6296] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6296] write(3, "1000", 4) = 4 [pid 6296] close(3) = 0 [pid 6296] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6296] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6296] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6296] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6296] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6296] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6296] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6296] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6297 attached => {parent_tid=[1221]}, 88) = 1221 [pid 6296] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6297] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6296] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6297] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6296] <... futex resumed>) = 0 [pid 6297] rt_sigprocmask(SIG_SETMASK, [], [pid 6296] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6297] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6297] memfd_create("syzkaller", 0) = 3 [pid 6297] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6297] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6297] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6297] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6297] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6297] close(3) = 0 [pid 6297] mkdir("./file0", 0777) = 0 [pid 6297] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6297] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6297] chdir("./file0") = 0 [pid 6297] ioctl(4, LOOP_CLR_FD) = 0 [pid 6297] close(4) = 0 [pid 6297] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6296] <... futex resumed>) = 0 [pid 6297] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6296] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6297] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 291.575368][ T6297] loop0: detected capacity change from 0 to 4096 [ 291.605168][ T6297] ntfs: volume version 3.1. [pid 6297] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6296] <... futex resumed>) = 0 [pid 6296] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6297] <... openat resumed>) = 4 [pid 6297] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6296] <... futex resumed>) = 0 [pid 6296] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6296] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6297] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6296] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6296] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6296] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6296] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6296] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6296] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6296] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6298 attached => {parent_tid=[1222]}, 88) = 1222 [pid 6298] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6296] rt_sigprocmask(SIG_SETMASK, [], [pid 6298] <... rseq resumed>) = 0 [pid 6296] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6296] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6298] set_robust_list(0x7eff0a3299a0, 24 [pid 6296] <... futex resumed>) = 0 [pid 6298] <... set_robust_list resumed>) = 0 [pid 6296] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6298] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6297] <... write resumed>) = 1048064 [pid 6298] creat("./file1", 000 [pid 6297] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6298] <... creat resumed>) = 5 [pid 6297] <... futex resumed>) = 0 [pid 6298] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6297] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6298] <... futex resumed>) = 1 [pid 6296] <... futex resumed>) = 0 [pid 6296] close(3) = 0 [pid 6296] close(4 [pid 6298] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6296] <... close resumed>) = 0 [pid 6296] close(5) = 0 [pid 6296] close(6) = -1 EBADF (Bad file descriptor) [pid 6296] close(7) = -1 EBADF (Bad file descriptor) [pid 6296] close(8) = -1 EBADF (Bad file descriptor) [pid 6296] close(9) = -1 EBADF (Bad file descriptor) [pid 6296] close(10) = -1 EBADF (Bad file descriptor) [pid 6296] close(11) = -1 EBADF (Bad file descriptor) [pid 6296] close(12) = -1 EBADF (Bad file descriptor) [pid 6296] close(13) = -1 EBADF (Bad file descriptor) [pid 6296] close(14) = -1 EBADF (Bad file descriptor) [pid 6296] close(15) = -1 EBADF (Bad file descriptor) [pid 6296] close(16) = -1 EBADF (Bad file descriptor) [pid 6296] close(17) = -1 EBADF (Bad file descriptor) [pid 6296] close(18) = -1 EBADF (Bad file descriptor) [pid 6296] close(19) = -1 EBADF (Bad file descriptor) [pid 6296] close(20) = -1 EBADF (Bad file descriptor) [pid 6296] close(21) = -1 EBADF (Bad file descriptor) [pid 6296] close(22) = -1 EBADF (Bad file descriptor) [pid 6296] close(23) = -1 EBADF (Bad file descriptor) [pid 6296] close(24) = -1 EBADF (Bad file descriptor) [pid 6296] close(25) = -1 EBADF (Bad file descriptor) [pid 6296] close(26) = -1 EBADF (Bad file descriptor) [pid 6296] close(27) = -1 EBADF (Bad file descriptor) [pid 6296] close(28) = -1 EBADF (Bad file descriptor) [pid 6296] close(29) = -1 EBADF (Bad file descriptor) [pid 6296] exit_group(0 [pid 6298] <... futex resumed>) = ? [pid 6297] <... futex resumed>) = ? [pid 6296] <... exit_group resumed>) = ? [pid 6298] +++ exited with 0 +++ [pid 6297] +++ exited with 0 +++ [pid 6296] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1220, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./406", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./406", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./406/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./406/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./406/cgroup.cpu") = 0 [pid 5063] umount2("./406/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./406/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./406/binderfs") = 0 [pid 5063] umount2("./406/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./406/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./406/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./406/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./406/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./406/file0") = 0 [pid 5063] umount2("./406/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./406/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./406/cgroup") = 0 [pid 5063] umount2("./406/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./406/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./406/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./406") = 0 [pid 5063] mkdir("./407", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6299 attached , child_tidptr=0x5555560b8690) = 1223 [pid 6299] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6299] chdir("./407") = 0 [pid 6299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6299] setpgid(0, 0) = 0 [pid 6299] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6299] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6299] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6299] write(3, "1000", 4) = 4 [pid 6299] close(3) = 0 [pid 6299] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6299] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6299] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6299] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6299] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6299] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6299] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6299] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6300 attached => {parent_tid=[1224]}, 88) = 1224 [pid 6300] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6300] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6300] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6300] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6299] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6299] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6300] <... futex resumed>) = 0 [pid 6299] <... futex resumed>) = 1 [pid 6299] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6300] memfd_create("syzkaller", 0) = 3 [pid 6300] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6300] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6300] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6300] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6300] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6300] close(3) = 0 [pid 6300] mkdir("./file0", 0777) = 0 [pid 6300] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6300] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6300] chdir("./file0") = 0 [pid 6300] ioctl(4, LOOP_CLR_FD) = 0 [pid 6300] close(4) = 0 [ 292.157782][ T6300] loop0: detected capacity change from 0 to 4096 [ 292.187975][ T6300] ntfs: volume version 3.1. [pid 6300] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6299] <... futex resumed>) = 0 [pid 6299] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6300] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6299] <... futex resumed>) = 0 [pid 6299] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6300] <... openat resumed>) = 4 [pid 6300] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6300] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6299] <... futex resumed>) = 0 [pid 6299] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6300] <... futex resumed>) = 0 [pid 6299] <... futex resumed>) = 1 [pid 6300] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6299] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6299] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6299] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6299] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6299] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6299] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6301 attached [pid 6301] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6299] <... clone3 resumed> => {parent_tid=[1225]}, 88) = 1225 [pid 6301] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6301] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6301] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6299] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6299] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6301] <... futex resumed>) = 0 [pid 6299] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6301] creat("./file1", 000) = 5 [pid 6301] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6300] <... write resumed>) = 1048064 [pid 6300] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6301] <... futex resumed>) = 1 [pid 6299] <... futex resumed>) = 0 [pid 6301] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6300] <... futex resumed>) = 0 [pid 6299] close(3 [pid 6300] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6299] <... close resumed>) = 0 [pid 6299] close(4) = 0 [pid 6299] close(5) = 0 [pid 6299] close(6) = -1 EBADF (Bad file descriptor) [pid 6299] close(7) = -1 EBADF (Bad file descriptor) [pid 6299] close(8) = -1 EBADF (Bad file descriptor) [pid 6299] close(9) = -1 EBADF (Bad file descriptor) [pid 6299] close(10) = -1 EBADF (Bad file descriptor) [pid 6299] close(11) = -1 EBADF (Bad file descriptor) [pid 6299] close(12) = -1 EBADF (Bad file descriptor) [pid 6299] close(13) = -1 EBADF (Bad file descriptor) [pid 6299] close(14) = -1 EBADF (Bad file descriptor) [pid 6299] close(15) = -1 EBADF (Bad file descriptor) [pid 6299] close(16) = -1 EBADF (Bad file descriptor) [pid 6299] close(17) = -1 EBADF (Bad file descriptor) [pid 6299] close(18) = -1 EBADF (Bad file descriptor) [pid 6299] close(19) = -1 EBADF (Bad file descriptor) [pid 6299] close(20) = -1 EBADF (Bad file descriptor) [pid 6299] close(21) = -1 EBADF (Bad file descriptor) [pid 6299] close(22) = -1 EBADF (Bad file descriptor) [pid 6299] close(23) = -1 EBADF (Bad file descriptor) [pid 6299] close(24) = -1 EBADF (Bad file descriptor) [pid 6299] close(25) = -1 EBADF (Bad file descriptor) [pid 6299] close(26) = -1 EBADF (Bad file descriptor) [pid 6299] close(27) = -1 EBADF (Bad file descriptor) [pid 6299] close(28) = -1 EBADF (Bad file descriptor) [pid 6299] close(29) = -1 EBADF (Bad file descriptor) [pid 6299] exit_group(0 [pid 6300] <... futex resumed>) = ? [pid 6300] +++ exited with 0 +++ [pid 6299] <... exit_group resumed>) = ? [pid 6301] <... futex resumed>) = ? [pid 6301] +++ exited with 0 +++ [pid 6299] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1223, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./407", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./407", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./407/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./407/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./407/cgroup.cpu") = 0 [pid 5063] umount2("./407/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./407/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./407/binderfs") = 0 [pid 5063] umount2("./407/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./407/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./407/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./407/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./407/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./407/file0") = 0 [pid 5063] umount2("./407/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./407/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./407/cgroup") = 0 [pid 5063] umount2("./407/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./407/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./407/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./407") = 0 [pid 5063] mkdir("./408", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6302 attached [pid 6302] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1226 [pid 6302] <... set_robust_list resumed>) = 0 [pid 6302] chdir("./408") = 0 [pid 6302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6302] setpgid(0, 0) = 0 [pid 6302] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6302] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6302] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6302] write(3, "1000", 4) = 4 [pid 6302] close(3) = 0 [pid 6302] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6302] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6302] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6302] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6302] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6302] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6302] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6303 attached => {parent_tid=[1227]}, 88) = 1227 [pid 6303] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6302] rt_sigprocmask(SIG_SETMASK, [], [pid 6303] <... rseq resumed>) = 0 [pid 6302] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6303] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6302] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6303] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6302] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6303] memfd_create("syzkaller", 0) = 3 [pid 6303] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6303] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6303] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6303] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6303] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6303] close(3) = 0 [pid 6303] mkdir("./file0", 0777) = 0 [pid 6303] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6303] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6303] chdir("./file0") = 0 [pid 6303] ioctl(4, LOOP_CLR_FD) = 0 [pid 6303] close(4) = 0 [pid 6303] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6302] <... futex resumed>) = 0 [pid 6303] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6302] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6303] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6303] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6302] <... futex resumed>) = 0 [ 292.711345][ T6303] loop0: detected capacity change from 0 to 4096 [ 292.740918][ T6303] ntfs: volume version 3.1. [pid 6303] <... openat resumed>) = 4 [pid 6302] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6303] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6302] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6303] <... futex resumed>) = 0 [pid 6302] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6303] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6302] <... futex resumed>) = 0 [pid 6302] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6302] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6302] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6302] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6302] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6302] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1228]}, 88) = 1228 ./strace-static-x86_64: Process 6304 attached [pid 6304] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6304] set_robust_list(0x7eff0a3299a0, 24 [pid 6302] rt_sigprocmask(SIG_SETMASK, [], [pid 6304] <... set_robust_list resumed>) = 0 [pid 6302] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6304] rt_sigprocmask(SIG_SETMASK, [], [pid 6302] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6304] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6302] <... futex resumed>) = 0 [pid 6304] creat("./file1", 000 [pid 6302] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6304] <... creat resumed>) = 5 [pid 6303] <... write resumed>) = 1048064 [pid 6304] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6302] <... futex resumed>) = 0 [pid 6304] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6303] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6303] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6302] close(3) = 0 [pid 6302] close(4) = 0 [pid 6302] close(5) = 0 [pid 6302] close(6) = -1 EBADF (Bad file descriptor) [pid 6302] close(7) = -1 EBADF (Bad file descriptor) [pid 6302] close(8) = -1 EBADF (Bad file descriptor) [pid 6302] close(9) = -1 EBADF (Bad file descriptor) [pid 6302] close(10) = -1 EBADF (Bad file descriptor) [pid 6302] close(11) = -1 EBADF (Bad file descriptor) [pid 6302] close(12) = -1 EBADF (Bad file descriptor) [pid 6302] close(13) = -1 EBADF (Bad file descriptor) [pid 6302] close(14) = -1 EBADF (Bad file descriptor) [pid 6302] close(15) = -1 EBADF (Bad file descriptor) [pid 6302] close(16) = -1 EBADF (Bad file descriptor) [pid 6302] close(17) = -1 EBADF (Bad file descriptor) [pid 6302] close(18) = -1 EBADF (Bad file descriptor) [pid 6302] close(19) = -1 EBADF (Bad file descriptor) [pid 6302] close(20) = -1 EBADF (Bad file descriptor) [pid 6302] close(21) = -1 EBADF (Bad file descriptor) [pid 6302] close(22) = -1 EBADF (Bad file descriptor) [pid 6302] close(23) = -1 EBADF (Bad file descriptor) [pid 6302] close(24) = -1 EBADF (Bad file descriptor) [pid 6302] close(25) = -1 EBADF (Bad file descriptor) [pid 6302] close(26) = -1 EBADF (Bad file descriptor) [pid 6302] close(27) = -1 EBADF (Bad file descriptor) [pid 6302] close(28) = -1 EBADF (Bad file descriptor) [pid 6302] close(29) = -1 EBADF (Bad file descriptor) [pid 6302] exit_group(0) = ? [pid 6304] <... futex resumed>) = ? [pid 6303] <... futex resumed>) = ? [pid 6304] +++ exited with 0 +++ [pid 6303] +++ exited with 0 +++ [pid 6302] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1226, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./408", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./408", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./408/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./408/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./408/cgroup.cpu") = 0 [pid 5063] umount2("./408/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./408/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./408/binderfs") = 0 [pid 5063] umount2("./408/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./408/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./408/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./408/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./408/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./408/file0") = 0 [pid 5063] umount2("./408/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./408/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./408/cgroup") = 0 [pid 5063] umount2("./408/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./408/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./408/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./408") = 0 [pid 5063] mkdir("./409", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6305 attached , child_tidptr=0x5555560b8690) = 1229 [pid 6305] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6305] chdir("./409") = 0 [pid 6305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6305] setpgid(0, 0) = 0 [pid 6305] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6305] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6305] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6305] write(3, "1000", 4) = 4 [pid 6305] close(3) = 0 [pid 6305] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6305] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6305] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6305] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6305] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6306 attached => {parent_tid=[1230]}, 88) = 1230 [pid 6306] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6305] rt_sigprocmask(SIG_SETMASK, [], [pid 6306] <... rseq resumed>) = 0 [pid 6305] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6306] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6305] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6306] rt_sigprocmask(SIG_SETMASK, [], [pid 6305] <... futex resumed>) = 0 [pid 6306] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6305] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6306] memfd_create("syzkaller", 0) = 3 [pid 6306] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6306] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6306] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6306] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6306] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6306] close(3) = 0 [pid 6306] mkdir("./file0", 0777) = 0 [ 293.356220][ T6306] loop0: detected capacity change from 0 to 4096 [ 293.375602][ T6306] __ntfs_warning: 170 callbacks suppressed [ 293.375616][ T6306] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 293.402489][ T6306] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 293.412061][ T6306] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 293.427958][ T6306] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 293.436635][ T6306] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 293.456674][ T6306] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 293.465384][ T6306] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 293.485499][ T6306] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6306] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6306] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6306] chdir("./file0") = 0 [pid 6306] ioctl(4, LOOP_CLR_FD) = 0 [pid 6306] close(4) = 0 [pid 6306] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6305] <... futex resumed>) = 0 [pid 6305] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6306] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6305] <... futex resumed>) = 0 [pid 6305] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6306] <... openat resumed>) = 4 [ 293.494223][ T6306] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 293.514184][ T6306] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 293.524923][ T6306] ntfs: volume version 3.1. [pid 6306] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6306] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6305] <... futex resumed>) = 0 [pid 6305] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6306] <... futex resumed>) = 0 [pid 6305] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6306] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6305] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6305] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6305] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6305] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6305] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6305] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6307 attached [pid 6307] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6305] <... clone3 resumed> => {parent_tid=[1231]}, 88) = 1231 [pid 6307] <... rseq resumed>) = 0 [pid 6305] rt_sigprocmask(SIG_SETMASK, [], [pid 6307] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6307] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6305] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6307] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6305] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6307] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6307] creat("./file1", 000 [pid 6305] <... futex resumed>) = 0 [pid 6305] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6307] <... creat resumed>) = 5 [pid 6306] <... write resumed>) = 1048064 [pid 6307] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6307] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6306] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6305] <... futex resumed>) = 0 [pid 6305] close(3) = 0 [pid 6305] close(4) = 0 [pid 6306] <... futex resumed>) = 0 [pid 6306] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6305] close(5) = 0 [pid 6305] close(6) = -1 EBADF (Bad file descriptor) [pid 6305] close(7) = -1 EBADF (Bad file descriptor) [pid 6305] close(8) = -1 EBADF (Bad file descriptor) [pid 6305] close(9) = -1 EBADF (Bad file descriptor) [pid 6305] close(10) = -1 EBADF (Bad file descriptor) [pid 6305] close(11) = -1 EBADF (Bad file descriptor) [pid 6305] close(12) = -1 EBADF (Bad file descriptor) [pid 6305] close(13) = -1 EBADF (Bad file descriptor) [pid 6305] close(14) = -1 EBADF (Bad file descriptor) [pid 6305] close(15) = -1 EBADF (Bad file descriptor) [pid 6305] close(16) = -1 EBADF (Bad file descriptor) [pid 6305] close(17) = -1 EBADF (Bad file descriptor) [pid 6305] close(18) = -1 EBADF (Bad file descriptor) [pid 6305] close(19) = -1 EBADF (Bad file descriptor) [pid 6305] close(20) = -1 EBADF (Bad file descriptor) [pid 6305] close(21) = -1 EBADF (Bad file descriptor) [pid 6305] close(22) = -1 EBADF (Bad file descriptor) [pid 6305] close(23) = -1 EBADF (Bad file descriptor) [pid 6305] close(24) = -1 EBADF (Bad file descriptor) [pid 6305] close(25) = -1 EBADF (Bad file descriptor) [pid 6305] close(26) = -1 EBADF (Bad file descriptor) [pid 6305] close(27) = -1 EBADF (Bad file descriptor) [pid 6305] close(28) = -1 EBADF (Bad file descriptor) [pid 6305] close(29) = -1 EBADF (Bad file descriptor) [pid 6305] exit_group(0 [pid 6306] <... futex resumed>) = ? [pid 6305] <... exit_group resumed>) = ? [pid 6307] <... futex resumed>) = ? [pid 6306] +++ exited with 0 +++ [pid 6307] +++ exited with 0 +++ [pid 6305] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1229, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5063] umount2("./409", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./409", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./409/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./409/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./409/cgroup.cpu") = 0 [pid 5063] umount2("./409/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./409/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./409/binderfs") = 0 [pid 5063] umount2("./409/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./409/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./409/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./409/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./409/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./409/file0") = 0 [pid 5063] umount2("./409/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./409/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./409/cgroup") = 0 [pid 5063] umount2("./409/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./409/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./409/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./409") = 0 [pid 5063] mkdir("./410", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6308 attached , child_tidptr=0x5555560b8690) = 1232 [pid 6308] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6308] chdir("./410") = 0 [pid 6308] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6308] setpgid(0, 0) = 0 [pid 6308] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6308] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6308] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6308] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6308] write(3, "1000", 4) = 4 [pid 6308] close(3) = 0 [pid 6308] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6308] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6308] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6308] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6308] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6308] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6308] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6308] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6309 attached => {parent_tid=[1233]}, 88) = 1233 [pid 6309] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6308] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6308] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6308] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6309] <... rseq resumed>) = 0 [pid 6309] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6309] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6309] memfd_create("syzkaller", 0) = 3 [pid 6309] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6309] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6309] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6309] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6309] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6309] close(3) = 0 [pid 6309] mkdir("./file0", 0777) = 0 [pid 6309] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6309] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6309] chdir("./file0") = 0 [pid 6309] ioctl(4, LOOP_CLR_FD) = 0 [pid 6309] close(4) = 0 [pid 6309] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6308] <... futex resumed>) = 0 [pid 6309] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6308] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6309] <... futex resumed>) = 0 [pid 6308] <... futex resumed>) = 1 [pid 6309] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 294.129118][ T6309] loop0: detected capacity change from 0 to 4096 [ 294.158710][ T6309] ntfs: volume version 3.1. [pid 6308] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6309] <... openat resumed>) = 4 [pid 6309] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6308] <... futex resumed>) = 0 [pid 6309] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6308] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6309] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6309] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6308] <... futex resumed>) = 0 [pid 6308] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6308] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6308] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6308] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6308] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6308] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6310 attached [pid 6310] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6310] set_robust_list(0x7eff0a3299a0, 24 [pid 6308] <... clone3 resumed> => {parent_tid=[1234]}, 88) = 1234 [pid 6310] <... set_robust_list resumed>) = 0 [pid 6310] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6308] rt_sigprocmask(SIG_SETMASK, [], [pid 6310] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6308] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6308] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6310] <... futex resumed>) = 0 [pid 6310] creat("./file1", 000 [pid 6308] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6310] <... creat resumed>) = 5 [pid 6309] <... write resumed>) = 1048064 [pid 6310] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6308] <... futex resumed>) = 0 [pid 6310] <... futex resumed>) = 1 [pid 6309] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6310] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6309] <... futex resumed>) = 0 [pid 6308] close(3 [pid 6309] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6308] <... close resumed>) = 0 [pid 6308] close(4) = 0 [pid 6308] close(5) = 0 [pid 6308] close(6) = -1 EBADF (Bad file descriptor) [pid 6308] close(7) = -1 EBADF (Bad file descriptor) [pid 6308] close(8) = -1 EBADF (Bad file descriptor) [pid 6308] close(9) = -1 EBADF (Bad file descriptor) [pid 6308] close(10) = -1 EBADF (Bad file descriptor) [pid 6308] close(11) = -1 EBADF (Bad file descriptor) [pid 6308] close(12) = -1 EBADF (Bad file descriptor) [pid 6308] close(13) = -1 EBADF (Bad file descriptor) [pid 6308] close(14) = -1 EBADF (Bad file descriptor) [pid 6308] close(15) = -1 EBADF (Bad file descriptor) [pid 6308] close(16) = -1 EBADF (Bad file descriptor) [pid 6308] close(17) = -1 EBADF (Bad file descriptor) [pid 6308] close(18) = -1 EBADF (Bad file descriptor) [pid 6308] close(19) = -1 EBADF (Bad file descriptor) [pid 6308] close(20) = -1 EBADF (Bad file descriptor) [pid 6308] close(21) = -1 EBADF (Bad file descriptor) [pid 6308] close(22) = -1 EBADF (Bad file descriptor) [pid 6308] close(23) = -1 EBADF (Bad file descriptor) [pid 6308] close(24) = -1 EBADF (Bad file descriptor) [pid 6308] close(25) = -1 EBADF (Bad file descriptor) [pid 6308] close(26) = -1 EBADF (Bad file descriptor) [pid 6308] close(27) = -1 EBADF (Bad file descriptor) [pid 6308] close(28) = -1 EBADF (Bad file descriptor) [pid 6308] close(29) = -1 EBADF (Bad file descriptor) [pid 6308] exit_group(0 [pid 6309] <... futex resumed>) = ? [pid 6309] +++ exited with 0 +++ [pid 6310] <... futex resumed>) = ? [pid 6308] <... exit_group resumed>) = ? [pid 6310] +++ exited with 0 +++ [pid 6308] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1232, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./410", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./410", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./410/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./410/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./410/cgroup.cpu") = 0 [pid 5063] umount2("./410/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./410/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./410/binderfs") = 0 [pid 5063] umount2("./410/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./410/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./410/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./410/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./410/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./410/file0") = 0 [pid 5063] umount2("./410/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./410/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./410/cgroup") = 0 [pid 5063] umount2("./410/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./410/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./410/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./410") = 0 [pid 5063] mkdir("./411", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6311 attached [pid 6311] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1235 [pid 6311] <... set_robust_list resumed>) = 0 [pid 6311] chdir("./411") = 0 [pid 6311] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6311] setpgid(0, 0) = 0 [pid 6311] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6311] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6311] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6311] write(3, "1000", 4) = 4 [pid 6311] close(3) = 0 [pid 6311] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6311] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6311] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6311] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6311] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6311] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6311] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6311] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6312 attached => {parent_tid=[1236]}, 88) = 1236 [pid 6312] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6311] rt_sigprocmask(SIG_SETMASK, [], [pid 6312] <... rseq resumed>) = 0 [pid 6312] set_robust_list(0x7eff0a34a9a0, 24 [pid 6311] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6312] <... set_robust_list resumed>) = 0 [pid 6311] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6312] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6311] <... futex resumed>) = 0 [pid 6311] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6312] memfd_create("syzkaller", 0) = 3 [pid 6312] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6312] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6312] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6312] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6312] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6312] close(3) = 0 [pid 6312] mkdir("./file0", 0777) = 0 [pid 6312] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6312] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6312] chdir("./file0") = 0 [pid 6312] ioctl(4, LOOP_CLR_FD) = 0 [pid 6312] close(4) = 0 [pid 6312] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6312] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6311] <... futex resumed>) = 0 [pid 6311] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6312] <... futex resumed>) = 0 [pid 6311] <... futex resumed>) = 1 [pid 6312] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6311] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6312] <... openat resumed>) = 4 [ 294.722293][ T6312] loop0: detected capacity change from 0 to 4096 [ 294.737025][ T6312] ntfs: volume version 3.1. [pid 6312] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6311] <... futex resumed>) = 0 [pid 6312] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6311] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6312] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6311] <... futex resumed>) = 0 [pid 6311] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6311] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6311] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6311] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6311] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6311] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6313 attached => {parent_tid=[1237]}, 88) = 1237 [pid 6313] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6311] rt_sigprocmask(SIG_SETMASK, [], [pid 6313] <... rseq resumed>) = 0 [pid 6313] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6313] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6311] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6313] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6311] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6311] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6313] <... futex resumed>) = 0 [pid 6313] creat("./file1", 000) = 5 [pid 6312] <... write resumed>) = 1048064 [pid 6313] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6312] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6313] <... futex resumed>) = 1 [pid 6311] <... futex resumed>) = 0 [pid 6311] close(3 [pid 6313] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6312] <... futex resumed>) = 0 [pid 6311] <... close resumed>) = 0 [pid 6311] close(4) = 0 [pid 6311] close(5 [pid 6312] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6311] <... close resumed>) = 0 [pid 6311] close(6) = -1 EBADF (Bad file descriptor) [pid 6311] close(7) = -1 EBADF (Bad file descriptor) [pid 6311] close(8) = -1 EBADF (Bad file descriptor) [pid 6311] close(9) = -1 EBADF (Bad file descriptor) [pid 6311] close(10) = -1 EBADF (Bad file descriptor) [pid 6311] close(11) = -1 EBADF (Bad file descriptor) [pid 6311] close(12) = -1 EBADF (Bad file descriptor) [pid 6311] close(13) = -1 EBADF (Bad file descriptor) [pid 6311] close(14) = -1 EBADF (Bad file descriptor) [pid 6311] close(15) = -1 EBADF (Bad file descriptor) [pid 6311] close(16) = -1 EBADF (Bad file descriptor) [pid 6311] close(17) = -1 EBADF (Bad file descriptor) [pid 6311] close(18) = -1 EBADF (Bad file descriptor) [pid 6311] close(19) = -1 EBADF (Bad file descriptor) [pid 6311] close(20) = -1 EBADF (Bad file descriptor) [pid 6311] close(21) = -1 EBADF (Bad file descriptor) [pid 6311] close(22) = -1 EBADF (Bad file descriptor) [pid 6311] close(23) = -1 EBADF (Bad file descriptor) [pid 6311] close(24) = -1 EBADF (Bad file descriptor) [pid 6311] close(25) = -1 EBADF (Bad file descriptor) [pid 6311] close(26) = -1 EBADF (Bad file descriptor) [pid 6311] close(27) = -1 EBADF (Bad file descriptor) [pid 6311] close(28) = -1 EBADF (Bad file descriptor) [pid 6311] close(29) = -1 EBADF (Bad file descriptor) [pid 6311] exit_group(0) = ? [pid 6313] <... futex resumed>) = ? [pid 6312] <... futex resumed>) = ? [pid 6313] +++ exited with 0 +++ [pid 6312] +++ exited with 0 +++ [pid 6311] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1235, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./411", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./411", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./411/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./411/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./411/cgroup.cpu") = 0 [pid 5063] umount2("./411/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./411/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./411/binderfs") = 0 [pid 5063] umount2("./411/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./411/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./411/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./411/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./411/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./411/file0") = 0 [pid 5063] umount2("./411/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./411/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./411/cgroup") = 0 [pid 5063] umount2("./411/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./411/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./411/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./411") = 0 [pid 5063] mkdir("./412", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6314 attached , child_tidptr=0x5555560b8690) = 1238 [pid 6314] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6314] chdir("./412") = 0 [pid 6314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6314] setpgid(0, 0) = 0 [pid 6314] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6314] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6314] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6314] write(3, "1000", 4) = 4 [pid 6314] close(3) = 0 [pid 6314] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6314] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6314] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6314] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6314] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6314] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6314] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6314] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6315 attached => {parent_tid=[1239]}, 88) = 1239 [pid 6314] rt_sigprocmask(SIG_SETMASK, [], [pid 6315] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6314] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6315] <... rseq resumed>) = 0 [pid 6314] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6315] set_robust_list(0x7eff0a34a9a0, 24 [pid 6314] <... futex resumed>) = 0 [pid 6315] <... set_robust_list resumed>) = 0 [pid 6314] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6315] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6315] memfd_create("syzkaller", 0) = 3 [pid 6315] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6315] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6315] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6315] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6315] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6315] close(3) = 0 [pid 6315] mkdir("./file0", 0777) = 0 [pid 6315] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6315] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6315] chdir("./file0") = 0 [pid 6315] ioctl(4, LOOP_CLR_FD) = 0 [pid 6315] close(4) = 0 [pid 6315] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6314] <... futex resumed>) = 0 [pid 6315] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6314] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6315] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6314] <... futex resumed>) = 0 [pid 6315] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6314] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6315] <... openat resumed>) = 4 [pid 6315] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6314] <... futex resumed>) = 0 [pid 6315] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6314] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6315] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6314] <... futex resumed>) = 0 [ 295.400793][ T6315] loop0: detected capacity change from 0 to 4096 [ 295.421644][ T6315] ntfs: volume version 3.1. [pid 6314] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6315] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6314] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6314] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6314] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6314] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6314] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6314] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6314] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6316 attached [pid 6316] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6314] <... clone3 resumed> => {parent_tid=[1240]}, 88) = 1240 [pid 6316] set_robust_list(0x7eff0a3299a0, 24 [pid 6314] rt_sigprocmask(SIG_SETMASK, [], [pid 6316] <... set_robust_list resumed>) = 0 [pid 6314] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6316] rt_sigprocmask(SIG_SETMASK, [], [pid 6314] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6316] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6314] <... futex resumed>) = 0 [pid 6316] creat("./file1", 000 [pid 6314] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6316] <... creat resumed>) = 5 [pid 6315] <... write resumed>) = 1048064 [pid 6316] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6316] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6314] <... futex resumed>) = 0 [pid 6315] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6315] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6314] close(3) = 0 [pid 6314] close(4) = 0 [pid 6314] close(5) = 0 [pid 6314] close(6) = -1 EBADF (Bad file descriptor) [pid 6314] close(7) = -1 EBADF (Bad file descriptor) [pid 6314] close(8) = -1 EBADF (Bad file descriptor) [pid 6314] close(9) = -1 EBADF (Bad file descriptor) [pid 6314] close(10) = -1 EBADF (Bad file descriptor) [pid 6314] close(11) = -1 EBADF (Bad file descriptor) [pid 6314] close(12) = -1 EBADF (Bad file descriptor) [pid 6314] close(13) = -1 EBADF (Bad file descriptor) [pid 6314] close(14) = -1 EBADF (Bad file descriptor) [pid 6314] close(15) = -1 EBADF (Bad file descriptor) [pid 6314] close(16) = -1 EBADF (Bad file descriptor) [pid 6314] close(17) = -1 EBADF (Bad file descriptor) [pid 6314] close(18) = -1 EBADF (Bad file descriptor) [pid 6314] close(19) = -1 EBADF (Bad file descriptor) [pid 6314] close(20) = -1 EBADF (Bad file descriptor) [pid 6314] close(21) = -1 EBADF (Bad file descriptor) [pid 6314] close(22) = -1 EBADF (Bad file descriptor) [pid 6314] close(23) = -1 EBADF (Bad file descriptor) [pid 6314] close(24) = -1 EBADF (Bad file descriptor) [pid 6314] close(25) = -1 EBADF (Bad file descriptor) [pid 6314] close(26) = -1 EBADF (Bad file descriptor) [pid 6314] close(27) = -1 EBADF (Bad file descriptor) [pid 6314] close(28) = -1 EBADF (Bad file descriptor) [pid 6314] close(29) = -1 EBADF (Bad file descriptor) [pid 6314] exit_group(0 [pid 6315] <... futex resumed>) = ? [pid 6316] <... futex resumed>) = ? [pid 6314] <... exit_group resumed>) = ? [pid 6316] +++ exited with 0 +++ [pid 6315] +++ exited with 0 +++ [pid 6314] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1238, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./412", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./412", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./412/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./412/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./412/cgroup.cpu") = 0 [pid 5063] umount2("./412/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./412/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./412/binderfs") = 0 [pid 5063] umount2("./412/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./412/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./412/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./412/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./412/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./412/file0") = 0 [pid 5063] umount2("./412/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./412/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./412/cgroup") = 0 [pid 5063] umount2("./412/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./412/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./412/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./412") = 0 [pid 5063] mkdir("./413", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6317 attached [pid 6317] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1241 [pid 6317] <... set_robust_list resumed>) = 0 [pid 6317] chdir("./413") = 0 [pid 6317] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6317] setpgid(0, 0) = 0 [pid 6317] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6317] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6317] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6317] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6317] write(3, "1000", 4) = 4 [pid 6317] close(3) = 0 [pid 6317] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6317] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6317] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6317] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6317] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6317] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6317] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6317] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6318 attached [pid 6318] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6317] <... clone3 resumed> => {parent_tid=[1242]}, 88) = 1242 [pid 6318] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6318] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6318] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6317] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6317] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6318] <... futex resumed>) = 0 [pid 6317] <... futex resumed>) = 1 [pid 6317] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6318] memfd_create("syzkaller", 0) = 3 [pid 6318] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6318] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6318] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6318] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6318] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6318] close(3) = 0 [pid 6318] mkdir("./file0", 0777) = 0 [pid 6318] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6318] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6318] chdir("./file0") = 0 [pid 6318] ioctl(4, LOOP_CLR_FD) = 0 [pid 6318] close(4) = 0 [pid 6318] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6317] <... futex resumed>) = 0 [ 295.893682][ T6318] loop0: detected capacity change from 0 to 4096 [ 295.909018][ T6318] ntfs: volume version 3.1. [pid 6318] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6317] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6318] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6317] <... futex resumed>) = 0 [pid 6318] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6317] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6318] <... openat resumed>) = 4 [pid 6318] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6317] <... futex resumed>) = 0 [pid 6318] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6317] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6318] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6317] <... futex resumed>) = 0 [pid 6317] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6317] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6317] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6317] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6317] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6317] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6319 attached [pid 6319] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6317] <... clone3 resumed> => {parent_tid=[1243]}, 88) = 1243 [pid 6319] <... rseq resumed>) = 0 [pid 6317] rt_sigprocmask(SIG_SETMASK, [], [pid 6319] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6319] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6317] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6319] creat("./file1", 000 [pid 6317] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6317] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6319] <... creat resumed>) = 5 [pid 6318] <... write resumed>) = 1048064 [pid 6319] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6317] <... futex resumed>) = 0 [pid 6319] <... futex resumed>) = 1 [pid 6318] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6319] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6318] <... futex resumed>) = 0 [pid 6317] close(3 [pid 6318] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6317] <... close resumed>) = 0 [pid 6317] close(4) = 0 [pid 6317] close(5) = 0 [pid 6317] close(6) = -1 EBADF (Bad file descriptor) [pid 6317] close(7) = -1 EBADF (Bad file descriptor) [pid 6317] close(8) = -1 EBADF (Bad file descriptor) [pid 6317] close(9) = -1 EBADF (Bad file descriptor) [pid 6317] close(10) = -1 EBADF (Bad file descriptor) [pid 6317] close(11) = -1 EBADF (Bad file descriptor) [pid 6317] close(12) = -1 EBADF (Bad file descriptor) [pid 6317] close(13) = -1 EBADF (Bad file descriptor) [pid 6317] close(14) = -1 EBADF (Bad file descriptor) [pid 6317] close(15) = -1 EBADF (Bad file descriptor) [pid 6317] close(16) = -1 EBADF (Bad file descriptor) [pid 6317] close(17) = -1 EBADF (Bad file descriptor) [pid 6317] close(18) = -1 EBADF (Bad file descriptor) [pid 6317] close(19) = -1 EBADF (Bad file descriptor) [pid 6317] close(20) = -1 EBADF (Bad file descriptor) [pid 6317] close(21) = -1 EBADF (Bad file descriptor) [pid 6317] close(22) = -1 EBADF (Bad file descriptor) [pid 6317] close(23) = -1 EBADF (Bad file descriptor) [pid 6317] close(24) = -1 EBADF (Bad file descriptor) [pid 6317] close(25) = -1 EBADF (Bad file descriptor) [pid 6317] close(26) = -1 EBADF (Bad file descriptor) [pid 6317] close(27) = -1 EBADF (Bad file descriptor) [pid 6317] close(28) = -1 EBADF (Bad file descriptor) [pid 6317] close(29) = -1 EBADF (Bad file descriptor) [pid 6317] exit_group(0) = ? [pid 6319] <... futex resumed>) = ? [pid 6318] <... futex resumed>) = ? [pid 6319] +++ exited with 0 +++ [pid 6318] +++ exited with 0 +++ [pid 6317] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1241, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./413", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./413", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./413/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./413/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./413/cgroup.cpu") = 0 [pid 5063] umount2("./413/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./413/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./413/binderfs") = 0 [pid 5063] umount2("./413/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./413/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./413/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./413/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./413/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./413/file0") = 0 [pid 5063] umount2("./413/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./413/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./413/cgroup") = 0 [pid 5063] umount2("./413/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./413/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./413/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./413") = 0 [pid 5063] mkdir("./414", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6320 attached , child_tidptr=0x5555560b8690) = 1244 [pid 6320] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6320] chdir("./414") = 0 [pid 6320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6320] setpgid(0, 0) = 0 [pid 6320] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6320] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6320] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6320] write(3, "1000", 4) = 4 [pid 6320] close(3) = 0 [pid 6320] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6320] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6320] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6320] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6320] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6320] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6320] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6321 attached [pid 6321] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6320] <... clone3 resumed> => {parent_tid=[1245]}, 88) = 1245 [pid 6321] <... rseq resumed>) = 0 [pid 6320] rt_sigprocmask(SIG_SETMASK, [], [pid 6321] set_robust_list(0x7eff0a34a9a0, 24 [pid 6320] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6321] <... set_robust_list resumed>) = 0 [pid 6320] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6321] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6320] <... futex resumed>) = 0 [pid 6320] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6321] memfd_create("syzkaller", 0) = 3 [pid 6321] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6321] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6321] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6321] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6321] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6321] close(3) = 0 [pid 6321] mkdir("./file0", 0777) = 0 [pid 6321] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6321] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6321] chdir("./file0") = 0 [pid 6321] ioctl(4, LOOP_CLR_FD) = 0 [pid 6321] close(4) = 0 [ 296.440574][ T6321] loop0: detected capacity change from 0 to 4096 [ 296.460903][ T6321] ntfs: volume version 3.1. [pid 6321] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6320] <... futex resumed>) = 0 [pid 6321] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6320] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6321] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6320] <... futex resumed>) = 0 [pid 6320] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6321] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6321] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6320] <... futex resumed>) = 0 [pid 6321] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6320] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6321] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6321] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6320] <... futex resumed>) = 0 [pid 6320] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6320] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6320] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6320] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6320] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6320] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6320] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6322 attached [pid 6322] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6320] <... clone3 resumed> => {parent_tid=[1246]}, 88) = 1246 [pid 6322] <... rseq resumed>) = 0 [pid 6322] set_robust_list(0x7eff0a3299a0, 24 [pid 6320] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6320] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6320] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6322] <... set_robust_list resumed>) = 0 [pid 6321] <... write resumed>) = 1048064 [pid 6322] rt_sigprocmask(SIG_SETMASK, [], [pid 6321] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6322] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6321] <... futex resumed>) = 0 [pid 6322] creat("./file1", 000 [pid 6321] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6322] <... creat resumed>) = 5 [pid 6322] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6320] <... futex resumed>) = 0 [pid 6322] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6320] close(3) = 0 [pid 6320] close(4) = 0 [pid 6320] close(5) = 0 [pid 6320] close(6) = -1 EBADF (Bad file descriptor) [pid 6320] close(7) = -1 EBADF (Bad file descriptor) [pid 6320] close(8) = -1 EBADF (Bad file descriptor) [pid 6320] close(9) = -1 EBADF (Bad file descriptor) [pid 6320] close(10) = -1 EBADF (Bad file descriptor) [pid 6320] close(11) = -1 EBADF (Bad file descriptor) [pid 6320] close(12) = -1 EBADF (Bad file descriptor) [pid 6320] close(13) = -1 EBADF (Bad file descriptor) [pid 6320] close(14) = -1 EBADF (Bad file descriptor) [pid 6320] close(15) = -1 EBADF (Bad file descriptor) [pid 6320] close(16) = -1 EBADF (Bad file descriptor) [pid 6320] close(17) = -1 EBADF (Bad file descriptor) [pid 6320] close(18) = -1 EBADF (Bad file descriptor) [pid 6320] close(19) = -1 EBADF (Bad file descriptor) [pid 6320] close(20) = -1 EBADF (Bad file descriptor) [pid 6320] close(21) = -1 EBADF (Bad file descriptor) [pid 6320] close(22) = -1 EBADF (Bad file descriptor) [pid 6320] close(23) = -1 EBADF (Bad file descriptor) [pid 6320] close(24) = -1 EBADF (Bad file descriptor) [pid 6320] close(25) = -1 EBADF (Bad file descriptor) [pid 6320] close(26) = -1 EBADF (Bad file descriptor) [pid 6320] close(27) = -1 EBADF (Bad file descriptor) [pid 6320] close(28) = -1 EBADF (Bad file descriptor) [pid 6320] close(29) = -1 EBADF (Bad file descriptor) [pid 6320] exit_group(0) = ? [pid 6322] <... futex resumed>) = ? [pid 6321] <... futex resumed>) = ? [pid 6322] +++ exited with 0 +++ [pid 6321] +++ exited with 0 +++ [pid 6320] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1244, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./414", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./414", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./414/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./414/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./414/cgroup.cpu") = 0 [pid 5063] umount2("./414/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./414/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./414/binderfs") = 0 [pid 5063] umount2("./414/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./414/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./414/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./414/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./414/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./414/file0") = 0 [pid 5063] umount2("./414/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./414/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./414/cgroup") = 0 [pid 5063] umount2("./414/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./414/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./414/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./414") = 0 [pid 5063] mkdir("./415", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6323 attached [pid 6323] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1247 [pid 6323] <... set_robust_list resumed>) = 0 [pid 6323] chdir("./415") = 0 [pid 6323] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6323] setpgid(0, 0) = 0 [pid 6323] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6323] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6323] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6323] write(3, "1000", 4) = 4 [pid 6323] close(3) = 0 [pid 6323] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6323] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6323] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6323] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6323] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6323] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6323] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6323] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6324 attached [pid 6324] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6323] <... clone3 resumed> => {parent_tid=[1248]}, 88) = 1248 [pid 6324] <... rseq resumed>) = 0 [pid 6323] rt_sigprocmask(SIG_SETMASK, [], [pid 6324] set_robust_list(0x7eff0a34a9a0, 24 [pid 6323] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6324] <... set_robust_list resumed>) = 0 [pid 6323] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6324] rt_sigprocmask(SIG_SETMASK, [], [pid 6323] <... futex resumed>) = 0 [pid 6324] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6323] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6324] memfd_create("syzkaller", 0) = 3 [pid 6324] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6324] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6324] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6324] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6324] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6324] close(3) = 0 [pid 6324] mkdir("./file0", 0777) = 0 [pid 6324] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6324] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6324] chdir("./file0") = 0 [pid 6324] ioctl(4, LOOP_CLR_FD) = 0 [pid 6324] close(4) = 0 [ 297.045689][ T6324] loop0: detected capacity change from 0 to 4096 [ 297.066197][ T6324] ntfs: volume version 3.1. [pid 6324] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6323] <... futex resumed>) = 0 [pid 6324] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6323] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6324] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6323] <... futex resumed>) = 0 [pid 6323] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6324] <... openat resumed>) = 4 [pid 6324] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6324] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6323] <... futex resumed>) = 0 [pid 6323] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6324] <... futex resumed>) = 0 [pid 6323] <... futex resumed>) = 1 [pid 6324] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6323] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6323] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6323] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6323] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6323] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6323] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6325 attached => {parent_tid=[1249]}, 88) = 1249 [pid 6325] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6323] rt_sigprocmask(SIG_SETMASK, [], [pid 6325] <... rseq resumed>) = 0 [pid 6323] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6325] set_robust_list(0x7eff0a3299a0, 24 [pid 6323] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6325] <... set_robust_list resumed>) = 0 [pid 6323] <... futex resumed>) = 0 [pid 6325] rt_sigprocmask(SIG_SETMASK, [], [pid 6323] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6325] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6325] creat("./file1", 000) = 5 [pid 6324] <... write resumed>) = 1048064 [pid 6325] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6324] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6325] <... futex resumed>) = 1 [pid 6323] <... futex resumed>) = 0 [pid 6325] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6323] close(3) = 0 [pid 6324] <... futex resumed>) = 0 [pid 6324] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6323] close(4) = 0 [pid 6323] close(5) = 0 [pid 6323] close(6) = -1 EBADF (Bad file descriptor) [pid 6323] close(7) = -1 EBADF (Bad file descriptor) [pid 6323] close(8) = -1 EBADF (Bad file descriptor) [pid 6323] close(9) = -1 EBADF (Bad file descriptor) [pid 6323] close(10) = -1 EBADF (Bad file descriptor) [pid 6323] close(11) = -1 EBADF (Bad file descriptor) [pid 6323] close(12) = -1 EBADF (Bad file descriptor) [pid 6323] close(13) = -1 EBADF (Bad file descriptor) [pid 6323] close(14) = -1 EBADF (Bad file descriptor) [pid 6323] close(15) = -1 EBADF (Bad file descriptor) [pid 6323] close(16) = -1 EBADF (Bad file descriptor) [pid 6323] close(17) = -1 EBADF (Bad file descriptor) [pid 6323] close(18) = -1 EBADF (Bad file descriptor) [pid 6323] close(19) = -1 EBADF (Bad file descriptor) [pid 6323] close(20) = -1 EBADF (Bad file descriptor) [pid 6323] close(21) = -1 EBADF (Bad file descriptor) [pid 6323] close(22) = -1 EBADF (Bad file descriptor) [pid 6323] close(23) = -1 EBADF (Bad file descriptor) [pid 6323] close(24) = -1 EBADF (Bad file descriptor) [pid 6323] close(25) = -1 EBADF (Bad file descriptor) [pid 6323] close(26) = -1 EBADF (Bad file descriptor) [pid 6323] close(27) = -1 EBADF (Bad file descriptor) [pid 6323] close(28) = -1 EBADF (Bad file descriptor) [pid 6323] close(29) = -1 EBADF (Bad file descriptor) [pid 6323] exit_group(0 [pid 6325] <... futex resumed>) = ? [pid 6323] <... exit_group resumed>) = ? [pid 6325] +++ exited with 0 +++ [pid 6324] <... futex resumed>) = ? [pid 6324] +++ exited with 0 +++ [pid 6323] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1247, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] umount2("./415", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./415", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./415/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./415/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./415/cgroup.cpu") = 0 [pid 5063] umount2("./415/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./415/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./415/binderfs") = 0 [pid 5063] umount2("./415/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./415/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./415/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./415/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./415/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./415/file0") = 0 [pid 5063] umount2("./415/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./415/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./415/cgroup") = 0 [pid 5063] umount2("./415/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./415/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./415/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./415") = 0 [pid 5063] mkdir("./416", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6326 attached [pid 6326] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1250 [pid 6326] chdir("./416") = 0 [pid 6326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6326] setpgid(0, 0) = 0 [pid 6326] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6326] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6326] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6326] write(3, "1000", 4) = 4 [pid 6326] close(3) = 0 [pid 6326] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6326] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6326] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6326] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6326] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6326] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6326] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6327 attached [pid 6327] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6326] <... clone3 resumed> => {parent_tid=[1251]}, 88) = 1251 [pid 6327] <... rseq resumed>) = 0 [pid 6326] rt_sigprocmask(SIG_SETMASK, [], [pid 6327] set_robust_list(0x7eff0a34a9a0, 24 [pid 6326] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6327] <... set_robust_list resumed>) = 0 [pid 6326] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6327] rt_sigprocmask(SIG_SETMASK, [], [pid 6326] <... futex resumed>) = 0 [pid 6327] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6326] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6327] memfd_create("syzkaller", 0) = 3 [pid 6327] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6327] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6327] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6327] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6327] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6327] close(3) = 0 [pid 6327] mkdir("./file0", 0777) = 0 [pid 6327] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6327] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6327] chdir("./file0") = 0 [pid 6327] ioctl(4, LOOP_CLR_FD) = 0 [pid 6327] close(4) = 0 [ 297.504949][ T6327] loop0: detected capacity change from 0 to 4096 [ 297.524581][ T6327] ntfs: volume version 3.1. [pid 6327] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6326] <... futex resumed>) = 0 [pid 6327] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6326] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6327] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6326] <... futex resumed>) = 0 [pid 6327] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6326] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6327] <... openat resumed>) = 4 [pid 6327] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6326] <... futex resumed>) = 0 [pid 6327] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6326] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6327] <... futex resumed>) = 0 [pid 6327] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6326] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6326] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6326] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6326] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6326] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6326] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6328 attached [pid 6328] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6326] <... clone3 resumed> => {parent_tid=[1252]}, 88) = 1252 [pid 6328] <... rseq resumed>) = 0 [pid 6326] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6326] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6328] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6326] <... futex resumed>) = 0 [pid 6326] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6328] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6328] creat("./file1", 000) = 5 [pid 6327] <... write resumed>) = 1048064 [pid 6328] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6327] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6328] <... futex resumed>) = 1 [pid 6326] <... futex resumed>) = 0 [pid 6327] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6326] close(3) = 0 [pid 6326] close(4 [pid 6328] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6326] <... close resumed>) = 0 [pid 6326] close(5) = 0 [pid 6326] close(6) = -1 EBADF (Bad file descriptor) [pid 6326] close(7) = -1 EBADF (Bad file descriptor) [pid 6326] close(8) = -1 EBADF (Bad file descriptor) [pid 6326] close(9) = -1 EBADF (Bad file descriptor) [pid 6326] close(10) = -1 EBADF (Bad file descriptor) [pid 6326] close(11) = -1 EBADF (Bad file descriptor) [pid 6326] close(12) = -1 EBADF (Bad file descriptor) [pid 6326] close(13) = -1 EBADF (Bad file descriptor) [pid 6326] close(14) = -1 EBADF (Bad file descriptor) [pid 6326] close(15) = -1 EBADF (Bad file descriptor) [pid 6326] close(16) = -1 EBADF (Bad file descriptor) [pid 6326] close(17) = -1 EBADF (Bad file descriptor) [pid 6326] close(18) = -1 EBADF (Bad file descriptor) [pid 6326] close(19) = -1 EBADF (Bad file descriptor) [pid 6326] close(20) = -1 EBADF (Bad file descriptor) [pid 6326] close(21) = -1 EBADF (Bad file descriptor) [pid 6326] close(22) = -1 EBADF (Bad file descriptor) [pid 6326] close(23) = -1 EBADF (Bad file descriptor) [pid 6326] close(24) = -1 EBADF (Bad file descriptor) [pid 6326] close(25) = -1 EBADF (Bad file descriptor) [pid 6326] close(26) = -1 EBADF (Bad file descriptor) [pid 6326] close(27) = -1 EBADF (Bad file descriptor) [pid 6326] close(28) = -1 EBADF (Bad file descriptor) [pid 6326] close(29) = -1 EBADF (Bad file descriptor) [pid 6326] exit_group(0 [pid 6327] <... futex resumed>) = ? [pid 6326] <... exit_group resumed>) = ? [pid 6328] <... futex resumed>) = ? [pid 6327] +++ exited with 0 +++ [pid 6328] +++ exited with 0 +++ [pid 6326] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1250, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./416", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./416", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./416/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./416/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./416/cgroup.cpu") = 0 [pid 5063] umount2("./416/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./416/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./416/binderfs") = 0 [pid 5063] umount2("./416/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./416/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./416/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./416/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./416/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./416/file0") = 0 [pid 5063] umount2("./416/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./416/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./416/cgroup") = 0 [pid 5063] umount2("./416/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./416/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./416/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./416") = 0 [pid 5063] mkdir("./417", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6329 attached [pid 6329] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1253 [pid 6329] <... set_robust_list resumed>) = 0 [pid 6329] chdir("./417") = 0 [pid 6329] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6329] setpgid(0, 0) = 0 [pid 6329] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6329] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6329] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6329] write(3, "1000", 4) = 4 [pid 6329] close(3) = 0 [pid 6329] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6329] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6329] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6329] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6329] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6329] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6329] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6330 attached [pid 6330] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6329] <... clone3 resumed> => {parent_tid=[1254]}, 88) = 1254 [pid 6330] set_robust_list(0x7eff0a34a9a0, 24 [pid 6329] rt_sigprocmask(SIG_SETMASK, [], [pid 6330] <... set_robust_list resumed>) = 0 [pid 6329] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6330] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6329] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6330] memfd_create("syzkaller", 0 [pid 6329] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6330] <... memfd_create resumed>) = 3 [pid 6330] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6330] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6330] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6330] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6330] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6330] close(3) = 0 [pid 6330] mkdir("./file0", 0777) = 0 [pid 6330] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6330] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6330] chdir("./file0") = 0 [pid 6330] ioctl(4, LOOP_CLR_FD) = 0 [pid 6330] close(4) = 0 [pid 6330] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6329] <... futex resumed>) = 0 [pid 6330] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6329] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6330] <... futex resumed>) = 0 [pid 6329] <... futex resumed>) = 1 [pid 6330] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6330] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6330] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6329] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 EAGAIN (Resource temporarily unavailable) [pid 6329] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6330] <... futex resumed>) = 0 [pid 6329] <... futex resumed>) = 1 [pid 6329] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 298.033055][ T6330] loop0: detected capacity change from 0 to 4096 [ 298.058555][ T6330] ntfs: volume version 3.1. [pid 6330] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6329] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6329] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6329] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6329] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6329] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6329] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6331 attached => {parent_tid=[1255]}, 88) = 1255 [pid 6331] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6331] set_robust_list(0x7eff0a3299a0, 24 [pid 6329] rt_sigprocmask(SIG_SETMASK, [], [pid 6331] <... set_robust_list resumed>) = 0 [pid 6329] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6331] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6329] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6331] creat("./file1", 000 [pid 6329] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6331] <... creat resumed>) = 5 [pid 6331] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6330] <... write resumed>) = 1048064 [pid 6331] <... futex resumed>) = 1 [pid 6330] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6331] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6330] <... futex resumed>) = 0 [pid 6329] <... futex resumed>) = 0 [pid 6330] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6329] close(3) = 0 [pid 6329] close(4) = 0 [pid 6329] close(5) = 0 [pid 6329] close(6) = -1 EBADF (Bad file descriptor) [pid 6329] close(7) = -1 EBADF (Bad file descriptor) [pid 6329] close(8) = -1 EBADF (Bad file descriptor) [pid 6329] close(9) = -1 EBADF (Bad file descriptor) [pid 6329] close(10) = -1 EBADF (Bad file descriptor) [pid 6329] close(11) = -1 EBADF (Bad file descriptor) [pid 6329] close(12) = -1 EBADF (Bad file descriptor) [pid 6329] close(13) = -1 EBADF (Bad file descriptor) [pid 6329] close(14) = -1 EBADF (Bad file descriptor) [pid 6329] close(15) = -1 EBADF (Bad file descriptor) [pid 6329] close(16) = -1 EBADF (Bad file descriptor) [pid 6329] close(17) = -1 EBADF (Bad file descriptor) [pid 6329] close(18) = -1 EBADF (Bad file descriptor) [pid 6329] close(19) = -1 EBADF (Bad file descriptor) [pid 6329] close(20) = -1 EBADF (Bad file descriptor) [pid 6329] close(21) = -1 EBADF (Bad file descriptor) [pid 6329] close(22) = -1 EBADF (Bad file descriptor) [pid 6329] close(23) = -1 EBADF (Bad file descriptor) [pid 6329] close(24) = -1 EBADF (Bad file descriptor) [pid 6329] close(25) = -1 EBADF (Bad file descriptor) [pid 6329] close(26) = -1 EBADF (Bad file descriptor) [pid 6329] close(27) = -1 EBADF (Bad file descriptor) [pid 6329] close(28) = -1 EBADF (Bad file descriptor) [pid 6329] close(29) = -1 EBADF (Bad file descriptor) [pid 6329] exit_group(0) = ? [pid 6330] <... futex resumed>) = ? [pid 6331] <... futex resumed>) = ? [pid 6330] +++ exited with 0 +++ [pid 6331] +++ exited with 0 +++ [pid 6329] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1253, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] umount2("./417", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./417", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./417/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./417/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./417/cgroup.cpu") = 0 [pid 5063] umount2("./417/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./417/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./417/binderfs") = 0 [pid 5063] umount2("./417/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./417/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./417/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./417/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./417/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./417/file0") = 0 [pid 5063] umount2("./417/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./417/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./417/cgroup") = 0 [pid 5063] umount2("./417/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./417/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./417/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./417") = 0 [pid 5063] mkdir("./418", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1256 ./strace-static-x86_64: Process 6332 attached [pid 6332] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6332] chdir("./418") = 0 [pid 6332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6332] setpgid(0, 0) = 0 [pid 6332] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6332] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6332] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6332] write(3, "1000", 4) = 4 [pid 6332] close(3) = 0 [pid 6332] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6332] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6332] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6332] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6332] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6332] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6332] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6332] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6333 attached => {parent_tid=[1257]}, 88) = 1257 [pid 6333] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6332] rt_sigprocmask(SIG_SETMASK, [], [pid 6333] <... rseq resumed>) = 0 [pid 6333] set_robust_list(0x7eff0a34a9a0, 24 [pid 6332] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6333] <... set_robust_list resumed>) = 0 [pid 6333] rt_sigprocmask(SIG_SETMASK, [], [pid 6332] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6333] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6332] <... futex resumed>) = 0 [pid 6332] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6333] memfd_create("syzkaller", 0) = 3 [pid 6333] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6333] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6333] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6333] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6333] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6333] close(3) = 0 [pid 6333] mkdir("./file0", 0777) = 0 [ 298.567469][ T6333] loop0: detected capacity change from 0 to 4096 [ 298.581413][ T6333] __ntfs_warning: 170 callbacks suppressed [ 298.581428][ T6333] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 298.608134][ T6333] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 298.617508][ T6333] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 298.633186][ T6333] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 298.641915][ T6333] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 298.661856][ T6333] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 298.670572][ T6333] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 298.690719][ T6333] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6333] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6333] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6333] chdir("./file0") = 0 [pid 6333] ioctl(4, LOOP_CLR_FD) = 0 [pid 6333] close(4) = 0 [pid 6333] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6332] <... futex resumed>) = 0 [pid 6333] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6332] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6333] <... futex resumed>) = 0 [pid 6332] <... futex resumed>) = 1 [pid 6333] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6332] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6333] <... openat resumed>) = 4 [pid 6333] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 298.699476][ T6333] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 298.719765][ T6333] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 298.730265][ T6333] ntfs: volume version 3.1. [pid 6333] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6332] <... futex resumed>) = 0 [pid 6332] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6333] <... futex resumed>) = 0 [pid 6332] <... futex resumed>) = 1 [pid 6333] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6332] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6332] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6332] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6332] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6332] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6332] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6334 attached [pid 6334] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6332] <... clone3 resumed> => {parent_tid=[1258]}, 88) = 1258 [pid 6334] <... rseq resumed>) = 0 [pid 6332] rt_sigprocmask(SIG_SETMASK, [], [pid 6334] set_robust_list(0x7eff0a3299a0, 24 [pid 6332] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6334] <... set_robust_list resumed>) = 0 [pid 6332] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6334] rt_sigprocmask(SIG_SETMASK, [], [pid 6332] <... futex resumed>) = 0 [pid 6334] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6332] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6334] creat("./file1", 000) = 5 [pid 6333] <... write resumed>) = 1048064 [pid 6334] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6333] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6333] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6334] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6332] <... futex resumed>) = 0 [pid 6332] close(3) = 0 [pid 6332] close(4) = 0 [pid 6332] close(5) = 0 [pid 6332] close(6) = -1 EBADF (Bad file descriptor) [pid 6332] close(7) = -1 EBADF (Bad file descriptor) [pid 6332] close(8) = -1 EBADF (Bad file descriptor) [pid 6332] close(9) = -1 EBADF (Bad file descriptor) [pid 6332] close(10) = -1 EBADF (Bad file descriptor) [pid 6332] close(11) = -1 EBADF (Bad file descriptor) [pid 6332] close(12) = -1 EBADF (Bad file descriptor) [pid 6332] close(13) = -1 EBADF (Bad file descriptor) [pid 6332] close(14) = -1 EBADF (Bad file descriptor) [pid 6332] close(15) = -1 EBADF (Bad file descriptor) [pid 6332] close(16) = -1 EBADF (Bad file descriptor) [pid 6332] close(17) = -1 EBADF (Bad file descriptor) [pid 6332] close(18) = -1 EBADF (Bad file descriptor) [pid 6332] close(19) = -1 EBADF (Bad file descriptor) [pid 6332] close(20) = -1 EBADF (Bad file descriptor) [pid 6332] close(21) = -1 EBADF (Bad file descriptor) [pid 6332] close(22) = -1 EBADF (Bad file descriptor) [pid 6332] close(23) = -1 EBADF (Bad file descriptor) [pid 6332] close(24) = -1 EBADF (Bad file descriptor) [pid 6332] close(25) = -1 EBADF (Bad file descriptor) [pid 6332] close(26) = -1 EBADF (Bad file descriptor) [pid 6332] close(27) = -1 EBADF (Bad file descriptor) [pid 6332] close(28) = -1 EBADF (Bad file descriptor) [pid 6332] close(29) = -1 EBADF (Bad file descriptor) [pid 6332] exit_group(0 [pid 6334] <... futex resumed>) = ? [pid 6332] <... exit_group resumed>) = ? [pid 6334] +++ exited with 0 +++ [pid 6333] <... futex resumed>) = ? [pid 6333] +++ exited with 0 +++ [pid 6332] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1256, si_uid=0, si_status=0, si_utime=0, si_stime=20 /* 0.20 s */} --- [pid 5063] umount2("./418", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./418", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./418/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./418/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./418/cgroup.cpu") = 0 [pid 5063] umount2("./418/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./418/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./418/binderfs") = 0 [pid 5063] umount2("./418/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./418/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./418/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./418/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./418/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./418/file0") = 0 [pid 5063] umount2("./418/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./418/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./418/cgroup") = 0 [pid 5063] umount2("./418/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./418/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./418/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./418") = 0 [pid 5063] mkdir("./419", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6335 attached , child_tidptr=0x5555560b8690) = 1259 [pid 6335] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6335] chdir("./419") = 0 [pid 6335] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6335] setpgid(0, 0) = 0 [pid 6335] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6335] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6335] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6335] write(3, "1000", 4) = 4 [pid 6335] close(3) = 0 [pid 6335] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6335] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6335] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6335] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6335] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6335] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6335] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6335] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6336 attached [pid 6336] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6336] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6336] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6336] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6335] <... clone3 resumed> => {parent_tid=[1260]}, 88) = 1260 [pid 6335] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6335] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6336] <... futex resumed>) = 0 [pid 6335] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6336] memfd_create("syzkaller", 0) = 3 [pid 6336] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6336] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6336] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6336] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6336] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6336] close(3) = 0 [pid 6336] mkdir("./file0", 0777) = 0 [pid 6336] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6336] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6336] chdir("./file0") = 0 [pid 6336] ioctl(4, LOOP_CLR_FD) = 0 [pid 6336] close(4) = 0 [pid 6336] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6335] <... futex resumed>) = 0 [pid 6336] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6335] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6336] <... openat resumed>) = 4 [pid 6336] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6335] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6336] <... futex resumed>) = 0 [pid 6335] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6336] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6335] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6336] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6335] <... futex resumed>) = 0 [pid 6336] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 299.299102][ T6336] loop0: detected capacity change from 0 to 4096 [ 299.323811][ T6336] ntfs: volume version 3.1. [pid 6335] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6335] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6335] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6335] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6335] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6335] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6337 attached [pid 6337] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6335] <... clone3 resumed> => {parent_tid=[1261]}, 88) = 1261 [pid 6337] <... rseq resumed>) = 0 [pid 6335] rt_sigprocmask(SIG_SETMASK, [], [pid 6337] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6337] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6335] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6337] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6335] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6337] creat("./file1", 000 [pid 6335] <... futex resumed>) = 0 [pid 6335] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6337] <... creat resumed>) = 5 [pid 6337] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6336] <... write resumed>) = 1048064 [pid 6336] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6335] <... futex resumed>) = 0 [pid 6337] <... futex resumed>) = 1 [pid 6336] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6335] close(3 [pid 6337] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6335] <... close resumed>) = 0 [pid 6335] close(4) = 0 [pid 6335] close(5) = 0 [pid 6335] close(6) = -1 EBADF (Bad file descriptor) [pid 6335] close(7) = -1 EBADF (Bad file descriptor) [pid 6335] close(8) = -1 EBADF (Bad file descriptor) [pid 6335] close(9) = -1 EBADF (Bad file descriptor) [pid 6335] close(10) = -1 EBADF (Bad file descriptor) [pid 6335] close(11) = -1 EBADF (Bad file descriptor) [pid 6335] close(12) = -1 EBADF (Bad file descriptor) [pid 6335] close(13) = -1 EBADF (Bad file descriptor) [pid 6335] close(14) = -1 EBADF (Bad file descriptor) [pid 6335] close(15) = -1 EBADF (Bad file descriptor) [pid 6335] close(16) = -1 EBADF (Bad file descriptor) [pid 6335] close(17) = -1 EBADF (Bad file descriptor) [pid 6335] close(18) = -1 EBADF (Bad file descriptor) [pid 6335] close(19) = -1 EBADF (Bad file descriptor) [pid 6335] close(20) = -1 EBADF (Bad file descriptor) [pid 6335] close(21) = -1 EBADF (Bad file descriptor) [pid 6335] close(22) = -1 EBADF (Bad file descriptor) [pid 6335] close(23) = -1 EBADF (Bad file descriptor) [pid 6335] close(24) = -1 EBADF (Bad file descriptor) [pid 6335] close(25) = -1 EBADF (Bad file descriptor) [pid 6335] close(26) = -1 EBADF (Bad file descriptor) [pid 6335] close(27) = -1 EBADF (Bad file descriptor) [pid 6335] close(28) = -1 EBADF (Bad file descriptor) [pid 6335] close(29) = -1 EBADF (Bad file descriptor) [pid 6335] exit_group(0 [pid 6336] <... futex resumed>) = ? [pid 6337] <... futex resumed>) = ? [pid 6336] +++ exited with 0 +++ [pid 6337] +++ exited with 0 +++ [pid 6335] <... exit_group resumed>) = ? [pid 6335] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1259, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./419", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./419", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./419/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./419/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./419/cgroup.cpu") = 0 [pid 5063] umount2("./419/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./419/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./419/binderfs") = 0 [pid 5063] umount2("./419/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./419/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./419/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./419/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./419/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./419/file0") = 0 [pid 5063] umount2("./419/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./419/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./419/cgroup") = 0 [pid 5063] umount2("./419/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./419/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./419/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./419") = 0 [pid 5063] mkdir("./420", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6338 attached , child_tidptr=0x5555560b8690) = 1262 [pid 6338] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6338] chdir("./420") = 0 [pid 6338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6338] setpgid(0, 0) = 0 [pid 6338] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6338] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6338] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6338] write(3, "1000", 4) = 4 [pid 6338] close(3) = 0 [pid 6338] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6338] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6338] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6338] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6338] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6338] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6338] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6338] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6339 attached => {parent_tid=[1263]}, 88) = 1263 [pid 6339] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6338] rt_sigprocmask(SIG_SETMASK, [], [pid 6339] <... rseq resumed>) = 0 [pid 6338] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6339] set_robust_list(0x7eff0a34a9a0, 24 [pid 6338] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6339] <... set_robust_list resumed>) = 0 [pid 6338] <... futex resumed>) = 0 [pid 6339] rt_sigprocmask(SIG_SETMASK, [], [pid 6338] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6339] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6339] memfd_create("syzkaller", 0) = 3 [pid 6339] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6339] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6339] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6339] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6339] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6339] close(3) = 0 [pid 6339] mkdir("./file0", 0777) = 0 [pid 6339] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6339] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6339] chdir("./file0") = 0 [pid 6339] ioctl(4, LOOP_CLR_FD) = 0 [pid 6339] close(4) = 0 [pid 6339] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6338] <... futex resumed>) = 0 [pid 6338] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6339] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6338] <... futex resumed>) = 0 [ 299.824399][ T6339] loop0: detected capacity change from 0 to 4096 [ 299.852985][ T6339] ntfs: volume version 3.1. [pid 6338] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6339] <... openat resumed>) = 4 [pid 6339] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6338] <... futex resumed>) = 0 [pid 6338] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6339] <... futex resumed>) = 1 [pid 6338] <... futex resumed>) = 0 [pid 6338] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6339] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6338] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6338] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6338] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6338] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6338] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6338] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6338] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6340 attached => {parent_tid=[1264]}, 88) = 1264 [pid 6340] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6338] rt_sigprocmask(SIG_SETMASK, [], [pid 6340] <... rseq resumed>) = 0 [pid 6340] set_robust_list(0x7eff0a3299a0, 24 [pid 6338] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6340] <... set_robust_list resumed>) = 0 [pid 6338] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6340] rt_sigprocmask(SIG_SETMASK, [], [pid 6338] <... futex resumed>) = 0 [pid 6340] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6340] creat("./file1", 000 [pid 6338] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6340] <... creat resumed>) = 5 [pid 6340] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6339] <... write resumed>) = 1048064 [pid 6340] <... futex resumed>) = 1 [pid 6339] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6338] <... futex resumed>) = 0 [pid 6340] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6339] <... futex resumed>) = 0 [pid 6339] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6338] close(3) = 0 [pid 6338] close(4) = 0 [pid 6338] close(5) = 0 [pid 6338] close(6) = -1 EBADF (Bad file descriptor) [pid 6338] close(7) = -1 EBADF (Bad file descriptor) [pid 6338] close(8) = -1 EBADF (Bad file descriptor) [pid 6338] close(9) = -1 EBADF (Bad file descriptor) [pid 6338] close(10) = -1 EBADF (Bad file descriptor) [pid 6338] close(11) = -1 EBADF (Bad file descriptor) [pid 6338] close(12) = -1 EBADF (Bad file descriptor) [pid 6338] close(13) = -1 EBADF (Bad file descriptor) [pid 6338] close(14) = -1 EBADF (Bad file descriptor) [pid 6338] close(15) = -1 EBADF (Bad file descriptor) [pid 6338] close(16) = -1 EBADF (Bad file descriptor) [pid 6338] close(17) = -1 EBADF (Bad file descriptor) [pid 6338] close(18) = -1 EBADF (Bad file descriptor) [pid 6338] close(19) = -1 EBADF (Bad file descriptor) [pid 6338] close(20) = -1 EBADF (Bad file descriptor) [pid 6338] close(21) = -1 EBADF (Bad file descriptor) [pid 6338] close(22) = -1 EBADF (Bad file descriptor) [pid 6338] close(23) = -1 EBADF (Bad file descriptor) [pid 6338] close(24) = -1 EBADF (Bad file descriptor) [pid 6338] close(25) = -1 EBADF (Bad file descriptor) [pid 6338] close(26) = -1 EBADF (Bad file descriptor) [pid 6338] close(27) = -1 EBADF (Bad file descriptor) [pid 6338] close(28) = -1 EBADF (Bad file descriptor) [pid 6338] close(29) = -1 EBADF (Bad file descriptor) [pid 6338] exit_group(0 [pid 6340] <... futex resumed>) = ? [pid 6339] <... futex resumed>) = ? [pid 6338] <... exit_group resumed>) = ? [pid 6339] +++ exited with 0 +++ [pid 6340] +++ exited with 0 +++ [pid 6338] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1262, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./420", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./420", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./420/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./420/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./420/cgroup.cpu") = 0 [pid 5063] umount2("./420/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./420/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./420/binderfs") = 0 [pid 5063] umount2("./420/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./420/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./420/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./420/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./420/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./420/file0") = 0 [pid 5063] umount2("./420/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./420/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./420/cgroup") = 0 [pid 5063] umount2("./420/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./420/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./420/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./420") = 0 [pid 5063] mkdir("./421", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6341 attached , child_tidptr=0x5555560b8690) = 1265 [pid 6341] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6341] chdir("./421") = 0 [pid 6341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6341] setpgid(0, 0) = 0 [pid 6341] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6341] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6341] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6341] write(3, "1000", 4) = 4 [pid 6341] close(3) = 0 [pid 6341] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6341] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6341] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6341] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6341] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6341] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6341] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6341] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6342 attached => {parent_tid=[1266]}, 88) = 1266 [pid 6342] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6341] rt_sigprocmask(SIG_SETMASK, [], [pid 6342] <... rseq resumed>) = 0 [pid 6341] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6342] set_robust_list(0x7eff0a34a9a0, 24 [pid 6341] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6342] <... set_robust_list resumed>) = 0 [pid 6341] <... futex resumed>) = 0 [pid 6342] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6341] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6342] memfd_create("syzkaller", 0) = 3 [pid 6342] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6342] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6342] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6342] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6342] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6342] close(3) = 0 [pid 6342] mkdir("./file0", 0777) = 0 [pid 6342] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6342] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6342] chdir("./file0") = 0 [pid 6342] ioctl(4, LOOP_CLR_FD) = 0 [pid 6342] close(4) = 0 [pid 6342] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6341] <... futex resumed>) = 0 [pid 6341] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6342] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6341] <... futex resumed>) = 0 [pid 6341] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6342] <... openat resumed>) = 4 [pid 6342] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6341] <... futex resumed>) = 0 [pid 6342] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6341] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6342] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6341] <... futex resumed>) = 0 [pid 6342] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 300.405028][ T6342] loop0: detected capacity change from 0 to 4096 [ 300.431454][ T6342] ntfs: volume version 3.1. [pid 6341] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6341] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6341] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6341] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6341] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6341] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6343 attached => {parent_tid=[1267]}, 88) = 1267 [pid 6343] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6341] rt_sigprocmask(SIG_SETMASK, [], [pid 6343] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6341] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6343] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6343] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6341] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6341] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6343] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6343] creat("./file1", 000) = 5 [pid 6343] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6342] <... write resumed>) = 1048064 [pid 6343] <... futex resumed>) = 1 [pid 6342] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6343] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6342] <... futex resumed>) = 0 [pid 6342] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6341] <... futex resumed>) = 0 [pid 6341] close(3) = 0 [pid 6341] close(4) = 0 [pid 6341] close(5) = 0 [pid 6341] close(6) = -1 EBADF (Bad file descriptor) [pid 6341] close(7) = -1 EBADF (Bad file descriptor) [pid 6341] close(8) = -1 EBADF (Bad file descriptor) [pid 6341] close(9) = -1 EBADF (Bad file descriptor) [pid 6341] close(10) = -1 EBADF (Bad file descriptor) [pid 6341] close(11) = -1 EBADF (Bad file descriptor) [pid 6341] close(12) = -1 EBADF (Bad file descriptor) [pid 6341] close(13) = -1 EBADF (Bad file descriptor) [pid 6341] close(14) = -1 EBADF (Bad file descriptor) [pid 6341] close(15) = -1 EBADF (Bad file descriptor) [pid 6341] close(16) = -1 EBADF (Bad file descriptor) [pid 6341] close(17) = -1 EBADF (Bad file descriptor) [pid 6341] close(18) = -1 EBADF (Bad file descriptor) [pid 6341] close(19) = -1 EBADF (Bad file descriptor) [pid 6341] close(20) = -1 EBADF (Bad file descriptor) [pid 6341] close(21) = -1 EBADF (Bad file descriptor) [pid 6341] close(22) = -1 EBADF (Bad file descriptor) [pid 6341] close(23) = -1 EBADF (Bad file descriptor) [pid 6341] close(24) = -1 EBADF (Bad file descriptor) [pid 6341] close(25) = -1 EBADF (Bad file descriptor) [pid 6341] close(26) = -1 EBADF (Bad file descriptor) [pid 6341] close(27) = -1 EBADF (Bad file descriptor) [pid 6341] close(28) = -1 EBADF (Bad file descriptor) [pid 6341] close(29) = -1 EBADF (Bad file descriptor) [pid 6341] exit_group(0) = ? [pid 6342] <... futex resumed>) = ? [pid 6343] <... futex resumed>) = ? [pid 6343] +++ exited with 0 +++ [pid 6342] +++ exited with 0 +++ [pid 6341] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1265, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./421", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./421", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./421/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./421/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./421/cgroup.cpu") = 0 [pid 5063] umount2("./421/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./421/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./421/binderfs") = 0 [pid 5063] umount2("./421/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./421/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./421/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./421/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./421/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./421/file0") = 0 [pid 5063] umount2("./421/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./421/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./421/cgroup") = 0 [pid 5063] umount2("./421/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./421/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./421/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./421") = 0 [pid 5063] mkdir("./422", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6344 attached , child_tidptr=0x5555560b8690) = 1268 [pid 6344] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6344] chdir("./422") = 0 [pid 6344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6344] setpgid(0, 0) = 0 [pid 6344] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6344] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6344] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6344] write(3, "1000", 4) = 4 [pid 6344] close(3) = 0 [pid 6344] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6344] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6344] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6344] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6344] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6344] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6344] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6344] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[1269]}, 88) = 1269 ./strace-static-x86_64: Process 6345 attached [pid 6345] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6345] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6345] rt_sigprocmask(SIG_SETMASK, [], [pid 6344] rt_sigprocmask(SIG_SETMASK, [], [pid 6345] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6344] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6345] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6344] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6345] memfd_create("syzkaller", 0 [pid 6344] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6345] <... memfd_create resumed>) = 3 [pid 6345] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6345] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6345] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6345] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6345] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6345] close(3) = 0 [pid 6345] mkdir("./file0", 0777) = 0 [pid 6345] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6345] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6345] chdir("./file0") = 0 [pid 6345] ioctl(4, LOOP_CLR_FD) = 0 [pid 6345] close(4) = 0 [pid 6345] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6344] <... futex resumed>) = 0 [pid 6345] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6344] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6345] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6344] <... futex resumed>) = 0 [pid 6345] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6344] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6345] <... openat resumed>) = 4 [ 300.980490][ T6345] loop0: detected capacity change from 0 to 4096 [ 301.005707][ T6345] ntfs: volume version 3.1. [pid 6345] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6344] <... futex resumed>) = 0 [pid 6345] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6344] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6344] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6344] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6344] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6344] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6344] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6344] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6346 attached [pid 6346] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6344] <... clone3 resumed> => {parent_tid=[1270]}, 88) = 1270 [pid 6344] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6344] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6346] <... rseq resumed>) = 0 [pid 6344] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6346] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6346] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6346] creat("./file1", 000 [pid 6345] <... write resumed>) = 1048064 [pid 6346] <... creat resumed>) = 5 [pid 6345] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6346] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6345] <... futex resumed>) = 0 [pid 6346] <... futex resumed>) = 1 [pid 6345] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6344] <... futex resumed>) = 0 [pid 6346] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6344] close(3) = 0 [pid 6344] close(4) = 0 [pid 6344] close(5) = 0 [pid 6344] close(6) = -1 EBADF (Bad file descriptor) [pid 6344] close(7) = -1 EBADF (Bad file descriptor) [pid 6344] close(8) = -1 EBADF (Bad file descriptor) [pid 6344] close(9) = -1 EBADF (Bad file descriptor) [pid 6344] close(10) = -1 EBADF (Bad file descriptor) [pid 6344] close(11) = -1 EBADF (Bad file descriptor) [pid 6344] close(12) = -1 EBADF (Bad file descriptor) [pid 6344] close(13) = -1 EBADF (Bad file descriptor) [pid 6344] close(14) = -1 EBADF (Bad file descriptor) [pid 6344] close(15) = -1 EBADF (Bad file descriptor) [pid 6344] close(16) = -1 EBADF (Bad file descriptor) [pid 6344] close(17) = -1 EBADF (Bad file descriptor) [pid 6344] close(18) = -1 EBADF (Bad file descriptor) [pid 6344] close(19) = -1 EBADF (Bad file descriptor) [pid 6344] close(20) = -1 EBADF (Bad file descriptor) [pid 6344] close(21) = -1 EBADF (Bad file descriptor) [pid 6344] close(22) = -1 EBADF (Bad file descriptor) [pid 6344] close(23) = -1 EBADF (Bad file descriptor) [pid 6344] close(24) = -1 EBADF (Bad file descriptor) [pid 6344] close(25) = -1 EBADF (Bad file descriptor) [pid 6344] close(26) = -1 EBADF (Bad file descriptor) [pid 6344] close(27) = -1 EBADF (Bad file descriptor) [pid 6344] close(28) = -1 EBADF (Bad file descriptor) [pid 6344] close(29) = -1 EBADF (Bad file descriptor) [pid 6344] exit_group(0) = ? [pid 6345] <... futex resumed>) = ? [pid 6346] <... futex resumed>) = ? [pid 6346] +++ exited with 0 +++ [pid 6345] +++ exited with 0 +++ [pid 6344] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1268, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./422", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./422", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./422/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./422/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./422/cgroup.cpu") = 0 [pid 5063] umount2("./422/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./422/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./422/binderfs") = 0 [pid 5063] umount2("./422/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./422/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./422/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./422/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./422/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./422/file0") = 0 [pid 5063] umount2("./422/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./422/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./422/cgroup") = 0 [pid 5063] umount2("./422/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./422/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./422/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./422") = 0 [pid 5063] mkdir("./423", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6347 attached , child_tidptr=0x5555560b8690) = 1271 [pid 6347] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6347] chdir("./423") = 0 [pid 6347] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6347] setpgid(0, 0) = 0 [pid 6347] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6347] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6347] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6347] write(3, "1000", 4) = 4 [pid 6347] close(3) = 0 [pid 6347] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6347] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6347] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6347] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6347] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6347] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6347] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6348 attached => {parent_tid=[1272]}, 88) = 1272 [pid 6348] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6347] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6347] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6347] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6348] <... rseq resumed>) = 0 [pid 6348] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6348] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6348] memfd_create("syzkaller", 0) = 3 [pid 6348] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6348] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6348] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6348] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6348] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6348] close(3) = 0 [pid 6348] mkdir("./file0", 0777) = 0 [pid 6348] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6348] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6348] chdir("./file0") = 0 [pid 6348] ioctl(4, LOOP_CLR_FD) = 0 [pid 6348] close(4) = 0 [pid 6348] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6347] <... futex resumed>) = 0 [pid 6348] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6347] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6348] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6347] <... futex resumed>) = 0 [pid 6348] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6347] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6348] <... openat resumed>) = 4 [pid 6348] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6347] <... futex resumed>) = 0 [pid 6347] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6348] <... futex resumed>) = 1 [pid 6347] <... futex resumed>) = 0 [pid 6347] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 301.655997][ T6348] loop0: detected capacity change from 0 to 4096 [ 301.677893][ T6348] ntfs: volume version 3.1. [pid 6348] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6347] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6347] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6347] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6347] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6347] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6347] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6349 attached => {parent_tid=[1273]}, 88) = 1273 [pid 6349] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6347] rt_sigprocmask(SIG_SETMASK, [], [pid 6349] <... rseq resumed>) = 0 [pid 6347] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6349] set_robust_list(0x7eff0a3299a0, 24 [pid 6347] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6349] <... set_robust_list resumed>) = 0 [pid 6349] rt_sigprocmask(SIG_SETMASK, [], [pid 6347] <... futex resumed>) = 0 [pid 6349] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6347] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6349] creat("./file1", 000) = 5 [pid 6349] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6348] <... write resumed>) = 1048064 [pid 6349] <... futex resumed>) = 1 [pid 6347] <... futex resumed>) = 0 [pid 6349] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6348] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6347] close(3) = 0 [pid 6347] close(4) = 0 [pid 6348] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6347] close(5) = 0 [pid 6347] close(6) = -1 EBADF (Bad file descriptor) [pid 6347] close(7) = -1 EBADF (Bad file descriptor) [pid 6347] close(8) = -1 EBADF (Bad file descriptor) [pid 6347] close(9) = -1 EBADF (Bad file descriptor) [pid 6347] close(10) = -1 EBADF (Bad file descriptor) [pid 6347] close(11) = -1 EBADF (Bad file descriptor) [pid 6347] close(12) = -1 EBADF (Bad file descriptor) [pid 6347] close(13) = -1 EBADF (Bad file descriptor) [pid 6347] close(14) = -1 EBADF (Bad file descriptor) [pid 6347] close(15) = -1 EBADF (Bad file descriptor) [pid 6347] close(16) = -1 EBADF (Bad file descriptor) [pid 6347] close(17) = -1 EBADF (Bad file descriptor) [pid 6347] close(18) = -1 EBADF (Bad file descriptor) [pid 6347] close(19) = -1 EBADF (Bad file descriptor) [pid 6347] close(20) = -1 EBADF (Bad file descriptor) [pid 6347] close(21) = -1 EBADF (Bad file descriptor) [pid 6347] close(22) = -1 EBADF (Bad file descriptor) [pid 6347] close(23) = -1 EBADF (Bad file descriptor) [pid 6347] close(24) = -1 EBADF (Bad file descriptor) [pid 6347] close(25) = -1 EBADF (Bad file descriptor) [pid 6347] close(26) = -1 EBADF (Bad file descriptor) [pid 6347] close(27) = -1 EBADF (Bad file descriptor) [pid 6347] close(28) = -1 EBADF (Bad file descriptor) [pid 6347] close(29) = -1 EBADF (Bad file descriptor) [pid 6347] exit_group(0 [pid 6348] <... futex resumed>) = ? [pid 6347] <... exit_group resumed>) = ? [pid 6349] <... futex resumed>) = ? [pid 6348] +++ exited with 0 +++ [pid 6349] +++ exited with 0 +++ [pid 6347] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1271, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./423", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./423", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./423/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./423/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./423/cgroup.cpu") = 0 [pid 5063] umount2("./423/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./423/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./423/binderfs") = 0 [pid 5063] umount2("./423/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./423/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./423/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./423/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./423/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./423/file0") = 0 [pid 5063] umount2("./423/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./423/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./423/cgroup") = 0 [pid 5063] umount2("./423/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./423/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./423/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./423") = 0 [pid 5063] mkdir("./424", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6350 attached [pid 6350] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6350] chdir("./424") = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1274 [pid 6350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6350] setpgid(0, 0) = 0 [pid 6350] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6350] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6350] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6350] write(3, "1000", 4) = 4 [pid 6350] close(3) = 0 [pid 6350] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6350] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6350] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6350] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6350] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6350] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6350] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6350] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6351 attached [pid 6351] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6350] <... clone3 resumed> => {parent_tid=[1275]}, 88) = 1275 [pid 6351] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6351] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6351] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6350] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6350] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6351] <... futex resumed>) = 0 [pid 6350] <... futex resumed>) = 1 [pid 6350] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6351] memfd_create("syzkaller", 0) = 3 [pid 6351] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6351] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6351] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6351] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6351] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6351] close(3) = 0 [pid 6351] mkdir("./file0", 0777) = 0 [pid 6351] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6351] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6351] chdir("./file0") = 0 [pid 6351] ioctl(4, LOOP_CLR_FD) = 0 [pid 6351] close(4) = 0 [pid 6351] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6350] <... futex resumed>) = 0 [pid 6350] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6351] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6350] <... futex resumed>) = 0 [ 302.151324][ T6351] loop0: detected capacity change from 0 to 4096 [ 302.172035][ T6351] ntfs: volume version 3.1. [pid 6350] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6351] <... openat resumed>) = 4 [pid 6351] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6350] <... futex resumed>) = 0 [pid 6350] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6350] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6351] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6350] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6350] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6350] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6350] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6350] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6350] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6352 attached => {parent_tid=[1276]}, 88) = 1276 [pid 6352] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6350] rt_sigprocmask(SIG_SETMASK, [], [pid 6352] <... rseq resumed>) = 0 [pid 6350] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6352] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6352] rt_sigprocmask(SIG_SETMASK, [], [pid 6350] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6352] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6350] <... futex resumed>) = 0 [pid 6352] creat("./file1", 000 [pid 6350] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6352] <... creat resumed>) = 5 [pid 6352] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6351] <... write resumed>) = 1048064 [pid 6352] <... futex resumed>) = 1 [pid 6350] <... futex resumed>) = 0 [pid 6351] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6350] close(3 [pid 6352] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6351] <... futex resumed>) = 0 [pid 6351] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6350] <... close resumed>) = 0 [pid 6350] close(4) = 0 [pid 6350] close(5) = 0 [pid 6350] close(6) = -1 EBADF (Bad file descriptor) [pid 6350] close(7) = -1 EBADF (Bad file descriptor) [pid 6350] close(8) = -1 EBADF (Bad file descriptor) [pid 6350] close(9) = -1 EBADF (Bad file descriptor) [pid 6350] close(10) = -1 EBADF (Bad file descriptor) [pid 6350] close(11) = -1 EBADF (Bad file descriptor) [pid 6350] close(12) = -1 EBADF (Bad file descriptor) [pid 6350] close(13) = -1 EBADF (Bad file descriptor) [pid 6350] close(14) = -1 EBADF (Bad file descriptor) [pid 6350] close(15) = -1 EBADF (Bad file descriptor) [pid 6350] close(16) = -1 EBADF (Bad file descriptor) [pid 6350] close(17) = -1 EBADF (Bad file descriptor) [pid 6350] close(18) = -1 EBADF (Bad file descriptor) [pid 6350] close(19) = -1 EBADF (Bad file descriptor) [pid 6350] close(20) = -1 EBADF (Bad file descriptor) [pid 6350] close(21) = -1 EBADF (Bad file descriptor) [pid 6350] close(22) = -1 EBADF (Bad file descriptor) [pid 6350] close(23) = -1 EBADF (Bad file descriptor) [pid 6350] close(24) = -1 EBADF (Bad file descriptor) [pid 6350] close(25) = -1 EBADF (Bad file descriptor) [pid 6350] close(26) = -1 EBADF (Bad file descriptor) [pid 6350] close(27) = -1 EBADF (Bad file descriptor) [pid 6350] close(28) = -1 EBADF (Bad file descriptor) [pid 6350] close(29) = -1 EBADF (Bad file descriptor) [pid 6350] exit_group(0) = ? [pid 6351] <... futex resumed>) = ? [pid 6352] <... futex resumed>) = ? [pid 6351] +++ exited with 0 +++ [pid 6352] +++ exited with 0 +++ [pid 6350] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1274, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./424", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./424", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./424/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./424/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./424/cgroup.cpu") = 0 [pid 5063] umount2("./424/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./424/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./424/binderfs") = 0 [pid 5063] umount2("./424/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./424/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./424/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./424/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./424/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./424/file0") = 0 [pid 5063] umount2("./424/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./424/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./424/cgroup") = 0 [pid 5063] umount2("./424/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./424/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./424/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./424") = 0 [pid 5063] mkdir("./425", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6353 attached [pid 6353] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1277 [pid 6353] chdir("./425") = 0 [pid 6353] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6353] setpgid(0, 0) = 0 [pid 6353] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6353] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6353] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6353] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6353] write(3, "1000", 4) = 4 [pid 6353] close(3) = 0 [pid 6353] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6353] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6353] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6353] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6353] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6353] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6353] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6353] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6354 attached [pid 6354] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6353] <... clone3 resumed> => {parent_tid=[1278]}, 88) = 1278 [pid 6354] set_robust_list(0x7eff0a34a9a0, 24 [pid 6353] rt_sigprocmask(SIG_SETMASK, [], [pid 6354] <... set_robust_list resumed>) = 0 [pid 6354] rt_sigprocmask(SIG_SETMASK, [], [pid 6353] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6354] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6353] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6354] memfd_create("syzkaller", 0 [pid 6353] <... futex resumed>) = 0 [pid 6353] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6354] <... memfd_create resumed>) = 3 [pid 6354] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6354] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6354] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6354] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6354] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6354] close(3) = 0 [pid 6354] mkdir("./file0", 0777) = 0 [pid 6354] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6354] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6354] chdir("./file0") = 0 [pid 6354] ioctl(4, LOOP_CLR_FD) = 0 [pid 6354] close(4) = 0 [pid 6354] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6353] <... futex resumed>) = 0 [pid 6354] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6353] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6354] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6353] <... futex resumed>) = 0 [pid 6354] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6353] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6354] <... openat resumed>) = 4 [pid 6354] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6354] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6353] <... futex resumed>) = 0 [ 302.667771][ T6354] loop0: detected capacity change from 0 to 4096 [ 302.688655][ T6354] ntfs: volume version 3.1. [pid 6353] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6354] <... futex resumed>) = 0 [pid 6354] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6353] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6353] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6353] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6353] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6353] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6353] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6355 attached [pid 6355] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6355] set_robust_list(0x7eff0a3299a0, 24 [pid 6353] <... clone3 resumed> => {parent_tid=[1279]}, 88) = 1279 [pid 6355] <... set_robust_list resumed>) = 0 [pid 6355] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6355] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6353] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6353] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6355] <... futex resumed>) = 0 [pid 6354] <... write resumed>) = 1048064 [pid 6355] creat("./file1", 000 [pid 6354] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6353] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6355] <... creat resumed>) = 5 [pid 6355] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6354] <... futex resumed>) = 0 [pid 6353] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6355] <... futex resumed>) = 0 [pid 6354] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6353] close(3 [pid 6355] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6353] <... close resumed>) = 0 [pid 6353] close(4) = 0 [pid 6353] close(5) = 0 [pid 6353] close(6) = -1 EBADF (Bad file descriptor) [pid 6353] close(7) = -1 EBADF (Bad file descriptor) [pid 6353] close(8) = -1 EBADF (Bad file descriptor) [pid 6353] close(9) = -1 EBADF (Bad file descriptor) [pid 6353] close(10) = -1 EBADF (Bad file descriptor) [pid 6353] close(11) = -1 EBADF (Bad file descriptor) [pid 6353] close(12) = -1 EBADF (Bad file descriptor) [pid 6353] close(13) = -1 EBADF (Bad file descriptor) [pid 6353] close(14) = -1 EBADF (Bad file descriptor) [pid 6353] close(15) = -1 EBADF (Bad file descriptor) [pid 6353] close(16) = -1 EBADF (Bad file descriptor) [pid 6353] close(17) = -1 EBADF (Bad file descriptor) [pid 6353] close(18) = -1 EBADF (Bad file descriptor) [pid 6353] close(19) = -1 EBADF (Bad file descriptor) [pid 6353] close(20) = -1 EBADF (Bad file descriptor) [pid 6353] close(21) = -1 EBADF (Bad file descriptor) [pid 6353] close(22) = -1 EBADF (Bad file descriptor) [pid 6353] close(23) = -1 EBADF (Bad file descriptor) [pid 6353] close(24) = -1 EBADF (Bad file descriptor) [pid 6353] close(25) = -1 EBADF (Bad file descriptor) [pid 6353] close(26) = -1 EBADF (Bad file descriptor) [pid 6353] close(27) = -1 EBADF (Bad file descriptor) [pid 6353] close(28) = -1 EBADF (Bad file descriptor) [pid 6353] close(29) = -1 EBADF (Bad file descriptor) [pid 6353] exit_group(0) = ? [pid 6355] <... futex resumed>) = ? [pid 6354] <... futex resumed>) = ? [pid 6355] +++ exited with 0 +++ [pid 6354] +++ exited with 0 +++ [pid 6353] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1277, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./425", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./425", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./425/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./425/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./425/cgroup.cpu") = 0 [pid 5063] umount2("./425/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./425/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./425/binderfs") = 0 [pid 5063] umount2("./425/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./425/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./425/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./425/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./425/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./425/file0") = 0 [pid 5063] umount2("./425/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./425/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./425/cgroup") = 0 [pid 5063] umount2("./425/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./425/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./425/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./425") = 0 [pid 5063] mkdir("./426", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6356 attached , child_tidptr=0x5555560b8690) = 1280 [pid 6356] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6356] chdir("./426") = 0 [pid 6356] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6356] setpgid(0, 0) = 0 [pid 6356] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6356] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6356] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6356] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6356] write(3, "1000", 4) = 4 [pid 6356] close(3) = 0 [pid 6356] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6356] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6356] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6356] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6356] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6356] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6356] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6356] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6357 attached => {parent_tid=[1281]}, 88) = 1281 [pid 6357] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6356] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6356] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6356] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6357] <... rseq resumed>) = 0 [pid 6357] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6357] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6357] memfd_create("syzkaller", 0) = 3 [pid 6357] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6357] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6357] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6357] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6357] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6357] close(3) = 0 [pid 6357] mkdir("./file0", 0777) = 0 [pid 6357] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6357] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6357] chdir("./file0") = 0 [pid 6357] ioctl(4, LOOP_CLR_FD) = 0 [pid 6357] close(4) = 0 [ 303.196619][ T6357] loop0: detected capacity change from 0 to 4096 [ 303.227075][ T6357] ntfs: volume version 3.1. [pid 6357] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6356] <... futex resumed>) = 0 [pid 6357] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6356] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6357] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6356] <... futex resumed>) = 0 [pid 6357] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6356] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6357] <... openat resumed>) = 4 [pid 6357] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6357] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6356] <... futex resumed>) = 0 [pid 6356] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6357] <... futex resumed>) = 0 [pid 6357] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6356] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6356] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6356] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6356] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6356] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6356] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6358 attached => {parent_tid=[1282]}, 88) = 1282 [pid 6358] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6356] rt_sigprocmask(SIG_SETMASK, [], [pid 6358] <... rseq resumed>) = 0 [pid 6356] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6358] set_robust_list(0x7eff0a3299a0, 24 [pid 6356] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6358] <... set_robust_list resumed>) = 0 [pid 6356] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6358] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6358] creat("./file1", 000) = 5 [pid 6358] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6357] <... write resumed>) = 1048064 [pid 6358] <... futex resumed>) = 1 [pid 6358] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6356] <... futex resumed>) = 0 [pid 6357] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6356] close(3) = 0 [pid 6356] close(4) = 0 [pid 6356] close(5) = 0 [pid 6357] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6356] close(6) = -1 EBADF (Bad file descriptor) [pid 6356] close(7) = -1 EBADF (Bad file descriptor) [pid 6356] close(8) = -1 EBADF (Bad file descriptor) [pid 6356] close(9) = -1 EBADF (Bad file descriptor) [pid 6356] close(10) = -1 EBADF (Bad file descriptor) [pid 6356] close(11) = -1 EBADF (Bad file descriptor) [pid 6356] close(12) = -1 EBADF (Bad file descriptor) [pid 6356] close(13) = -1 EBADF (Bad file descriptor) [pid 6356] close(14) = -1 EBADF (Bad file descriptor) [pid 6356] close(15) = -1 EBADF (Bad file descriptor) [pid 6356] close(16) = -1 EBADF (Bad file descriptor) [pid 6356] close(17) = -1 EBADF (Bad file descriptor) [pid 6356] close(18) = -1 EBADF (Bad file descriptor) [pid 6356] close(19) = -1 EBADF (Bad file descriptor) [pid 6356] close(20) = -1 EBADF (Bad file descriptor) [pid 6356] close(21) = -1 EBADF (Bad file descriptor) [pid 6356] close(22) = -1 EBADF (Bad file descriptor) [pid 6356] close(23) = -1 EBADF (Bad file descriptor) [pid 6356] close(24) = -1 EBADF (Bad file descriptor) [pid 6356] close(25) = -1 EBADF (Bad file descriptor) [pid 6356] close(26) = -1 EBADF (Bad file descriptor) [pid 6356] close(27) = -1 EBADF (Bad file descriptor) [pid 6356] close(28) = -1 EBADF (Bad file descriptor) [pid 6356] close(29) = -1 EBADF (Bad file descriptor) [pid 6356] exit_group(0 [pid 6358] <... futex resumed>) = ? [pid 6357] <... futex resumed>) = ? [pid 6356] <... exit_group resumed>) = ? [pid 6358] +++ exited with 0 +++ [pid 6357] +++ exited with 0 +++ [pid 6356] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1280, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./426", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./426", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./426/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./426/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./426/cgroup.cpu") = 0 [pid 5063] umount2("./426/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./426/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./426/binderfs") = 0 [pid 5063] umount2("./426/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./426/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./426/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./426/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./426/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./426/file0") = 0 [pid 5063] umount2("./426/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./426/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./426/cgroup") = 0 [pid 5063] umount2("./426/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./426/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./426/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./426") = 0 [pid 5063] mkdir("./427", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6359 attached , child_tidptr=0x5555560b8690) = 1283 [pid 6359] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6359] chdir("./427") = 0 [pid 6359] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6359] setpgid(0, 0) = 0 [pid 6359] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6359] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6359] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6359] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6359] write(3, "1000", 4) = 4 [pid 6359] close(3) = 0 [pid 6359] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6359] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6359] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6359] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6359] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6359] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6359] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6359] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6360 attached => {parent_tid=[1284]}, 88) = 1284 [pid 6360] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6359] rt_sigprocmask(SIG_SETMASK, [], [pid 6360] <... rseq resumed>) = 0 [pid 6359] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6360] set_robust_list(0x7eff0a34a9a0, 24 [pid 6359] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6360] <... set_robust_list resumed>) = 0 [pid 6359] <... futex resumed>) = 0 [pid 6360] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6359] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6360] memfd_create("syzkaller", 0) = 3 [pid 6360] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6360] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6360] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6360] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6360] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6360] close(3) = 0 [pid 6360] mkdir("./file0", 0777) = 0 [ 303.719654][ T6360] loop0: detected capacity change from 0 to 4096 [ 303.739239][ T6360] __ntfs_warning: 170 callbacks suppressed [ 303.739249][ T6360] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 303.766842][ T6360] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 303.776625][ T6360] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 303.792223][ T6360] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 303.800995][ T6360] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 303.820945][ T6360] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 303.829801][ T6360] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 303.849941][ T6360] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6360] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6360] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6360] chdir("./file0") = 0 [pid 6360] ioctl(4, LOOP_CLR_FD) = 0 [pid 6360] close(4) = 0 [pid 6360] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6359] <... futex resumed>) = 0 [pid 6360] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6359] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6360] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6359] <... futex resumed>) = 0 [pid 6360] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6359] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6360] <... openat resumed>) = 4 [pid 6360] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6359] <... futex resumed>) = 0 [pid 6360] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6359] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6360] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6359] <... futex resumed>) = 0 [pid 6359] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 303.858693][ T6360] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 303.878665][ T6360] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 303.889867][ T6360] ntfs: volume version 3.1. [pid 6360] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6359] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6359] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6359] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6359] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6359] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6359] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6361 attached [pid 6361] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6359] <... clone3 resumed> => {parent_tid=[1285]}, 88) = 1285 [pid 6361] <... rseq resumed>) = 0 [pid 6359] rt_sigprocmask(SIG_SETMASK, [], [pid 6361] set_robust_list(0x7eff0a3299a0, 24 [pid 6359] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6361] <... set_robust_list resumed>) = 0 [pid 6359] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6361] rt_sigprocmask(SIG_SETMASK, [], [pid 6359] <... futex resumed>) = 0 [pid 6361] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6359] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6361] creat("./file1", 000) = 5 [pid 6361] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6359] <... futex resumed>) = 0 [pid 6361] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6360] <... write resumed>) = 1048064 [pid 6360] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6360] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6359] close(3) = 0 [pid 6359] close(4) = 0 [pid 6359] close(5) = 0 [pid 6359] close(6) = -1 EBADF (Bad file descriptor) [pid 6359] close(7) = -1 EBADF (Bad file descriptor) [pid 6359] close(8) = -1 EBADF (Bad file descriptor) [pid 6359] close(9) = -1 EBADF (Bad file descriptor) [pid 6359] close(10) = -1 EBADF (Bad file descriptor) [pid 6359] close(11) = -1 EBADF (Bad file descriptor) [pid 6359] close(12) = -1 EBADF (Bad file descriptor) [pid 6359] close(13) = -1 EBADF (Bad file descriptor) [pid 6359] close(14) = -1 EBADF (Bad file descriptor) [pid 6359] close(15) = -1 EBADF (Bad file descriptor) [pid 6359] close(16) = -1 EBADF (Bad file descriptor) [pid 6359] close(17) = -1 EBADF (Bad file descriptor) [pid 6359] close(18) = -1 EBADF (Bad file descriptor) [pid 6359] close(19) = -1 EBADF (Bad file descriptor) [pid 6359] close(20) = -1 EBADF (Bad file descriptor) [pid 6359] close(21) = -1 EBADF (Bad file descriptor) [pid 6359] close(22) = -1 EBADF (Bad file descriptor) [pid 6359] close(23) = -1 EBADF (Bad file descriptor) [pid 6359] close(24) = -1 EBADF (Bad file descriptor) [pid 6359] close(25) = -1 EBADF (Bad file descriptor) [pid 6359] close(26) = -1 EBADF (Bad file descriptor) [pid 6359] close(27) = -1 EBADF (Bad file descriptor) [pid 6359] close(28) = -1 EBADF (Bad file descriptor) [pid 6359] close(29) = -1 EBADF (Bad file descriptor) [pid 6359] exit_group(0 [pid 6361] <... futex resumed>) = ? [pid 6359] <... exit_group resumed>) = ? [pid 6361] +++ exited with 0 +++ [pid 6360] <... futex resumed>) = ? [pid 6360] +++ exited with 0 +++ [pid 6359] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1283, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] umount2("./427", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./427", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./427/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./427/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./427/cgroup.cpu") = 0 [pid 5063] umount2("./427/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./427/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./427/binderfs") = 0 [pid 5063] umount2("./427/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./427/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./427/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./427/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./427/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./427/file0") = 0 [pid 5063] umount2("./427/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./427/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./427/cgroup") = 0 [pid 5063] umount2("./427/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./427/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./427/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./427") = 0 [pid 5063] mkdir("./428", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6362 attached [pid 6362] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1286 [pid 6362] <... set_robust_list resumed>) = 0 [pid 6362] chdir("./428") = 0 [pid 6362] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6362] setpgid(0, 0) = 0 [pid 6362] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6362] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6362] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6362] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6362] write(3, "1000", 4) = 4 [pid 6362] close(3) = 0 [pid 6362] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6362] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6362] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6362] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6362] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6362] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6362] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6362] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6363 attached [pid 6363] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6362] <... clone3 resumed> => {parent_tid=[1287]}, 88) = 1287 [pid 6362] rt_sigprocmask(SIG_SETMASK, [], [pid 6363] <... rseq resumed>) = 0 [pid 6362] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6363] set_robust_list(0x7eff0a34a9a0, 24 [pid 6362] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6362] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6363] <... set_robust_list resumed>) = 0 [pid 6363] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6363] memfd_create("syzkaller", 0) = 3 [pid 6363] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6363] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6363] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6363] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6363] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6363] close(3) = 0 [pid 6363] mkdir("./file0", 0777) = 0 [pid 6363] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6363] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6363] chdir("./file0") = 0 [pid 6363] ioctl(4, LOOP_CLR_FD) = 0 [pid 6363] close(4) = 0 [ 304.390516][ T6363] loop0: detected capacity change from 0 to 4096 [ 304.420930][ T6363] ntfs: volume version 3.1. [pid 6363] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6362] <... futex resumed>) = 0 [pid 6363] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6362] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6362] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6363] <... openat resumed>) = 4 [pid 6363] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6363] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6362] <... futex resumed>) = 0 [pid 6362] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6363] <... futex resumed>) = 0 [pid 6362] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6363] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6362] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6362] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6362] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6362] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6362] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6362] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6364 attached [pid 6364] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6362] <... clone3 resumed> => {parent_tid=[1288]}, 88) = 1288 [pid 6364] <... rseq resumed>) = 0 [pid 6364] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6364] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6364] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6362] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6362] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6364] <... futex resumed>) = 0 [pid 6362] <... futex resumed>) = 1 [pid 6364] creat("./file1", 000 [pid 6362] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6364] <... creat resumed>) = 5 [pid 6364] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6363] <... write resumed>) = 1048064 [pid 6364] <... futex resumed>) = 1 [pid 6363] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6362] <... futex resumed>) = 0 [pid 6363] <... futex resumed>) = 0 [pid 6362] close(3 [pid 6364] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6362] <... close resumed>) = 0 [pid 6363] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6362] close(4) = 0 [pid 6362] close(5) = 0 [pid 6362] close(6) = -1 EBADF (Bad file descriptor) [pid 6362] close(7) = -1 EBADF (Bad file descriptor) [pid 6362] close(8) = -1 EBADF (Bad file descriptor) [pid 6362] close(9) = -1 EBADF (Bad file descriptor) [pid 6362] close(10) = -1 EBADF (Bad file descriptor) [pid 6362] close(11) = -1 EBADF (Bad file descriptor) [pid 6362] close(12) = -1 EBADF (Bad file descriptor) [pid 6362] close(13) = -1 EBADF (Bad file descriptor) [pid 6362] close(14) = -1 EBADF (Bad file descriptor) [pid 6362] close(15) = -1 EBADF (Bad file descriptor) [pid 6362] close(16) = -1 EBADF (Bad file descriptor) [pid 6362] close(17) = -1 EBADF (Bad file descriptor) [pid 6362] close(18) = -1 EBADF (Bad file descriptor) [pid 6362] close(19) = -1 EBADF (Bad file descriptor) [pid 6362] close(20) = -1 EBADF (Bad file descriptor) [pid 6362] close(21) = -1 EBADF (Bad file descriptor) [pid 6362] close(22) = -1 EBADF (Bad file descriptor) [pid 6362] close(23) = -1 EBADF (Bad file descriptor) [pid 6362] close(24) = -1 EBADF (Bad file descriptor) [pid 6362] close(25) = -1 EBADF (Bad file descriptor) [pid 6362] close(26) = -1 EBADF (Bad file descriptor) [pid 6362] close(27) = -1 EBADF (Bad file descriptor) [pid 6362] close(28) = -1 EBADF (Bad file descriptor) [pid 6362] close(29) = -1 EBADF (Bad file descriptor) [pid 6362] exit_group(0 [pid 6363] <... futex resumed>) = ? [pid 6362] <... exit_group resumed>) = ? [pid 6364] <... futex resumed>) = ? [pid 6363] +++ exited with 0 +++ [pid 6364] +++ exited with 0 +++ [pid 6362] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1286, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./428", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./428", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./428/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./428/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./428/cgroup.cpu") = 0 [pid 5063] umount2("./428/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./428/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./428/binderfs") = 0 [pid 5063] umount2("./428/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./428/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./428/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./428/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./428/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./428/file0") = 0 [pid 5063] umount2("./428/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./428/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./428/cgroup") = 0 [pid 5063] umount2("./428/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./428/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./428/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./428") = 0 [pid 5063] mkdir("./429", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6365 attached [pid 6365] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1289 [pid 6365] <... set_robust_list resumed>) = 0 [pid 6365] chdir("./429") = 0 [pid 6365] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6365] setpgid(0, 0) = 0 [pid 6365] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6365] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6365] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6365] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6365] write(3, "1000", 4) = 4 [pid 6365] close(3) = 0 [pid 6365] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6365] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6365] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6365] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6365] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6365] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6365] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6365] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6366 attached [pid 6366] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6365] <... clone3 resumed> => {parent_tid=[1290]}, 88) = 1290 [pid 6366] set_robust_list(0x7eff0a34a9a0, 24 [pid 6365] rt_sigprocmask(SIG_SETMASK, [], [pid 6366] <... set_robust_list resumed>) = 0 [pid 6365] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6366] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6365] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6366] memfd_create("syzkaller", 0 [pid 6365] <... futex resumed>) = 0 [pid 6365] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6366] <... memfd_create resumed>) = 3 [pid 6366] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6366] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6366] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6366] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6366] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6366] close(3) = 0 [pid 6366] mkdir("./file0", 0777) = 0 [pid 6366] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6366] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6366] chdir("./file0") = 0 [pid 6366] ioctl(4, LOOP_CLR_FD) = 0 [pid 6366] close(4) = 0 [pid 6366] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6365] <... futex resumed>) = 0 [pid 6365] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6365] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6366] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6366] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6365] <... futex resumed>) = 0 [pid 6365] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 304.969542][ T6366] loop0: detected capacity change from 0 to 4096 [ 304.989045][ T6366] ntfs: volume version 3.1. [pid 6365] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6366] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6365] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6365] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6365] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6365] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6365] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6365] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6367 attached [pid 6367] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6365] <... clone3 resumed> => {parent_tid=[1291]}, 88) = 1291 [pid 6367] set_robust_list(0x7eff0a3299a0, 24 [pid 6365] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6367] <... set_robust_list resumed>) = 0 [pid 6365] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6365] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6367] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6367] creat("./file1", 000) = 5 [pid 6366] <... write resumed>) = 1048064 [pid 6367] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6366] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6367] <... futex resumed>) = 1 [pid 6365] <... futex resumed>) = 0 [pid 6366] <... futex resumed>) = 0 [pid 6365] close(3 [pid 6367] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6366] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6365] <... close resumed>) = 0 [pid 6365] close(4) = 0 [pid 6365] close(5) = 0 [pid 6365] close(6) = -1 EBADF (Bad file descriptor) [pid 6365] close(7) = -1 EBADF (Bad file descriptor) [pid 6365] close(8) = -1 EBADF (Bad file descriptor) [pid 6365] close(9) = -1 EBADF (Bad file descriptor) [pid 6365] close(10) = -1 EBADF (Bad file descriptor) [pid 6365] close(11) = -1 EBADF (Bad file descriptor) [pid 6365] close(12) = -1 EBADF (Bad file descriptor) [pid 6365] close(13) = -1 EBADF (Bad file descriptor) [pid 6365] close(14) = -1 EBADF (Bad file descriptor) [pid 6365] close(15) = -1 EBADF (Bad file descriptor) [pid 6365] close(16) = -1 EBADF (Bad file descriptor) [pid 6365] close(17) = -1 EBADF (Bad file descriptor) [pid 6365] close(18) = -1 EBADF (Bad file descriptor) [pid 6365] close(19) = -1 EBADF (Bad file descriptor) [pid 6365] close(20) = -1 EBADF (Bad file descriptor) [pid 6365] close(21) = -1 EBADF (Bad file descriptor) [pid 6365] close(22) = -1 EBADF (Bad file descriptor) [pid 6365] close(23) = -1 EBADF (Bad file descriptor) [pid 6365] close(24) = -1 EBADF (Bad file descriptor) [pid 6365] close(25) = -1 EBADF (Bad file descriptor) [pid 6365] close(26) = -1 EBADF (Bad file descriptor) [pid 6365] close(27) = -1 EBADF (Bad file descriptor) [pid 6365] close(28) = -1 EBADF (Bad file descriptor) [pid 6365] close(29) = -1 EBADF (Bad file descriptor) [pid 6365] exit_group(0) = ? [pid 6366] <... futex resumed>) = ? [pid 6367] <... futex resumed>) = ? [pid 6366] +++ exited with 0 +++ [pid 6367] +++ exited with 0 +++ [pid 6365] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1289, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./429", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./429", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./429/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./429/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./429/cgroup.cpu") = 0 [pid 5063] umount2("./429/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./429/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./429/binderfs") = 0 [pid 5063] umount2("./429/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./429/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./429/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./429/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./429/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./429/file0") = 0 [pid 5063] umount2("./429/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./429/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./429/cgroup") = 0 [pid 5063] umount2("./429/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./429/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./429/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./429") = 0 [pid 5063] mkdir("./430", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6368 attached [pid 6368] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1292 [pid 6368] <... set_robust_list resumed>) = 0 [pid 6368] chdir("./430") = 0 [pid 6368] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6368] setpgid(0, 0) = 0 [pid 6368] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6368] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6368] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6368] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6368] write(3, "1000", 4) = 4 [pid 6368] close(3) = 0 [pid 6368] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6368] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6368] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6368] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6368] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6368] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6368] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6368] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6369 attached => {parent_tid=[1293]}, 88) = 1293 [pid 6369] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6368] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6368] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6368] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6369] <... rseq resumed>) = 0 [pid 6369] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6369] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6369] memfd_create("syzkaller", 0) = 3 [pid 6369] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6369] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6369] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6369] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6369] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6369] close(3) = 0 [pid 6369] mkdir("./file0", 0777) = 0 [pid 6369] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6369] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6369] chdir("./file0") = 0 [pid 6369] ioctl(4, LOOP_CLR_FD) = 0 [pid 6369] close(4) = 0 [pid 6369] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6368] <... futex resumed>) = 0 [pid 6369] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6368] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6369] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6368] <... futex resumed>) = 0 [pid 6368] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6369] <... openat resumed>) = 4 [pid 6369] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6368] <... futex resumed>) = 0 [pid 6368] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6369] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6368] <... futex resumed>) = 0 [ 305.527173][ T6369] loop0: detected capacity change from 0 to 4096 [ 305.559323][ T6369] ntfs: volume version 3.1. [pid 6368] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6368] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6368] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6368] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6368] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6368] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6370 attached => {parent_tid=[1294]}, 88) = 1294 [pid 6370] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6368] rt_sigprocmask(SIG_SETMASK, [], [pid 6370] <... rseq resumed>) = 0 [pid 6368] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6370] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6370] rt_sigprocmask(SIG_SETMASK, [], [pid 6368] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6370] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6368] <... futex resumed>) = 0 [pid 6370] creat("./file1", 000 [pid 6368] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6370] <... creat resumed>) = 5 [pid 6370] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6369] <... write resumed>) = 1048064 [pid 6370] <... futex resumed>) = 1 [pid 6369] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6368] <... futex resumed>) = 0 [pid 6370] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6369] <... futex resumed>) = 0 [pid 6368] close(3) = 0 [pid 6368] close(4 [pid 6369] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6368] <... close resumed>) = 0 [pid 6368] close(5) = 0 [pid 6368] close(6) = -1 EBADF (Bad file descriptor) [pid 6368] close(7) = -1 EBADF (Bad file descriptor) [pid 6368] close(8) = -1 EBADF (Bad file descriptor) [pid 6368] close(9) = -1 EBADF (Bad file descriptor) [pid 6368] close(10) = -1 EBADF (Bad file descriptor) [pid 6368] close(11) = -1 EBADF (Bad file descriptor) [pid 6368] close(12) = -1 EBADF (Bad file descriptor) [pid 6368] close(13) = -1 EBADF (Bad file descriptor) [pid 6368] close(14) = -1 EBADF (Bad file descriptor) [pid 6368] close(15) = -1 EBADF (Bad file descriptor) [pid 6368] close(16) = -1 EBADF (Bad file descriptor) [pid 6368] close(17) = -1 EBADF (Bad file descriptor) [pid 6368] close(18) = -1 EBADF (Bad file descriptor) [pid 6368] close(19) = -1 EBADF (Bad file descriptor) [pid 6368] close(20) = -1 EBADF (Bad file descriptor) [pid 6368] close(21) = -1 EBADF (Bad file descriptor) [pid 6368] close(22) = -1 EBADF (Bad file descriptor) [pid 6368] close(23) = -1 EBADF (Bad file descriptor) [pid 6368] close(24) = -1 EBADF (Bad file descriptor) [pid 6368] close(25) = -1 EBADF (Bad file descriptor) [pid 6368] close(26) = -1 EBADF (Bad file descriptor) [pid 6368] close(27) = -1 EBADF (Bad file descriptor) [pid 6368] close(28) = -1 EBADF (Bad file descriptor) [pid 6368] close(29) = -1 EBADF (Bad file descriptor) [pid 6368] exit_group(0) = ? [pid 6369] <... futex resumed>) = ? [pid 6370] <... futex resumed>) = ? [pid 6369] +++ exited with 0 +++ [pid 6370] +++ exited with 0 +++ [pid 6368] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1292, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./430", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./430", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./430/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./430/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./430/cgroup.cpu") = 0 [pid 5063] umount2("./430/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./430/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./430/binderfs") = 0 [pid 5063] umount2("./430/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./430/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./430/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./430/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./430/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./430/file0") = 0 [pid 5063] umount2("./430/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./430/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./430/cgroup") = 0 [pid 5063] umount2("./430/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./430/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./430/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./430") = 0 [pid 5063] mkdir("./431", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6371 attached , child_tidptr=0x5555560b8690) = 1295 [pid 6371] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6371] chdir("./431") = 0 [pid 6371] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6371] setpgid(0, 0) = 0 [pid 6371] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6371] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6371] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6371] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6371] write(3, "1000", 4) = 4 [pid 6371] close(3) = 0 [pid 6371] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6371] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6371] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6371] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6371] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6371] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6371] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6371] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6372 attached [pid 6372] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6371] <... clone3 resumed> => {parent_tid=[1296]}, 88) = 1296 [pid 6372] set_robust_list(0x7eff0a34a9a0, 24 [pid 6371] rt_sigprocmask(SIG_SETMASK, [], [pid 6372] <... set_robust_list resumed>) = 0 [pid 6371] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6372] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6371] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6371] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6372] memfd_create("syzkaller", 0) = 3 [pid 6372] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6372] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6372] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6372] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6372] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6372] close(3) = 0 [pid 6372] mkdir("./file0", 0777) = 0 [pid 6372] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6372] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6372] chdir("./file0") = 0 [pid 6372] ioctl(4, LOOP_CLR_FD) = 0 [pid 6372] close(4) = 0 [pid 6372] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6371] <... futex resumed>) = 0 [pid 6372] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6371] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6372] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6371] <... futex resumed>) = 0 [pid 6372] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6371] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6372] <... openat resumed>) = 4 [pid 6372] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6372] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6371] <... futex resumed>) = 0 [pid 6371] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6372] <... futex resumed>) = 0 [pid 6371] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 306.140503][ T6372] loop0: detected capacity change from 0 to 4096 [ 306.155875][ T6372] ntfs: volume version 3.1. [pid 6372] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6371] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6371] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6371] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6371] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6371] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6371] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1297]}, 88) = 1297 ./strace-static-x86_64: Process 6373 attached [pid 6371] rt_sigprocmask(SIG_SETMASK, [], [pid 6373] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6371] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6373] <... rseq resumed>) = 0 [pid 6371] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6373] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6373] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6373] creat("./file1", 000 [pid 6371] <... futex resumed>) = 0 [pid 6371] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6373] <... creat resumed>) = 5 [pid 6372] <... write resumed>) = 1048064 [pid 6373] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6372] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6373] <... futex resumed>) = 1 [pid 6372] <... futex resumed>) = 0 [pid 6371] <... futex resumed>) = 0 [pid 6373] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6372] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6371] close(3) = 0 [pid 6371] close(4) = 0 [pid 6371] close(5) = 0 [pid 6371] close(6) = -1 EBADF (Bad file descriptor) [pid 6371] close(7) = -1 EBADF (Bad file descriptor) [pid 6371] close(8) = -1 EBADF (Bad file descriptor) [pid 6371] close(9) = -1 EBADF (Bad file descriptor) [pid 6371] close(10) = -1 EBADF (Bad file descriptor) [pid 6371] close(11) = -1 EBADF (Bad file descriptor) [pid 6371] close(12) = -1 EBADF (Bad file descriptor) [pid 6371] close(13) = -1 EBADF (Bad file descriptor) [pid 6371] close(14) = -1 EBADF (Bad file descriptor) [pid 6371] close(15) = -1 EBADF (Bad file descriptor) [pid 6371] close(16) = -1 EBADF (Bad file descriptor) [pid 6371] close(17) = -1 EBADF (Bad file descriptor) [pid 6371] close(18) = -1 EBADF (Bad file descriptor) [pid 6371] close(19) = -1 EBADF (Bad file descriptor) [pid 6371] close(20) = -1 EBADF (Bad file descriptor) [pid 6371] close(21) = -1 EBADF (Bad file descriptor) [pid 6371] close(22) = -1 EBADF (Bad file descriptor) [pid 6371] close(23) = -1 EBADF (Bad file descriptor) [pid 6371] close(24) = -1 EBADF (Bad file descriptor) [pid 6371] close(25) = -1 EBADF (Bad file descriptor) [pid 6371] close(26) = -1 EBADF (Bad file descriptor) [pid 6371] close(27) = -1 EBADF (Bad file descriptor) [pid 6371] close(28) = -1 EBADF (Bad file descriptor) [pid 6371] close(29) = -1 EBADF (Bad file descriptor) [pid 6371] exit_group(0) = ? [pid 6373] <... futex resumed>) = ? [pid 6373] +++ exited with 0 +++ [pid 6372] <... futex resumed>) = ? [pid 6372] +++ exited with 0 +++ [pid 6371] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1295, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./431", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./431", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./431/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./431/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./431/cgroup.cpu") = 0 [pid 5063] umount2("./431/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./431/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./431/binderfs") = 0 [pid 5063] umount2("./431/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./431/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./431/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./431/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./431/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./431/file0") = 0 [pid 5063] umount2("./431/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./431/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./431/cgroup") = 0 [pid 5063] umount2("./431/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./431/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./431/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./431") = 0 [pid 5063] mkdir("./432", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1298 ./strace-static-x86_64: Process 6374 attached [pid 6374] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6374] chdir("./432") = 0 [pid 6374] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6374] setpgid(0, 0) = 0 [pid 6374] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6374] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6374] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6374] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6374] write(3, "1000", 4) = 4 [pid 6374] close(3) = 0 [pid 6374] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6374] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6374] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6374] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6374] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6374] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6374] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6374] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6375 attached => {parent_tid=[1299]}, 88) = 1299 [pid 6375] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6374] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6374] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6374] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6375] <... rseq resumed>) = 0 [pid 6375] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6375] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6375] memfd_create("syzkaller", 0) = 3 [pid 6375] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6375] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6375] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6375] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6375] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6375] close(3) = 0 [pid 6375] mkdir("./file0", 0777) = 0 [pid 6375] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6375] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6375] chdir("./file0") = 0 [pid 6375] ioctl(4, LOOP_CLR_FD) = 0 [pid 6375] close(4) = 0 [pid 6375] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 306.676693][ T6375] loop0: detected capacity change from 0 to 4096 [ 306.697202][ T6375] ntfs: volume version 3.1. [pid 6375] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6374] <... futex resumed>) = 0 [pid 6374] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6375] <... futex resumed>) = 0 [pid 6374] <... futex resumed>) = 1 [pid 6375] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6374] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6375] <... openat resumed>) = 4 [pid 6375] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6375] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6374] <... futex resumed>) = 0 [pid 6375] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6374] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6375] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6374] <... futex resumed>) = 0 [pid 6374] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6374] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6374] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6374] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6374] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6374] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6376 attached => {parent_tid=[1300]}, 88) = 1300 [pid 6376] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6376] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6376] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6376] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6374] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6374] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6376] <... futex resumed>) = 0 [pid 6374] <... futex resumed>) = 1 [pid 6376] creat("./file1", 000 [pid 6374] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6376] <... creat resumed>) = 5 [pid 6375] <... write resumed>) = 1048064 [pid 6376] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6375] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6376] <... futex resumed>) = 1 [pid 6375] <... futex resumed>) = 0 [pid 6376] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6375] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6374] <... futex resumed>) = 0 [pid 6374] close(3) = 0 [pid 6374] close(4) = 0 [pid 6374] close(5) = 0 [pid 6374] close(6) = -1 EBADF (Bad file descriptor) [pid 6374] close(7) = -1 EBADF (Bad file descriptor) [pid 6374] close(8) = -1 EBADF (Bad file descriptor) [pid 6374] close(9) = -1 EBADF (Bad file descriptor) [pid 6374] close(10) = -1 EBADF (Bad file descriptor) [pid 6374] close(11) = -1 EBADF (Bad file descriptor) [pid 6374] close(12) = -1 EBADF (Bad file descriptor) [pid 6374] close(13) = -1 EBADF (Bad file descriptor) [pid 6374] close(14) = -1 EBADF (Bad file descriptor) [pid 6374] close(15) = -1 EBADF (Bad file descriptor) [pid 6374] close(16) = -1 EBADF (Bad file descriptor) [pid 6374] close(17) = -1 EBADF (Bad file descriptor) [pid 6374] close(18) = -1 EBADF (Bad file descriptor) [pid 6374] close(19) = -1 EBADF (Bad file descriptor) [pid 6374] close(20) = -1 EBADF (Bad file descriptor) [pid 6374] close(21) = -1 EBADF (Bad file descriptor) [pid 6374] close(22) = -1 EBADF (Bad file descriptor) [pid 6374] close(23) = -1 EBADF (Bad file descriptor) [pid 6374] close(24) = -1 EBADF (Bad file descriptor) [pid 6374] close(25) = -1 EBADF (Bad file descriptor) [pid 6374] close(26) = -1 EBADF (Bad file descriptor) [pid 6374] close(27) = -1 EBADF (Bad file descriptor) [pid 6374] close(28) = -1 EBADF (Bad file descriptor) [pid 6374] close(29) = -1 EBADF (Bad file descriptor) [pid 6374] exit_group(0 [pid 6375] <... futex resumed>) = ? [pid 6374] <... exit_group resumed>) = ? [pid 6376] <... futex resumed>) = ? [pid 6375] +++ exited with 0 +++ [pid 6376] +++ exited with 0 +++ [pid 6374] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1298, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./432", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./432", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./432/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./432/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./432/cgroup.cpu") = 0 [pid 5063] umount2("./432/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./432/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./432/binderfs") = 0 [pid 5063] umount2("./432/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./432/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./432/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./432/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./432/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./432/file0") = 0 [pid 5063] umount2("./432/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./432/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./432/cgroup") = 0 [pid 5063] umount2("./432/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./432/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./432/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./432") = 0 [pid 5063] mkdir("./433", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6377 attached , child_tidptr=0x5555560b8690) = 1301 [pid 6377] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6377] chdir("./433") = 0 [pid 6377] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6377] setpgid(0, 0) = 0 [pid 6377] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6377] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6377] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6377] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6377] write(3, "1000", 4) = 4 [pid 6377] close(3) = 0 [pid 6377] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6377] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6377] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6377] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6377] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6377] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6377] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6377] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6378 attached [pid 6378] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6377] <... clone3 resumed> => {parent_tid=[1302]}, 88) = 1302 [pid 6378] set_robust_list(0x7eff0a34a9a0, 24 [pid 6377] rt_sigprocmask(SIG_SETMASK, [], [pid 6378] <... set_robust_list resumed>) = 0 [pid 6378] rt_sigprocmask(SIG_SETMASK, [], [pid 6377] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6378] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6377] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6378] memfd_create("syzkaller", 0 [pid 6377] <... futex resumed>) = 0 [pid 6378] <... memfd_create resumed>) = 3 [pid 6377] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6378] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6378] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6378] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6378] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6378] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6378] close(3) = 0 [pid 6378] mkdir("./file0", 0777) = 0 [pid 6378] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6378] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6378] chdir("./file0") = 0 [pid 6378] ioctl(4, LOOP_CLR_FD) = 0 [pid 6378] close(4) = 0 [ 307.241333][ T6378] loop0: detected capacity change from 0 to 4096 [ 307.276794][ T6378] ntfs: volume version 3.1. [pid 6378] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6377] <... futex resumed>) = 0 [pid 6378] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6377] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6378] <... futex resumed>) = 0 [pid 6377] <... futex resumed>) = 1 [pid 6378] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6377] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6378] <... openat resumed>) = 4 [pid 6378] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6378] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6377] <... futex resumed>) = 0 [pid 6377] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6377] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6378] <... futex resumed>) = 0 [pid 6378] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6377] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6377] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6377] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6377] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6377] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6377] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6379 attached [pid 6379] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6377] <... clone3 resumed> => {parent_tid=[1303]}, 88) = 1303 [pid 6379] <... rseq resumed>) = 0 [pid 6377] rt_sigprocmask(SIG_SETMASK, [], [pid 6379] set_robust_list(0x7eff0a3299a0, 24 [pid 6377] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6379] <... set_robust_list resumed>) = 0 [pid 6377] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6379] rt_sigprocmask(SIG_SETMASK, [], [pid 6377] <... futex resumed>) = 0 [pid 6379] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6377] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6379] creat("./file1", 000) = 5 [pid 6379] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6378] <... write resumed>) = 1048064 [pid 6379] <... futex resumed>) = 1 [pid 6378] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6377] <... futex resumed>) = 0 [pid 6379] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6378] <... futex resumed>) = 0 [pid 6377] close(3 [pid 6378] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6377] <... close resumed>) = 0 [pid 6377] close(4) = 0 [pid 6377] close(5) = 0 [pid 6377] close(6) = -1 EBADF (Bad file descriptor) [pid 6377] close(7) = -1 EBADF (Bad file descriptor) [pid 6377] close(8) = -1 EBADF (Bad file descriptor) [pid 6377] close(9) = -1 EBADF (Bad file descriptor) [pid 6377] close(10) = -1 EBADF (Bad file descriptor) [pid 6377] close(11) = -1 EBADF (Bad file descriptor) [pid 6377] close(12) = -1 EBADF (Bad file descriptor) [pid 6377] close(13) = -1 EBADF (Bad file descriptor) [pid 6377] close(14) = -1 EBADF (Bad file descriptor) [pid 6377] close(15) = -1 EBADF (Bad file descriptor) [pid 6377] close(16) = -1 EBADF (Bad file descriptor) [pid 6377] close(17) = -1 EBADF (Bad file descriptor) [pid 6377] close(18) = -1 EBADF (Bad file descriptor) [pid 6377] close(19) = -1 EBADF (Bad file descriptor) [pid 6377] close(20) = -1 EBADF (Bad file descriptor) [pid 6377] close(21) = -1 EBADF (Bad file descriptor) [pid 6377] close(22) = -1 EBADF (Bad file descriptor) [pid 6377] close(23) = -1 EBADF (Bad file descriptor) [pid 6377] close(24) = -1 EBADF (Bad file descriptor) [pid 6377] close(25) = -1 EBADF (Bad file descriptor) [pid 6377] close(26) = -1 EBADF (Bad file descriptor) [pid 6377] close(27) = -1 EBADF (Bad file descriptor) [pid 6377] close(28) = -1 EBADF (Bad file descriptor) [pid 6377] close(29) = -1 EBADF (Bad file descriptor) [pid 6377] exit_group(0) = ? [pid 6379] <... futex resumed>) = ? [pid 6378] <... futex resumed>) = ? [pid 6379] +++ exited with 0 +++ [pid 6378] +++ exited with 0 +++ [pid 6377] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1301, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./433", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./433", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./433/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./433/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./433/cgroup.cpu") = 0 [pid 5063] umount2("./433/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./433/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./433/binderfs") = 0 [pid 5063] umount2("./433/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./433/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./433/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./433/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./433/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./433/file0") = 0 [pid 5063] umount2("./433/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./433/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./433/cgroup") = 0 [pid 5063] umount2("./433/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./433/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./433/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./433") = 0 [pid 5063] mkdir("./434", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6380 attached [pid 6380] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1304 [pid 6380] chdir("./434") = 0 [pid 6380] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6380] setpgid(0, 0) = 0 [pid 6380] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6380] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6380] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6380] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6380] write(3, "1000", 4) = 4 [pid 6380] close(3) = 0 [pid 6380] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6380] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6380] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6380] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6380] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6380] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6380] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6380] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6381 attached => {parent_tid=[1305]}, 88) = 1305 [pid 6381] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6380] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6380] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6380] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6381] <... rseq resumed>) = 0 [pid 6381] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6381] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6381] memfd_create("syzkaller", 0) = 3 [pid 6381] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6381] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6381] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6381] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6381] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6381] close(3) = 0 [pid 6381] mkdir("./file0", 0777) = 0 [pid 6381] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6381] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6381] chdir("./file0") = 0 [pid 6381] ioctl(4, LOOP_CLR_FD) = 0 [pid 6381] close(4) = 0 [pid 6381] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6380] <... futex resumed>) = 0 [pid 6381] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6380] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6381] <... futex resumed>) = 0 [pid 6380] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6381] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6381] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6380] <... futex resumed>) = 0 [pid 6380] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6381] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 307.835711][ T6381] loop0: detected capacity change from 0 to 4096 [ 307.857299][ T6381] ntfs: volume version 3.1. [pid 6380] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6380] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6380] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6380] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6380] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6380] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6380] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6382 attached => {parent_tid=[1306]}, 88) = 1306 [pid 6382] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6380] rt_sigprocmask(SIG_SETMASK, [], [pid 6382] <... rseq resumed>) = 0 [pid 6380] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6382] set_robust_list(0x7eff0a3299a0, 24 [pid 6380] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6382] <... set_robust_list resumed>) = 0 [pid 6380] <... futex resumed>) = 0 [pid 6382] rt_sigprocmask(SIG_SETMASK, [], [pid 6380] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6382] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6382] creat("./file1", 000) = 5 [pid 6381] <... write resumed>) = 1048064 [pid 6382] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6381] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6381] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6382] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6380] <... futex resumed>) = 0 [pid 6380] close(3) = 0 [pid 6380] close(4) = 0 [pid 6380] close(5) = 0 [pid 6380] close(6) = -1 EBADF (Bad file descriptor) [pid 6380] close(7) = -1 EBADF (Bad file descriptor) [pid 6380] close(8) = -1 EBADF (Bad file descriptor) [pid 6380] close(9) = -1 EBADF (Bad file descriptor) [pid 6380] close(10) = -1 EBADF (Bad file descriptor) [pid 6380] close(11) = -1 EBADF (Bad file descriptor) [pid 6380] close(12) = -1 EBADF (Bad file descriptor) [pid 6380] close(13) = -1 EBADF (Bad file descriptor) [pid 6380] close(14) = -1 EBADF (Bad file descriptor) [pid 6380] close(15) = -1 EBADF (Bad file descriptor) [pid 6380] close(16) = -1 EBADF (Bad file descriptor) [pid 6380] close(17) = -1 EBADF (Bad file descriptor) [pid 6380] close(18) = -1 EBADF (Bad file descriptor) [pid 6380] close(19) = -1 EBADF (Bad file descriptor) [pid 6380] close(20) = -1 EBADF (Bad file descriptor) [pid 6380] close(21) = -1 EBADF (Bad file descriptor) [pid 6380] close(22) = -1 EBADF (Bad file descriptor) [pid 6380] close(23) = -1 EBADF (Bad file descriptor) [pid 6380] close(24) = -1 EBADF (Bad file descriptor) [pid 6380] close(25) = -1 EBADF (Bad file descriptor) [pid 6380] close(26) = -1 EBADF (Bad file descriptor) [pid 6380] close(27) = -1 EBADF (Bad file descriptor) [pid 6380] close(28) = -1 EBADF (Bad file descriptor) [pid 6380] close(29) = -1 EBADF (Bad file descriptor) [pid 6380] exit_group(0) = ? [pid 6382] <... futex resumed>) = ? [pid 6381] <... futex resumed>) = ? [pid 6381] +++ exited with 0 +++ [pid 6382] +++ exited with 0 +++ [pid 6380] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1304, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./434", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./434", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./434/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./434/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./434/cgroup.cpu") = 0 [pid 5063] umount2("./434/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./434/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./434/binderfs") = 0 [pid 5063] umount2("./434/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./434/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./434/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./434/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./434/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./434/file0") = 0 [pid 5063] umount2("./434/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./434/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./434/cgroup") = 0 [pid 5063] umount2("./434/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./434/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./434/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./434") = 0 [pid 5063] mkdir("./435", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6383 attached [pid 6383] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1307 [pid 6383] <... set_robust_list resumed>) = 0 [pid 6383] chdir("./435") = 0 [pid 6383] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6383] setpgid(0, 0) = 0 [pid 6383] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6383] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6383] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6383] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6383] write(3, "1000", 4) = 4 [pid 6383] close(3) = 0 [pid 6383] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6383] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6383] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6383] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6383] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6383] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6383] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6383] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6384 attached => {parent_tid=[1308]}, 88) = 1308 [pid 6384] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6383] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6383] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6383] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6384] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6384] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6384] memfd_create("syzkaller", 0) = 3 [pid 6384] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6384] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6384] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6384] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6384] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6384] close(3) = 0 [pid 6384] mkdir("./file0", 0777) = 0 [pid 6384] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6384] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6384] chdir("./file0") = 0 [pid 6384] ioctl(4, LOOP_CLR_FD) = 0 [pid 6384] close(4) = 0 [pid 6384] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6384] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6383] <... futex resumed>) = 0 [pid 6383] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6384] <... futex resumed>) = 0 [pid 6383] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6384] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6384] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 308.491109][ T6384] loop0: detected capacity change from 0 to 4096 [ 308.515695][ T6384] ntfs: volume version 3.1. [pid 6384] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6383] <... futex resumed>) = 0 [pid 6383] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6384] <... futex resumed>) = 0 [pid 6383] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6384] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6383] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6383] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6383] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6383] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6383] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6383] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6385 attached [pid 6385] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6383] <... clone3 resumed> => {parent_tid=[1309]}, 88) = 1309 [pid 6385] <... rseq resumed>) = 0 [pid 6383] rt_sigprocmask(SIG_SETMASK, [], [pid 6385] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6385] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6383] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6385] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6383] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6385] <... futex resumed>) = 0 [pid 6383] <... futex resumed>) = 1 [pid 6385] creat("./file1", 000 [pid 6383] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6385] <... creat resumed>) = 5 [pid 6385] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6384] <... write resumed>) = 1048064 [pid 6385] <... futex resumed>) = 1 [pid 6383] <... futex resumed>) = 0 [pid 6384] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6383] close(3 [pid 6385] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6384] <... futex resumed>) = 0 [pid 6383] <... close resumed>) = 0 [pid 6384] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6383] close(4) = 0 [pid 6383] close(5) = 0 [pid 6383] close(6) = -1 EBADF (Bad file descriptor) [pid 6383] close(7) = -1 EBADF (Bad file descriptor) [pid 6383] close(8) = -1 EBADF (Bad file descriptor) [pid 6383] close(9) = -1 EBADF (Bad file descriptor) [pid 6383] close(10) = -1 EBADF (Bad file descriptor) [pid 6383] close(11) = -1 EBADF (Bad file descriptor) [pid 6383] close(12) = -1 EBADF (Bad file descriptor) [pid 6383] close(13) = -1 EBADF (Bad file descriptor) [pid 6383] close(14) = -1 EBADF (Bad file descriptor) [pid 6383] close(15) = -1 EBADF (Bad file descriptor) [pid 6383] close(16) = -1 EBADF (Bad file descriptor) [pid 6383] close(17) = -1 EBADF (Bad file descriptor) [pid 6383] close(18) = -1 EBADF (Bad file descriptor) [pid 6383] close(19) = -1 EBADF (Bad file descriptor) [pid 6383] close(20) = -1 EBADF (Bad file descriptor) [pid 6383] close(21) = -1 EBADF (Bad file descriptor) [pid 6383] close(22) = -1 EBADF (Bad file descriptor) [pid 6383] close(23) = -1 EBADF (Bad file descriptor) [pid 6383] close(24) = -1 EBADF (Bad file descriptor) [pid 6383] close(25) = -1 EBADF (Bad file descriptor) [pid 6383] close(26) = -1 EBADF (Bad file descriptor) [pid 6383] close(27) = -1 EBADF (Bad file descriptor) [pid 6383] close(28) = -1 EBADF (Bad file descriptor) [pid 6383] close(29) = -1 EBADF (Bad file descriptor) [pid 6383] exit_group(0 [pid 6384] <... futex resumed>) = ? [pid 6383] <... exit_group resumed>) = ? [pid 6385] <... futex resumed>) = ? [pid 6384] +++ exited with 0 +++ [pid 6385] +++ exited with 0 +++ [pid 6383] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1307, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./435", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./435", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./435/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./435/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./435/cgroup.cpu") = 0 [pid 5063] umount2("./435/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./435/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./435/binderfs") = 0 [pid 5063] umount2("./435/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./435/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./435/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./435/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./435/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./435/file0") = 0 [pid 5063] umount2("./435/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./435/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./435/cgroup") = 0 [pid 5063] umount2("./435/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./435/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./435/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./435") = 0 [pid 5063] mkdir("./436", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6386 attached [pid 6386] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1310 [pid 6386] <... set_robust_list resumed>) = 0 [pid 6386] chdir("./436") = 0 [pid 6386] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6386] setpgid(0, 0) = 0 [pid 6386] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6386] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6386] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6386] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6386] write(3, "1000", 4) = 4 [pid 6386] close(3) = 0 [pid 6386] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6386] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6386] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6386] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6386] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6386] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6386] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6386] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6387 attached => {parent_tid=[1311]}, 88) = 1311 [pid 6387] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6386] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6386] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6386] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6387] <... rseq resumed>) = 0 [pid 6387] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6387] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6387] memfd_create("syzkaller", 0) = 3 [pid 6387] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6387] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6387] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6387] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6387] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6387] close(3) = 0 [pid 6387] mkdir("./file0", 0777) = 0 [ 309.096827][ T6387] loop0: detected capacity change from 0 to 4096 [ 309.121315][ T6387] __ntfs_warning: 170 callbacks suppressed [ 309.121324][ T6387] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 309.148002][ T6387] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 309.157472][ T6387] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 309.173905][ T6387] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 309.182664][ T6387] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 309.202733][ T6387] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 309.211469][ T6387] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 309.231647][ T6387] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6387] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6387] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6387] chdir("./file0") = 0 [pid 6387] ioctl(4, LOOP_CLR_FD) = 0 [pid 6387] close(4) = 0 [pid 6387] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6386] <... futex resumed>) = 0 [pid 6387] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6386] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6387] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6387] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6386] <... futex resumed>) = 0 [pid 6386] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6387] <... openat resumed>) = 4 [pid 6387] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6386] <... futex resumed>) = 0 [pid 6387] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6386] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6387] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6386] <... futex resumed>) = 0 [pid 6387] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 309.240427][ T6387] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 309.260452][ T6387] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 309.271430][ T6387] ntfs: volume version 3.1. [pid 6386] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6386] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6386] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6386] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6386] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6386] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6388 attached [pid 6388] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6386] <... clone3 resumed> => {parent_tid=[1312]}, 88) = 1312 [pid 6388] <... rseq resumed>) = 0 [pid 6386] rt_sigprocmask(SIG_SETMASK, [], [pid 6388] set_robust_list(0x7eff0a3299a0, 24 [pid 6386] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6388] <... set_robust_list resumed>) = 0 [pid 6386] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6388] rt_sigprocmask(SIG_SETMASK, [], [pid 6386] <... futex resumed>) = 0 [pid 6388] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6388] creat("./file1", 000 [pid 6386] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6388] <... creat resumed>) = 5 [pid 6387] <... write resumed>) = 1048064 [pid 6388] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6387] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6388] <... futex resumed>) = 1 [pid 6388] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6386] <... futex resumed>) = 0 [pid 6386] close(3 [pid 6387] <... futex resumed>) = 0 [pid 6386] <... close resumed>) = 0 [pid 6387] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6386] close(4) = 0 [pid 6386] close(5) = 0 [pid 6386] close(6) = -1 EBADF (Bad file descriptor) [pid 6386] close(7) = -1 EBADF (Bad file descriptor) [pid 6386] close(8) = -1 EBADF (Bad file descriptor) [pid 6386] close(9) = -1 EBADF (Bad file descriptor) [pid 6386] close(10) = -1 EBADF (Bad file descriptor) [pid 6386] close(11) = -1 EBADF (Bad file descriptor) [pid 6386] close(12) = -1 EBADF (Bad file descriptor) [pid 6386] close(13) = -1 EBADF (Bad file descriptor) [pid 6386] close(14) = -1 EBADF (Bad file descriptor) [pid 6386] close(15) = -1 EBADF (Bad file descriptor) [pid 6386] close(16) = -1 EBADF (Bad file descriptor) [pid 6386] close(17) = -1 EBADF (Bad file descriptor) [pid 6386] close(18) = -1 EBADF (Bad file descriptor) [pid 6386] close(19) = -1 EBADF (Bad file descriptor) [pid 6386] close(20) = -1 EBADF (Bad file descriptor) [pid 6386] close(21) = -1 EBADF (Bad file descriptor) [pid 6386] close(22) = -1 EBADF (Bad file descriptor) [pid 6386] close(23) = -1 EBADF (Bad file descriptor) [pid 6386] close(24) = -1 EBADF (Bad file descriptor) [pid 6386] close(25) = -1 EBADF (Bad file descriptor) [pid 6386] close(26) = -1 EBADF (Bad file descriptor) [pid 6386] close(27) = -1 EBADF (Bad file descriptor) [pid 6386] close(28) = -1 EBADF (Bad file descriptor) [pid 6386] close(29) = -1 EBADF (Bad file descriptor) [pid 6386] exit_group(0 [pid 6388] <... futex resumed>) = ? [pid 6386] <... exit_group resumed>) = ? [pid 6388] +++ exited with 0 +++ [pid 6387] <... futex resumed>) = ? [pid 6387] +++ exited with 0 +++ [pid 6386] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1310, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./436", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./436", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./436/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./436/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./436/cgroup.cpu") = 0 [pid 5063] umount2("./436/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./436/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./436/binderfs") = 0 [pid 5063] umount2("./436/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./436/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./436/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./436/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./436/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./436/file0") = 0 [pid 5063] umount2("./436/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./436/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./436/cgroup") = 0 [pid 5063] umount2("./436/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./436/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./436/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./436") = 0 [pid 5063] mkdir("./437", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6389 attached , child_tidptr=0x5555560b8690) = 1313 [pid 6389] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6389] chdir("./437") = 0 [pid 6389] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6389] setpgid(0, 0) = 0 [pid 6389] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6389] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6389] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6389] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6389] write(3, "1000", 4) = 4 [pid 6389] close(3) = 0 [pid 6389] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6389] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6389] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6389] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6389] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6389] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6389] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6390 attached => {parent_tid=[1314]}, 88) = 1314 [pid 6390] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6389] rt_sigprocmask(SIG_SETMASK, [], [pid 6390] <... rseq resumed>) = 0 [pid 6390] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6389] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6390] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6390] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6389] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6389] <... futex resumed>) = 0 [pid 6390] memfd_create("syzkaller", 0 [pid 6389] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6390] <... memfd_create resumed>) = 3 [pid 6390] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6390] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6390] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6390] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6390] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6390] close(3) = 0 [pid 6390] mkdir("./file0", 0777) = 0 [pid 6390] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6390] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6390] chdir("./file0") = 0 [pid 6390] ioctl(4, LOOP_CLR_FD) = 0 [pid 6390] close(4) = 0 [pid 6390] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6390] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6389] <... futex resumed>) = 0 [pid 6389] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6390] <... futex resumed>) = 0 [pid 6389] <... futex resumed>) = 1 [pid 6390] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6389] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6390] <... openat resumed>) = 4 [pid 6390] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 309.825362][ T6390] loop0: detected capacity change from 0 to 4096 [ 309.850338][ T6390] ntfs: volume version 3.1. [pid 6390] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6389] <... futex resumed>) = 0 [pid 6390] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6389] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6390] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6389] <... futex resumed>) = 0 [pid 6389] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6389] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6389] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6389] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6389] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6389] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6391 attached [pid 6391] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6389] <... clone3 resumed> => {parent_tid=[1315]}, 88) = 1315 [pid 6391] <... rseq resumed>) = 0 [pid 6389] rt_sigprocmask(SIG_SETMASK, [], [pid 6391] set_robust_list(0x7eff0a3299a0, 24 [pid 6389] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6391] <... set_robust_list resumed>) = 0 [pid 6389] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6391] rt_sigprocmask(SIG_SETMASK, [], [pid 6389] <... futex resumed>) = 0 [pid 6391] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6391] creat("./file1", 000 [pid 6389] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6391] <... creat resumed>) = 5 [pid 6390] <... write resumed>) = 1048064 [pid 6391] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6390] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6391] <... futex resumed>) = 1 [pid 6389] <... futex resumed>) = 0 [pid 6390] <... futex resumed>) = 0 [pid 6391] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6390] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6389] close(3) = 0 [pid 6389] close(4) = 0 [pid 6389] close(5) = 0 [pid 6389] close(6) = -1 EBADF (Bad file descriptor) [pid 6389] close(7) = -1 EBADF (Bad file descriptor) [pid 6389] close(8) = -1 EBADF (Bad file descriptor) [pid 6389] close(9) = -1 EBADF (Bad file descriptor) [pid 6389] close(10) = -1 EBADF (Bad file descriptor) [pid 6389] close(11) = -1 EBADF (Bad file descriptor) [pid 6389] close(12) = -1 EBADF (Bad file descriptor) [pid 6389] close(13) = -1 EBADF (Bad file descriptor) [pid 6389] close(14) = -1 EBADF (Bad file descriptor) [pid 6389] close(15) = -1 EBADF (Bad file descriptor) [pid 6389] close(16) = -1 EBADF (Bad file descriptor) [pid 6389] close(17) = -1 EBADF (Bad file descriptor) [pid 6389] close(18) = -1 EBADF (Bad file descriptor) [pid 6389] close(19) = -1 EBADF (Bad file descriptor) [pid 6389] close(20) = -1 EBADF (Bad file descriptor) [pid 6389] close(21) = -1 EBADF (Bad file descriptor) [pid 6389] close(22) = -1 EBADF (Bad file descriptor) [pid 6389] close(23) = -1 EBADF (Bad file descriptor) [pid 6389] close(24) = -1 EBADF (Bad file descriptor) [pid 6389] close(25) = -1 EBADF (Bad file descriptor) [pid 6389] close(26) = -1 EBADF (Bad file descriptor) [pid 6389] close(27) = -1 EBADF (Bad file descriptor) [pid 6389] close(28) = -1 EBADF (Bad file descriptor) [pid 6389] close(29) = -1 EBADF (Bad file descriptor) [pid 6389] exit_group(0 [pid 6390] <... futex resumed>) = ? [pid 6389] <... exit_group resumed>) = ? [pid 6391] <... futex resumed>) = ? [pid 6390] +++ exited with 0 +++ [pid 6391] +++ exited with 0 +++ [pid 6389] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1313, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./437", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./437", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./437/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./437/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./437/cgroup.cpu") = 0 [pid 5063] umount2("./437/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./437/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./437/binderfs") = 0 [pid 5063] umount2("./437/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./437/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./437/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./437/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./437/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./437/file0") = 0 [pid 5063] umount2("./437/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./437/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./437/cgroup") = 0 [pid 5063] umount2("./437/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./437/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./437/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./437") = 0 [pid 5063] mkdir("./438", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6392 attached [pid 6392] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1316 [pid 6392] chdir("./438") = 0 [pid 6392] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6392] setpgid(0, 0) = 0 [pid 6392] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6392] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6392] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6392] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6392] write(3, "1000", 4) = 4 [pid 6392] close(3) = 0 [pid 6392] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6392] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6392] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6392] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6392] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6392] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6392] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6392] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6393 attached => {parent_tid=[1317]}, 88) = 1317 [pid 6393] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6392] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6392] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6392] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6393] <... rseq resumed>) = 0 [pid 6393] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6393] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6393] memfd_create("syzkaller", 0) = 3 [pid 6393] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6393] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6393] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6393] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6393] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6393] close(3) = 0 [pid 6393] mkdir("./file0", 0777) = 0 [pid 6393] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6393] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6393] chdir("./file0") = 0 [pid 6393] ioctl(4, LOOP_CLR_FD) = 0 [pid 6393] close(4) = 0 [ 310.423840][ T6393] loop0: detected capacity change from 0 to 4096 [ 310.439331][ T6393] ntfs: volume version 3.1. [pid 6393] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6392] <... futex resumed>) = 0 [pid 6393] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6392] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6393] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6392] <... futex resumed>) = 0 [pid 6393] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6392] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6393] <... openat resumed>) = 4 [pid 6393] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6392] <... futex resumed>) = 0 [pid 6393] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6392] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6392] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6392] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6392] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6392] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6392] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6392] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6394 attached [pid 6394] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6392] <... clone3 resumed> => {parent_tid=[1318]}, 88) = 1318 [pid 6394] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6394] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6394] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6392] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6392] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6394] <... futex resumed>) = 0 [pid 6392] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6394] creat("./file1", 000) = 5 [pid 6393] <... write resumed>) = 1048064 [pid 6394] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6392] <... futex resumed>) = 0 [pid 6394] <... futex resumed>) = 1 [pid 6393] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6394] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6393] <... futex resumed>) = 0 [pid 6392] close(3 [pid 6393] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6392] <... close resumed>) = 0 [pid 6392] close(4) = 0 [pid 6392] close(5) = 0 [pid 6392] close(6) = -1 EBADF (Bad file descriptor) [pid 6392] close(7) = -1 EBADF (Bad file descriptor) [pid 6392] close(8) = -1 EBADF (Bad file descriptor) [pid 6392] close(9) = -1 EBADF (Bad file descriptor) [pid 6392] close(10) = -1 EBADF (Bad file descriptor) [pid 6392] close(11) = -1 EBADF (Bad file descriptor) [pid 6392] close(12) = -1 EBADF (Bad file descriptor) [pid 6392] close(13) = -1 EBADF (Bad file descriptor) [pid 6392] close(14) = -1 EBADF (Bad file descriptor) [pid 6392] close(15) = -1 EBADF (Bad file descriptor) [pid 6392] close(16) = -1 EBADF (Bad file descriptor) [pid 6392] close(17) = -1 EBADF (Bad file descriptor) [pid 6392] close(18) = -1 EBADF (Bad file descriptor) [pid 6392] close(19) = -1 EBADF (Bad file descriptor) [pid 6392] close(20) = -1 EBADF (Bad file descriptor) [pid 6392] close(21) = -1 EBADF (Bad file descriptor) [pid 6392] close(22) = -1 EBADF (Bad file descriptor) [pid 6392] close(23) = -1 EBADF (Bad file descriptor) [pid 6392] close(24) = -1 EBADF (Bad file descriptor) [pid 6392] close(25) = -1 EBADF (Bad file descriptor) [pid 6392] close(26) = -1 EBADF (Bad file descriptor) [pid 6392] close(27) = -1 EBADF (Bad file descriptor) [pid 6392] close(28) = -1 EBADF (Bad file descriptor) [pid 6392] close(29) = -1 EBADF (Bad file descriptor) [pid 6392] exit_group(0 [pid 6393] <... futex resumed>) = ? [pid 6394] <... futex resumed>) = ? [pid 6393] +++ exited with 0 +++ [pid 6392] <... exit_group resumed>) = ? [pid 6394] +++ exited with 0 +++ [pid 6392] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1316, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./438", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./438", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./438/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./438/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./438/cgroup.cpu") = 0 [pid 5063] umount2("./438/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./438/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./438/binderfs") = 0 [pid 5063] umount2("./438/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./438/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./438/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./438/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./438/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./438/file0") = 0 [pid 5063] umount2("./438/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./438/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./438/cgroup") = 0 [pid 5063] umount2("./438/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./438/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./438/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./438") = 0 [pid 5063] mkdir("./439", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6395 attached , child_tidptr=0x5555560b8690) = 1319 [pid 6395] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6395] chdir("./439") = 0 [pid 6395] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6395] setpgid(0, 0) = 0 [pid 6395] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6395] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6395] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6395] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6395] write(3, "1000", 4) = 4 [pid 6395] close(3) = 0 [pid 6395] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6395] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6395] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6395] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6395] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6395] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6395] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6395] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[1320]}, 88) = 1320 ./strace-static-x86_64: Process 6396 attached [pid 6395] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6395] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6395] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6396] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6396] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6396] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6396] memfd_create("syzkaller", 0) = 3 [pid 6396] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6396] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6396] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6396] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6396] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6396] close(3) = 0 [pid 6396] mkdir("./file0", 0777) = 0 [pid 6396] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6396] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6396] chdir("./file0") = 0 [pid 6396] ioctl(4, LOOP_CLR_FD) = 0 [pid 6396] close(4) = 0 [pid 6396] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6395] <... futex resumed>) = 0 [pid 6396] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6395] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6396] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6395] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6396] <... openat resumed>) = 4 [pid 6396] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6395] <... futex resumed>) = 0 [pid 6396] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6395] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6396] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6395] <... futex resumed>) = 0 [pid 6396] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 310.996507][ T6396] loop0: detected capacity change from 0 to 4096 [ 311.011470][ T6396] ntfs: volume version 3.1. [pid 6395] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6395] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6395] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6395] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6395] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6395] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6397 attached [pid 6397] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6395] <... clone3 resumed> => {parent_tid=[1321]}, 88) = 1321 [pid 6397] <... rseq resumed>) = 0 [pid 6395] rt_sigprocmask(SIG_SETMASK, [], [pid 6397] set_robust_list(0x7eff0a3299a0, 24 [pid 6395] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6397] <... set_robust_list resumed>) = 0 [pid 6397] rt_sigprocmask(SIG_SETMASK, [], [pid 6395] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6397] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6395] <... futex resumed>) = 0 [pid 6397] creat("./file1", 000 [pid 6395] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6397] <... creat resumed>) = 5 [pid 6397] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6396] <... write resumed>) = 1048064 [pid 6395] <... futex resumed>) = 0 [pid 6397] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6396] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6396] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6395] close(3) = 0 [pid 6395] close(4) = 0 [pid 6395] close(5) = 0 [pid 6395] close(6) = -1 EBADF (Bad file descriptor) [pid 6395] close(7) = -1 EBADF (Bad file descriptor) [pid 6395] close(8) = -1 EBADF (Bad file descriptor) [pid 6395] close(9) = -1 EBADF (Bad file descriptor) [pid 6395] close(10) = -1 EBADF (Bad file descriptor) [pid 6395] close(11) = -1 EBADF (Bad file descriptor) [pid 6395] close(12) = -1 EBADF (Bad file descriptor) [pid 6395] close(13) = -1 EBADF (Bad file descriptor) [pid 6395] close(14) = -1 EBADF (Bad file descriptor) [pid 6395] close(15) = -1 EBADF (Bad file descriptor) [pid 6395] close(16) = -1 EBADF (Bad file descriptor) [pid 6395] close(17) = -1 EBADF (Bad file descriptor) [pid 6395] close(18) = -1 EBADF (Bad file descriptor) [pid 6395] close(19) = -1 EBADF (Bad file descriptor) [pid 6395] close(20) = -1 EBADF (Bad file descriptor) [pid 6395] close(21) = -1 EBADF (Bad file descriptor) [pid 6395] close(22) = -1 EBADF (Bad file descriptor) [pid 6395] close(23) = -1 EBADF (Bad file descriptor) [pid 6395] close(24) = -1 EBADF (Bad file descriptor) [pid 6395] close(25) = -1 EBADF (Bad file descriptor) [pid 6395] close(26) = -1 EBADF (Bad file descriptor) [pid 6395] close(27) = -1 EBADF (Bad file descriptor) [pid 6395] close(28) = -1 EBADF (Bad file descriptor) [pid 6395] close(29) = -1 EBADF (Bad file descriptor) [pid 6395] exit_group(0 [pid 6397] <... futex resumed>) = ? [pid 6396] <... futex resumed>) = ? [pid 6397] +++ exited with 0 +++ [pid 6395] <... exit_group resumed>) = ? [pid 6396] +++ exited with 0 +++ [pid 6395] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1319, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./439", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./439", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./439/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./439/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./439/cgroup.cpu") = 0 [pid 5063] umount2("./439/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./439/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./439/binderfs") = 0 [pid 5063] umount2("./439/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./439/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./439/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./439/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./439/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./439/file0") = 0 [pid 5063] umount2("./439/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./439/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./439/cgroup") = 0 [pid 5063] umount2("./439/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./439/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./439/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./439") = 0 [pid 5063] mkdir("./440", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6398 attached , child_tidptr=0x5555560b8690) = 1322 [pid 6398] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6398] chdir("./440") = 0 [pid 6398] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6398] setpgid(0, 0) = 0 [pid 6398] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6398] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6398] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6398] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6398] write(3, "1000", 4) = 4 [pid 6398] close(3) = 0 [pid 6398] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6398] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6398] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6398] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6398] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6398] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6398] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6399 attached => {parent_tid=[1323]}, 88) = 1323 [pid 6399] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6398] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6398] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6398] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6399] <... rseq resumed>) = 0 [pid 6399] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6399] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6399] memfd_create("syzkaller", 0) = 3 [pid 6399] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6399] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6399] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6399] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6399] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6399] close(3) = 0 [pid 6399] mkdir("./file0", 0777) = 0 [pid 6399] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6399] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6399] chdir("./file0") = 0 [pid 6399] ioctl(4, LOOP_CLR_FD) = 0 [pid 6399] close(4) = 0 [pid 6399] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6398] <... futex resumed>) = 0 [ 311.526536][ T6399] loop0: detected capacity change from 0 to 4096 [ 311.546661][ T6399] ntfs: volume version 3.1. [pid 6398] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6399] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6398] <... futex resumed>) = 0 [pid 6398] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6399] <... openat resumed>) = 4 [pid 6399] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6398] <... futex resumed>) = 0 [pid 6399] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6398] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6399] <... futex resumed>) = 0 [pid 6398] <... futex resumed>) = 1 [pid 6399] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6398] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6398] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6398] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6398] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6398] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6398] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6400 attached [pid 6400] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6398] <... clone3 resumed> => {parent_tid=[1324]}, 88) = 1324 [pid 6400] <... rseq resumed>) = 0 [pid 6398] rt_sigprocmask(SIG_SETMASK, [], [pid 6400] set_robust_list(0x7eff0a3299a0, 24 [pid 6398] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6400] <... set_robust_list resumed>) = 0 [pid 6398] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6400] rt_sigprocmask(SIG_SETMASK, [], [pid 6398] <... futex resumed>) = 0 [pid 6400] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6398] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6400] creat("./file1", 000) = 5 [pid 6399] <... write resumed>) = 1048064 [pid 6400] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6399] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6400] <... futex resumed>) = 1 [pid 6399] <... futex resumed>) = 0 [pid 6400] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6398] <... futex resumed>) = 0 [pid 6399] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6398] close(3) = 0 [pid 6398] close(4) = 0 [pid 6398] close(5) = 0 [pid 6398] close(6) = -1 EBADF (Bad file descriptor) [pid 6398] close(7) = -1 EBADF (Bad file descriptor) [pid 6398] close(8) = -1 EBADF (Bad file descriptor) [pid 6398] close(9) = -1 EBADF (Bad file descriptor) [pid 6398] close(10) = -1 EBADF (Bad file descriptor) [pid 6398] close(11) = -1 EBADF (Bad file descriptor) [pid 6398] close(12) = -1 EBADF (Bad file descriptor) [pid 6398] close(13) = -1 EBADF (Bad file descriptor) [pid 6398] close(14) = -1 EBADF (Bad file descriptor) [pid 6398] close(15) = -1 EBADF (Bad file descriptor) [pid 6398] close(16) = -1 EBADF (Bad file descriptor) [pid 6398] close(17) = -1 EBADF (Bad file descriptor) [pid 6398] close(18) = -1 EBADF (Bad file descriptor) [pid 6398] close(19) = -1 EBADF (Bad file descriptor) [pid 6398] close(20) = -1 EBADF (Bad file descriptor) [pid 6398] close(21) = -1 EBADF (Bad file descriptor) [pid 6398] close(22) = -1 EBADF (Bad file descriptor) [pid 6398] close(23) = -1 EBADF (Bad file descriptor) [pid 6398] close(24) = -1 EBADF (Bad file descriptor) [pid 6398] close(25) = -1 EBADF (Bad file descriptor) [pid 6398] close(26) = -1 EBADF (Bad file descriptor) [pid 6398] close(27) = -1 EBADF (Bad file descriptor) [pid 6398] close(28) = -1 EBADF (Bad file descriptor) [pid 6398] close(29) = -1 EBADF (Bad file descriptor) [pid 6398] exit_group(0) = ? [pid 6400] <... futex resumed>) = ? [pid 6400] +++ exited with 0 +++ [pid 6399] <... futex resumed>) = ? [pid 6399] +++ exited with 0 +++ [pid 6398] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1322, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./440", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./440", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./440/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./440/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./440/cgroup.cpu") = 0 [pid 5063] umount2("./440/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./440/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./440/binderfs") = 0 [pid 5063] umount2("./440/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./440/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./440/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./440/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./440/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./440/file0") = 0 [pid 5063] umount2("./440/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./440/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./440/cgroup") = 0 [pid 5063] umount2("./440/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./440/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./440/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./440") = 0 [pid 5063] mkdir("./441", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6401 attached , child_tidptr=0x5555560b8690) = 1325 [pid 6401] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6401] chdir("./441") = 0 [pid 6401] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6401] setpgid(0, 0) = 0 [pid 6401] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6401] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6401] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6401] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6401] write(3, "1000", 4) = 4 [pid 6401] close(3) = 0 [pid 6401] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6401] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6401] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6401] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6401] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6401] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6401] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6401] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6402 attached [pid 6402] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6401] <... clone3 resumed> => {parent_tid=[1326]}, 88) = 1326 [pid 6402] <... rseq resumed>) = 0 [pid 6401] rt_sigprocmask(SIG_SETMASK, [], [pid 6402] set_robust_list(0x7eff0a34a9a0, 24 [pid 6401] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6402] <... set_robust_list resumed>) = 0 [pid 6401] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6402] rt_sigprocmask(SIG_SETMASK, [], [pid 6401] <... futex resumed>) = 0 [pid 6402] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6401] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6402] memfd_create("syzkaller", 0) = 3 [pid 6402] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6402] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6402] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6402] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6402] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6402] close(3) = 0 [pid 6402] mkdir("./file0", 0777) = 0 [pid 6402] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6402] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6402] chdir("./file0") = 0 [pid 6402] ioctl(4, LOOP_CLR_FD) = 0 [pid 6402] close(4) = 0 [pid 6402] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6401] <... futex resumed>) = 0 [pid 6402] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6401] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6402] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6401] <... futex resumed>) = 0 [pid 6401] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6402] <... openat resumed>) = 4 [pid 6402] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6401] <... futex resumed>) = 0 [pid 6402] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6401] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6402] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6401] <... futex resumed>) = 0 [pid 6402] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 312.076340][ T6402] loop0: detected capacity change from 0 to 4096 [ 312.097101][ T6402] ntfs: volume version 3.1. [pid 6401] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6401] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6401] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6401] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6401] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6401] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6403 attached => {parent_tid=[1327]}, 88) = 1327 [pid 6403] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6401] rt_sigprocmask(SIG_SETMASK, [], [pid 6403] <... rseq resumed>) = 0 [pid 6401] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6401] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6403] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6403] rt_sigprocmask(SIG_SETMASK, [], [pid 6401] <... futex resumed>) = 0 [pid 6403] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6403] creat("./file1", 000 [pid 6401] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6403] <... creat resumed>) = 5 [pid 6403] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6402] <... write resumed>) = 1048064 [pid 6403] <... futex resumed>) = 1 [pid 6402] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6401] <... futex resumed>) = 0 [pid 6403] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6402] <... futex resumed>) = 0 [pid 6401] close(3 [pid 6402] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6401] <... close resumed>) = 0 [pid 6401] close(4) = 0 [pid 6401] close(5) = 0 [pid 6401] close(6) = -1 EBADF (Bad file descriptor) [pid 6401] close(7) = -1 EBADF (Bad file descriptor) [pid 6401] close(8) = -1 EBADF (Bad file descriptor) [pid 6401] close(9) = -1 EBADF (Bad file descriptor) [pid 6401] close(10) = -1 EBADF (Bad file descriptor) [pid 6401] close(11) = -1 EBADF (Bad file descriptor) [pid 6401] close(12) = -1 EBADF (Bad file descriptor) [pid 6401] close(13) = -1 EBADF (Bad file descriptor) [pid 6401] close(14) = -1 EBADF (Bad file descriptor) [pid 6401] close(15) = -1 EBADF (Bad file descriptor) [pid 6401] close(16) = -1 EBADF (Bad file descriptor) [pid 6401] close(17) = -1 EBADF (Bad file descriptor) [pid 6401] close(18) = -1 EBADF (Bad file descriptor) [pid 6401] close(19) = -1 EBADF (Bad file descriptor) [pid 6401] close(20) = -1 EBADF (Bad file descriptor) [pid 6401] close(21) = -1 EBADF (Bad file descriptor) [pid 6401] close(22) = -1 EBADF (Bad file descriptor) [pid 6401] close(23) = -1 EBADF (Bad file descriptor) [pid 6401] close(24) = -1 EBADF (Bad file descriptor) [pid 6401] close(25) = -1 EBADF (Bad file descriptor) [pid 6401] close(26) = -1 EBADF (Bad file descriptor) [pid 6401] close(27) = -1 EBADF (Bad file descriptor) [pid 6401] close(28) = -1 EBADF (Bad file descriptor) [pid 6401] close(29) = -1 EBADF (Bad file descriptor) [pid 6401] exit_group(0 [pid 6403] <... futex resumed>) = ? [pid 6402] <... futex resumed>) = ? [pid 6401] <... exit_group resumed>) = ? [pid 6403] +++ exited with 0 +++ [pid 6402] +++ exited with 0 +++ [pid 6401] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1325, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./441", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./441", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./441/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./441/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./441/cgroup.cpu") = 0 [pid 5063] umount2("./441/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./441/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./441/binderfs") = 0 [pid 5063] umount2("./441/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./441/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./441/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./441/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./441/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./441/file0") = 0 [pid 5063] umount2("./441/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./441/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./441/cgroup") = 0 [pid 5063] umount2("./441/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./441/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./441/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./441") = 0 [pid 5063] mkdir("./442", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1328 ./strace-static-x86_64: Process 6404 attached [pid 6404] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6404] chdir("./442") = 0 [pid 6404] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6404] setpgid(0, 0) = 0 [pid 6404] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6404] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6404] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6404] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6404] write(3, "1000", 4) = 4 [pid 6404] close(3) = 0 [pid 6404] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6404] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6404] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6404] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6404] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6404] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6404] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6404] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6405 attached => {parent_tid=[1329]}, 88) = 1329 [pid 6405] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6404] rt_sigprocmask(SIG_SETMASK, [], [pid 6405] set_robust_list(0x7eff0a34a9a0, 24 [pid 6404] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6405] <... set_robust_list resumed>) = 0 [pid 6404] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6404] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6405] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6405] memfd_create("syzkaller", 0) = 3 [pid 6405] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6405] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6405] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6405] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6405] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6405] close(3) = 0 [pid 6405] mkdir("./file0", 0777) = 0 [pid 6405] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6405] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6405] chdir("./file0") = 0 [pid 6405] ioctl(4, LOOP_CLR_FD) = 0 [pid 6405] close(4) = 0 [pid 6405] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6405] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6404] <... futex resumed>) = 0 [pid 6404] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6405] <... futex resumed>) = 0 [pid 6404] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6405] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6405] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6405] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6404] <... futex resumed>) = 0 [pid 6404] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6405] <... futex resumed>) = 0 [pid 6404] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 312.609303][ T6405] loop0: detected capacity change from 0 to 4096 [ 312.641487][ T6405] ntfs: volume version 3.1. [pid 6405] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6404] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6404] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6404] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6404] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6404] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6404] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6406 attached [pid 6406] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6404] <... clone3 resumed> => {parent_tid=[1330]}, 88) = 1330 [pid 6406] set_robust_list(0x7eff0a3299a0, 24 [pid 6404] rt_sigprocmask(SIG_SETMASK, [], [pid 6406] <... set_robust_list resumed>) = 0 [pid 6404] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6406] rt_sigprocmask(SIG_SETMASK, [], [pid 6404] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6406] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6404] <... futex resumed>) = 0 [pid 6406] creat("./file1", 000 [pid 6404] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6406] <... creat resumed>) = 5 [pid 6405] <... write resumed>) = 1048064 [pid 6406] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6405] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6406] <... futex resumed>) = 1 [pid 6405] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6404] <... futex resumed>) = 0 [pid 6406] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6404] close(3) = 0 [pid 6404] close(4) = 0 [pid 6404] close(5) = 0 [pid 6404] close(6) = -1 EBADF (Bad file descriptor) [pid 6404] close(7) = -1 EBADF (Bad file descriptor) [pid 6404] close(8) = -1 EBADF (Bad file descriptor) [pid 6404] close(9) = -1 EBADF (Bad file descriptor) [pid 6404] close(10) = -1 EBADF (Bad file descriptor) [pid 6404] close(11) = -1 EBADF (Bad file descriptor) [pid 6404] close(12) = -1 EBADF (Bad file descriptor) [pid 6404] close(13) = -1 EBADF (Bad file descriptor) [pid 6404] close(14) = -1 EBADF (Bad file descriptor) [pid 6404] close(15) = -1 EBADF (Bad file descriptor) [pid 6404] close(16) = -1 EBADF (Bad file descriptor) [pid 6404] close(17) = -1 EBADF (Bad file descriptor) [pid 6404] close(18) = -1 EBADF (Bad file descriptor) [pid 6404] close(19) = -1 EBADF (Bad file descriptor) [pid 6404] close(20) = -1 EBADF (Bad file descriptor) [pid 6404] close(21) = -1 EBADF (Bad file descriptor) [pid 6404] close(22) = -1 EBADF (Bad file descriptor) [pid 6404] close(23) = -1 EBADF (Bad file descriptor) [pid 6404] close(24) = -1 EBADF (Bad file descriptor) [pid 6404] close(25) = -1 EBADF (Bad file descriptor) [pid 6404] close(26) = -1 EBADF (Bad file descriptor) [pid 6404] close(27) = -1 EBADF (Bad file descriptor) [pid 6404] close(28) = -1 EBADF (Bad file descriptor) [pid 6404] close(29) = -1 EBADF (Bad file descriptor) [pid 6404] exit_group(0) = ? [pid 6405] <... futex resumed>) = ? [pid 6406] <... futex resumed>) = ? [pid 6405] +++ exited with 0 +++ [pid 6406] +++ exited with 0 +++ [pid 6404] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1328, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./442", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./442", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./442/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./442/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./442/cgroup.cpu") = 0 [pid 5063] umount2("./442/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./442/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./442/binderfs") = 0 [pid 5063] umount2("./442/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./442/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./442/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./442/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./442/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./442/file0") = 0 [pid 5063] umount2("./442/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./442/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./442/cgroup") = 0 [pid 5063] umount2("./442/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./442/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./442/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./442") = 0 [pid 5063] mkdir("./443", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6407 attached , child_tidptr=0x5555560b8690) = 1331 [pid 6407] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6407] chdir("./443") = 0 [pid 6407] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6407] setpgid(0, 0) = 0 [pid 6407] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6407] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6407] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6407] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6407] write(3, "1000", 4) = 4 [pid 6407] close(3) = 0 [pid 6407] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6407] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6407] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6407] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6407] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6407] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6407] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6407] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6408 attached [pid 6408] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6407] <... clone3 resumed> => {parent_tid=[1332]}, 88) = 1332 [pid 6408] <... rseq resumed>) = 0 [pid 6407] rt_sigprocmask(SIG_SETMASK, [], [pid 6408] set_robust_list(0x7eff0a34a9a0, 24 [pid 6407] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6408] <... set_robust_list resumed>) = 0 [pid 6407] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6408] rt_sigprocmask(SIG_SETMASK, [], [pid 6407] <... futex resumed>) = 0 [pid 6408] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6407] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6408] memfd_create("syzkaller", 0) = 3 [pid 6408] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6408] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6408] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6408] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6408] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6408] close(3) = 0 [pid 6408] mkdir("./file0", 0777) = 0 [pid 6408] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6408] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6408] chdir("./file0") = 0 [pid 6408] ioctl(4, LOOP_CLR_FD) = 0 [pid 6408] close(4) = 0 [pid 6408] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6407] <... futex resumed>) = 0 [pid 6407] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 313.149382][ T6408] loop0: detected capacity change from 0 to 4096 [ 313.169397][ T6408] ntfs: volume version 3.1. [pid 6407] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6408] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6408] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6408] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6407] <... futex resumed>) = 0 [pid 6407] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6407] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6408] <... futex resumed>) = 0 [pid 6408] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6407] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6407] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6407] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6407] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6407] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6407] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6409 attached => {parent_tid=[1333]}, 88) = 1333 [pid 6409] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6407] rt_sigprocmask(SIG_SETMASK, [], [pid 6409] <... rseq resumed>) = 0 [pid 6407] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6409] set_robust_list(0x7eff0a3299a0, 24 [pid 6407] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6409] <... set_robust_list resumed>) = 0 [pid 6407] <... futex resumed>) = 0 [pid 6409] rt_sigprocmask(SIG_SETMASK, [], [pid 6407] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6409] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6409] creat("./file1", 000) = 5 [pid 6409] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6408] <... write resumed>) = 1048064 [pid 6407] <... futex resumed>) = 0 [pid 6409] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6408] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6407] close(3 [pid 6408] <... futex resumed>) = 0 [pid 6408] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6407] <... close resumed>) = 0 [pid 6407] close(4) = 0 [pid 6407] close(5) = 0 [pid 6407] close(6) = -1 EBADF (Bad file descriptor) [pid 6407] close(7) = -1 EBADF (Bad file descriptor) [pid 6407] close(8) = -1 EBADF (Bad file descriptor) [pid 6407] close(9) = -1 EBADF (Bad file descriptor) [pid 6407] close(10) = -1 EBADF (Bad file descriptor) [pid 6407] close(11) = -1 EBADF (Bad file descriptor) [pid 6407] close(12) = -1 EBADF (Bad file descriptor) [pid 6407] close(13) = -1 EBADF (Bad file descriptor) [pid 6407] close(14) = -1 EBADF (Bad file descriptor) [pid 6407] close(15) = -1 EBADF (Bad file descriptor) [pid 6407] close(16) = -1 EBADF (Bad file descriptor) [pid 6407] close(17) = -1 EBADF (Bad file descriptor) [pid 6407] close(18) = -1 EBADF (Bad file descriptor) [pid 6407] close(19) = -1 EBADF (Bad file descriptor) [pid 6407] close(20) = -1 EBADF (Bad file descriptor) [pid 6407] close(21) = -1 EBADF (Bad file descriptor) [pid 6407] close(22) = -1 EBADF (Bad file descriptor) [pid 6407] close(23) = -1 EBADF (Bad file descriptor) [pid 6407] close(24) = -1 EBADF (Bad file descriptor) [pid 6407] close(25) = -1 EBADF (Bad file descriptor) [pid 6407] close(26) = -1 EBADF (Bad file descriptor) [pid 6407] close(27) = -1 EBADF (Bad file descriptor) [pid 6407] close(28) = -1 EBADF (Bad file descriptor) [pid 6407] close(29) = -1 EBADF (Bad file descriptor) [pid 6407] exit_group(0 [pid 6409] <... futex resumed>) = ? [pid 6408] <... futex resumed>) = ? [pid 6407] <... exit_group resumed>) = ? [pid 6409] +++ exited with 0 +++ [pid 6408] +++ exited with 0 +++ [pid 6407] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1331, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./443", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./443", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./443/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./443/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./443/cgroup.cpu") = 0 [pid 5063] umount2("./443/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./443/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./443/binderfs") = 0 [pid 5063] umount2("./443/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./443/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./443/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./443/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./443/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./443/file0") = 0 [pid 5063] umount2("./443/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./443/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./443/cgroup") = 0 [pid 5063] umount2("./443/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./443/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./443/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./443") = 0 [pid 5063] mkdir("./444", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6410 attached , child_tidptr=0x5555560b8690) = 1334 [pid 6410] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6410] chdir("./444") = 0 [pid 6410] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6410] setpgid(0, 0) = 0 [pid 6410] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6410] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6410] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6410] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6410] write(3, "1000", 4) = 4 [pid 6410] close(3) = 0 [pid 6410] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6410] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6410] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6410] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6410] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6410] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6410] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0} => {parent_tid=[1335]}, 88) = 1335 ./strace-static-x86_64: Process 6411 attached [pid 6410] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6411] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6410] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6411] <... rseq resumed>) = 0 [pid 6410] <... futex resumed>) = 0 [pid 6410] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6411] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6411] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6411] memfd_create("syzkaller", 0) = 3 [pid 6411] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6411] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6411] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6411] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6411] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6411] close(3) = 0 [pid 6411] mkdir("./file0", 0777) = 0 [pid 6411] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6411] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6411] chdir("./file0") = 0 [pid 6411] ioctl(4, LOOP_CLR_FD) = 0 [pid 6411] close(4) = 0 [pid 6411] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6410] <... futex resumed>) = 0 [pid 6411] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6410] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6411] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6410] <... futex resumed>) = 0 [pid 6410] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6411] <... openat resumed>) = 4 [pid 6411] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6410] <... futex resumed>) = 0 [pid 6411] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6410] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6411] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6410] <... futex resumed>) = 0 [pid 6411] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 313.657909][ T6411] loop0: detected capacity change from 0 to 4096 [ 313.683185][ T6411] ntfs: volume version 3.1. [pid 6410] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6410] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6410] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6410] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6410] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6410] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6412 attached [pid 6412] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6410] <... clone3 resumed> => {parent_tid=[1336]}, 88) = 1336 [pid 6412] <... rseq resumed>) = 0 [pid 6410] rt_sigprocmask(SIG_SETMASK, [], [pid 6412] set_robust_list(0x7eff0a3299a0, 24 [pid 6410] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6410] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6412] <... set_robust_list resumed>) = 0 [pid 6410] <... futex resumed>) = 0 [pid 6412] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6410] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6412] creat("./file1", 000) = 5 [pid 6411] <... write resumed>) = 1048064 [pid 6412] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6411] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6412] <... futex resumed>) = 1 [pid 6411] <... futex resumed>) = 0 [pid 6412] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6410] <... futex resumed>) = 0 [pid 6411] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6410] close(3) = 0 [pid 6410] close(4) = 0 [pid 6410] close(5) = 0 [pid 6410] close(6) = -1 EBADF (Bad file descriptor) [pid 6410] close(7) = -1 EBADF (Bad file descriptor) [pid 6410] close(8) = -1 EBADF (Bad file descriptor) [pid 6410] close(9) = -1 EBADF (Bad file descriptor) [pid 6410] close(10) = -1 EBADF (Bad file descriptor) [pid 6410] close(11) = -1 EBADF (Bad file descriptor) [pid 6410] close(12) = -1 EBADF (Bad file descriptor) [pid 6410] close(13) = -1 EBADF (Bad file descriptor) [pid 6410] close(14) = -1 EBADF (Bad file descriptor) [pid 6410] close(15) = -1 EBADF (Bad file descriptor) [pid 6410] close(16) = -1 EBADF (Bad file descriptor) [pid 6410] close(17) = -1 EBADF (Bad file descriptor) [pid 6410] close(18) = -1 EBADF (Bad file descriptor) [pid 6410] close(19) = -1 EBADF (Bad file descriptor) [pid 6410] close(20) = -1 EBADF (Bad file descriptor) [pid 6410] close(21) = -1 EBADF (Bad file descriptor) [pid 6410] close(22) = -1 EBADF (Bad file descriptor) [pid 6410] close(23) = -1 EBADF (Bad file descriptor) [pid 6410] close(24) = -1 EBADF (Bad file descriptor) [pid 6410] close(25) = -1 EBADF (Bad file descriptor) [pid 6410] close(26) = -1 EBADF (Bad file descriptor) [pid 6410] close(27) = -1 EBADF (Bad file descriptor) [pid 6410] close(28) = -1 EBADF (Bad file descriptor) [pid 6410] close(29) = -1 EBADF (Bad file descriptor) [pid 6410] exit_group(0) = ? [pid 6412] <... futex resumed>) = ? [pid 6411] <... futex resumed>) = ? [pid 6412] +++ exited with 0 +++ [pid 6411] +++ exited with 0 +++ [pid 6410] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1334, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] umount2("./444", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./444", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./444/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./444/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./444/cgroup.cpu") = 0 [pid 5063] umount2("./444/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./444/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./444/binderfs") = 0 [pid 5063] umount2("./444/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./444/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./444/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./444/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./444/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./444/file0") = 0 [pid 5063] umount2("./444/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./444/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./444/cgroup") = 0 [pid 5063] umount2("./444/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./444/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./444/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./444") = 0 [pid 5063] mkdir("./445", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6413 attached , child_tidptr=0x5555560b8690) = 1337 [pid 6413] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6413] chdir("./445") = 0 [pid 6413] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6413] setpgid(0, 0) = 0 [pid 6413] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6413] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6413] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6413] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6413] write(3, "1000", 4) = 4 [pid 6413] close(3) = 0 [pid 6413] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6413] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6413] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6413] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6413] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6413] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6413] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6413] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6414 attached [pid 6414] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6413] <... clone3 resumed> => {parent_tid=[1338]}, 88) = 1338 [pid 6414] <... rseq resumed>) = 0 [pid 6413] rt_sigprocmask(SIG_SETMASK, [], [pid 6414] set_robust_list(0x7eff0a34a9a0, 24 [pid 6413] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6414] <... set_robust_list resumed>) = 0 [pid 6413] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6414] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6413] <... futex resumed>) = 0 [pid 6413] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6414] memfd_create("syzkaller", 0) = 3 [pid 6414] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6414] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6414] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6414] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6414] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6414] close(3) = 0 [pid 6414] mkdir("./file0", 0777) = 0 [ 314.211549][ T6414] loop0: detected capacity change from 0 to 4096 [ 314.227805][ T6414] __ntfs_warning: 170 callbacks suppressed [ 314.227816][ T6414] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 314.254390][ T6414] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 314.263932][ T6414] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 314.280156][ T6414] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 314.288897][ T6414] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 314.308930][ T6414] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 314.317677][ T6414] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 314.337842][ T6414] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6414] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6414] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6414] chdir("./file0") = 0 [pid 6414] ioctl(4, LOOP_CLR_FD) = 0 [pid 6414] close(4) = 0 [pid 6414] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6413] <... futex resumed>) = 0 [pid 6414] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6413] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6414] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6413] <... futex resumed>) = 0 [pid 6414] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6413] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6414] <... openat resumed>) = 4 [pid 6414] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6413] <... futex resumed>) = 0 [pid 6414] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6413] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 314.346695][ T6414] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 314.366760][ T6414] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 314.377163][ T6414] ntfs: volume version 3.1. [pid 6413] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6413] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6413] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6413] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6413] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6413] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6415 attached => {parent_tid=[1339]}, 88) = 1339 [pid 6415] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6413] rt_sigprocmask(SIG_SETMASK, [], [pid 6415] <... rseq resumed>) = 0 [pid 6413] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6415] set_robust_list(0x7eff0a3299a0, 24 [pid 6413] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6415] <... set_robust_list resumed>) = 0 [pid 6413] <... futex resumed>) = 0 [pid 6415] rt_sigprocmask(SIG_SETMASK, [], [pid 6413] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6415] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6415] creat("./file1", 000) = 5 [pid 6414] <... write resumed>) = 1048064 [pid 6415] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6414] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6415] <... futex resumed>) = 1 [pid 6413] <... futex resumed>) = 0 [pid 6415] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6413] close(3 [pid 6414] <... futex resumed>) = 0 [pid 6413] <... close resumed>) = 0 [pid 6414] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6413] close(4) = 0 [pid 6413] close(5) = 0 [pid 6413] close(6) = -1 EBADF (Bad file descriptor) [pid 6413] close(7) = -1 EBADF (Bad file descriptor) [pid 6413] close(8) = -1 EBADF (Bad file descriptor) [pid 6413] close(9) = -1 EBADF (Bad file descriptor) [pid 6413] close(10) = -1 EBADF (Bad file descriptor) [pid 6413] close(11) = -1 EBADF (Bad file descriptor) [pid 6413] close(12) = -1 EBADF (Bad file descriptor) [pid 6413] close(13) = -1 EBADF (Bad file descriptor) [pid 6413] close(14) = -1 EBADF (Bad file descriptor) [pid 6413] close(15) = -1 EBADF (Bad file descriptor) [pid 6413] close(16) = -1 EBADF (Bad file descriptor) [pid 6413] close(17) = -1 EBADF (Bad file descriptor) [pid 6413] close(18) = -1 EBADF (Bad file descriptor) [pid 6413] close(19) = -1 EBADF (Bad file descriptor) [pid 6413] close(20) = -1 EBADF (Bad file descriptor) [pid 6413] close(21) = -1 EBADF (Bad file descriptor) [pid 6413] close(22) = -1 EBADF (Bad file descriptor) [pid 6413] close(23) = -1 EBADF (Bad file descriptor) [pid 6413] close(24) = -1 EBADF (Bad file descriptor) [pid 6413] close(25) = -1 EBADF (Bad file descriptor) [pid 6413] close(26) = -1 EBADF (Bad file descriptor) [pid 6413] close(27) = -1 EBADF (Bad file descriptor) [pid 6413] close(28) = -1 EBADF (Bad file descriptor) [pid 6413] close(29) = -1 EBADF (Bad file descriptor) [pid 6413] exit_group(0 [pid 6415] <... futex resumed>) = ? [pid 6414] <... futex resumed>) = ? [pid 6413] <... exit_group resumed>) = ? [pid 6414] +++ exited with 0 +++ [pid 6415] +++ exited with 0 +++ [pid 6413] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1337, si_uid=0, si_status=0, si_utime=0, si_stime=27 /* 0.27 s */} --- [pid 5063] umount2("./445", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./445", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./445/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./445/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./445/cgroup.cpu") = 0 [pid 5063] umount2("./445/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./445/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./445/binderfs") = 0 [pid 5063] umount2("./445/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./445/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./445/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./445/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./445/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./445/file0") = 0 [pid 5063] umount2("./445/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./445/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./445/cgroup") = 0 [pid 5063] umount2("./445/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./445/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./445/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./445") = 0 [pid 5063] mkdir("./446", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6416 attached [pid 6416] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1340 [pid 6416] <... set_robust_list resumed>) = 0 [pid 6416] chdir("./446") = 0 [pid 6416] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6416] setpgid(0, 0) = 0 [pid 6416] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6416] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6416] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6416] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6416] write(3, "1000", 4) = 4 [pid 6416] close(3) = 0 [pid 6416] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6416] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6416] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6416] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6416] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6416] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6416] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6416] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6417 attached [pid 6417] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6417] set_robust_list(0x7eff0a34a9a0, 24 [pid 6416] <... clone3 resumed> => {parent_tid=[1341]}, 88) = 1341 [pid 6417] <... set_robust_list resumed>) = 0 [pid 6416] rt_sigprocmask(SIG_SETMASK, [], [pid 6417] rt_sigprocmask(SIG_SETMASK, [], [pid 6416] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6417] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6416] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6416] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6417] memfd_create("syzkaller", 0) = 3 [pid 6417] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6417] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6417] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6417] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6417] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6417] close(3) = 0 [pid 6417] mkdir("./file0", 0777) = 0 [pid 6417] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6417] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6417] chdir("./file0") = 0 [pid 6417] ioctl(4, LOOP_CLR_FD) = 0 [pid 6417] close(4) = 0 [pid 6417] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6417] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6416] <... futex resumed>) = 0 [pid 6416] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6417] <... futex resumed>) = 0 [pid 6416] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6417] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [ 314.933912][ T6417] loop0: detected capacity change from 0 to 4096 [ 314.967767][ T6417] ntfs: volume version 3.1. [pid 6417] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6416] <... futex resumed>) = 0 [pid 6417] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6416] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6417] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6417] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6416] <... futex resumed>) = 0 [pid 6416] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6416] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6416] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6416] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6416] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6416] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6418 attached [pid 6418] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6418] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6416] <... clone3 resumed> => {parent_tid=[1342]}, 88) = 1342 [pid 6416] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6418] rt_sigprocmask(SIG_SETMASK, [], [pid 6416] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6418] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6416] <... futex resumed>) = 0 [pid 6418] creat("./file1", 000 [pid 6416] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6418] <... creat resumed>) = 5 [pid 6418] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6417] <... write resumed>) = 1048064 [pid 6416] <... futex resumed>) = 0 [pid 6418] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6417] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6416] close(3) = 0 [pid 6416] close(4 [pid 6417] <... futex resumed>) = 0 [pid 6416] <... close resumed>) = 0 [pid 6417] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6416] close(5) = 0 [pid 6416] close(6) = -1 EBADF (Bad file descriptor) [pid 6416] close(7) = -1 EBADF (Bad file descriptor) [pid 6416] close(8) = -1 EBADF (Bad file descriptor) [pid 6416] close(9) = -1 EBADF (Bad file descriptor) [pid 6416] close(10) = -1 EBADF (Bad file descriptor) [pid 6416] close(11) = -1 EBADF (Bad file descriptor) [pid 6416] close(12) = -1 EBADF (Bad file descriptor) [pid 6416] close(13) = -1 EBADF (Bad file descriptor) [pid 6416] close(14) = -1 EBADF (Bad file descriptor) [pid 6416] close(15) = -1 EBADF (Bad file descriptor) [pid 6416] close(16) = -1 EBADF (Bad file descriptor) [pid 6416] close(17) = -1 EBADF (Bad file descriptor) [pid 6416] close(18) = -1 EBADF (Bad file descriptor) [pid 6416] close(19) = -1 EBADF (Bad file descriptor) [pid 6416] close(20) = -1 EBADF (Bad file descriptor) [pid 6416] close(21) = -1 EBADF (Bad file descriptor) [pid 6416] close(22) = -1 EBADF (Bad file descriptor) [pid 6416] close(23) = -1 EBADF (Bad file descriptor) [pid 6416] close(24) = -1 EBADF (Bad file descriptor) [pid 6416] close(25) = -1 EBADF (Bad file descriptor) [pid 6416] close(26) = -1 EBADF (Bad file descriptor) [pid 6416] close(27) = -1 EBADF (Bad file descriptor) [pid 6416] close(28) = -1 EBADF (Bad file descriptor) [pid 6416] close(29) = -1 EBADF (Bad file descriptor) [pid 6416] exit_group(0) = ? [pid 6418] <... futex resumed>) = ? [pid 6417] <... futex resumed>) = ? [pid 6417] +++ exited with 0 +++ [pid 6418] +++ exited with 0 +++ [pid 6416] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1340, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./446", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./446", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./446/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./446/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./446/cgroup.cpu") = 0 [pid 5063] umount2("./446/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./446/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./446/binderfs") = 0 [pid 5063] umount2("./446/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./446/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./446/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./446/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./446/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./446/file0") = 0 [pid 5063] umount2("./446/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./446/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./446/cgroup") = 0 [pid 5063] umount2("./446/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./446/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./446/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./446") = 0 [pid 5063] mkdir("./447", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6419 attached , child_tidptr=0x5555560b8690) = 1343 [pid 6419] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6419] chdir("./447") = 0 [pid 6419] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6419] setpgid(0, 0) = 0 [pid 6419] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6419] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6419] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6419] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6419] write(3, "1000", 4) = 4 [pid 6419] close(3) = 0 [pid 6419] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6419] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6419] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6419] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6419] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6419] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6419] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6419] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6420 attached [pid 6420] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6419] <... clone3 resumed> => {parent_tid=[1344]}, 88) = 1344 [pid 6420] <... rseq resumed>) = 0 [pid 6419] rt_sigprocmask(SIG_SETMASK, [], [pid 6420] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6419] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6419] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6420] rt_sigprocmask(SIG_SETMASK, [], [pid 6419] <... futex resumed>) = 0 [pid 6420] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6419] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6420] memfd_create("syzkaller", 0) = 3 [pid 6420] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6420] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6420] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6420] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6420] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6420] close(3) = 0 [pid 6420] mkdir("./file0", 0777) = 0 [pid 6420] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6420] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6420] chdir("./file0") = 0 [pid 6420] ioctl(4, LOOP_CLR_FD) = 0 [pid 6420] close(4) = 0 [pid 6420] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6420] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6419] <... futex resumed>) = 0 [pid 6419] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6419] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6420] <... futex resumed>) = 0 [pid 6420] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6420] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6419] <... futex resumed>) = 0 [pid 6420] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6419] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6419] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6420] <... futex resumed>) = 0 [ 315.489588][ T6420] loop0: detected capacity change from 0 to 4096 [ 315.521771][ T6420] ntfs: volume version 3.1. [pid 6420] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6419] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6419] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6419] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6419] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6419] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6419] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6421 attached [pid 6421] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6419] <... clone3 resumed> => {parent_tid=[1345]}, 88) = 1345 [pid 6421] <... rseq resumed>) = 0 [pid 6419] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6419] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6421] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6419] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6421] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6421] creat("./file1", 000) = 5 [pid 6420] <... write resumed>) = 1048064 [pid 6421] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6420] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6421] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6420] <... futex resumed>) = 0 [pid 6420] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6419] <... futex resumed>) = 0 [pid 6419] close(3) = 0 [pid 6419] close(4) = 0 [pid 6419] close(5) = 0 [pid 6419] close(6) = -1 EBADF (Bad file descriptor) [pid 6419] close(7) = -1 EBADF (Bad file descriptor) [pid 6419] close(8) = -1 EBADF (Bad file descriptor) [pid 6419] close(9) = -1 EBADF (Bad file descriptor) [pid 6419] close(10) = -1 EBADF (Bad file descriptor) [pid 6419] close(11) = -1 EBADF (Bad file descriptor) [pid 6419] close(12) = -1 EBADF (Bad file descriptor) [pid 6419] close(13) = -1 EBADF (Bad file descriptor) [pid 6419] close(14) = -1 EBADF (Bad file descriptor) [pid 6419] close(15) = -1 EBADF (Bad file descriptor) [pid 6419] close(16) = -1 EBADF (Bad file descriptor) [pid 6419] close(17) = -1 EBADF (Bad file descriptor) [pid 6419] close(18) = -1 EBADF (Bad file descriptor) [pid 6419] close(19) = -1 EBADF (Bad file descriptor) [pid 6419] close(20) = -1 EBADF (Bad file descriptor) [pid 6419] close(21) = -1 EBADF (Bad file descriptor) [pid 6419] close(22) = -1 EBADF (Bad file descriptor) [pid 6419] close(23) = -1 EBADF (Bad file descriptor) [pid 6419] close(24) = -1 EBADF (Bad file descriptor) [pid 6419] close(25) = -1 EBADF (Bad file descriptor) [pid 6419] close(26) = -1 EBADF (Bad file descriptor) [pid 6419] close(27) = -1 EBADF (Bad file descriptor) [pid 6419] close(28) = -1 EBADF (Bad file descriptor) [pid 6419] close(29) = -1 EBADF (Bad file descriptor) [pid 6419] exit_group(0) = ? [pid 6421] <... futex resumed>) = ? [pid 6420] <... futex resumed>) = ? [pid 6421] +++ exited with 0 +++ [pid 6420] +++ exited with 0 +++ [pid 6419] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1343, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./447", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./447", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./447/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./447/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./447/cgroup.cpu") = 0 [pid 5063] umount2("./447/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./447/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./447/binderfs") = 0 [pid 5063] umount2("./447/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./447/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./447/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./447/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./447/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./447/file0") = 0 [pid 5063] umount2("./447/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./447/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./447/cgroup") = 0 [pid 5063] umount2("./447/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./447/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./447/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./447") = 0 [pid 5063] mkdir("./448", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6422 attached [pid 6422] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1346 [pid 6422] <... set_robust_list resumed>) = 0 [pid 6422] chdir("./448") = 0 [pid 6422] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6422] setpgid(0, 0) = 0 [pid 6422] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6422] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6422] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6422] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6422] write(3, "1000", 4) = 4 [pid 6422] close(3) = 0 [pid 6422] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6422] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6422] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6422] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6422] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6422] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6422] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6422] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6423 attached => {parent_tid=[1347]}, 88) = 1347 [pid 6423] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6422] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6422] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6422] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6423] <... rseq resumed>) = 0 [pid 6423] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6423] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6423] memfd_create("syzkaller", 0) = 3 [pid 6423] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6423] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6423] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6423] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6423] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6423] close(3) = 0 [pid 6423] mkdir("./file0", 0777) = 0 [pid 6423] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6423] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6423] chdir("./file0") = 0 [ 316.097183][ T6423] loop0: detected capacity change from 0 to 4096 [ 316.117520][ T6423] ntfs: volume version 3.1. [pid 6423] ioctl(4, LOOP_CLR_FD) = 0 [pid 6423] close(4) = 0 [pid 6423] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6422] <... futex resumed>) = 0 [pid 6423] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6422] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6423] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6422] <... futex resumed>) = 0 [pid 6423] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6422] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6423] <... openat resumed>) = 4 [pid 6423] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6423] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6422] <... futex resumed>) = 0 [pid 6422] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6423] <... futex resumed>) = 0 [pid 6422] <... futex resumed>) = 1 [pid 6423] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6422] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6422] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6422] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6422] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6422] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6422] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6424 attached [pid 6424] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6422] <... clone3 resumed> => {parent_tid=[1348]}, 88) = 1348 [pid 6424] <... rseq resumed>) = 0 [pid 6422] rt_sigprocmask(SIG_SETMASK, [], [pid 6424] set_robust_list(0x7eff0a3299a0, 24 [pid 6422] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6424] <... set_robust_list resumed>) = 0 [pid 6422] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6424] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6422] <... futex resumed>) = 0 [pid 6424] creat("./file1", 000 [pid 6422] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6424] <... creat resumed>) = 5 [pid 6423] <... write resumed>) = 1048064 [pid 6424] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6423] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6424] <... futex resumed>) = 1 [pid 6422] <... futex resumed>) = 0 [pid 6424] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6423] <... futex resumed>) = 0 [pid 6422] close(3 [pid 6423] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6422] <... close resumed>) = 0 [pid 6422] close(4) = 0 [pid 6422] close(5) = 0 [pid 6422] close(6) = -1 EBADF (Bad file descriptor) [pid 6422] close(7) = -1 EBADF (Bad file descriptor) [pid 6422] close(8) = -1 EBADF (Bad file descriptor) [pid 6422] close(9) = -1 EBADF (Bad file descriptor) [pid 6422] close(10) = -1 EBADF (Bad file descriptor) [pid 6422] close(11) = -1 EBADF (Bad file descriptor) [pid 6422] close(12) = -1 EBADF (Bad file descriptor) [pid 6422] close(13) = -1 EBADF (Bad file descriptor) [pid 6422] close(14) = -1 EBADF (Bad file descriptor) [pid 6422] close(15) = -1 EBADF (Bad file descriptor) [pid 6422] close(16) = -1 EBADF (Bad file descriptor) [pid 6422] close(17) = -1 EBADF (Bad file descriptor) [pid 6422] close(18) = -1 EBADF (Bad file descriptor) [pid 6422] close(19) = -1 EBADF (Bad file descriptor) [pid 6422] close(20) = -1 EBADF (Bad file descriptor) [pid 6422] close(21) = -1 EBADF (Bad file descriptor) [pid 6422] close(22) = -1 EBADF (Bad file descriptor) [pid 6422] close(23) = -1 EBADF (Bad file descriptor) [pid 6422] close(24) = -1 EBADF (Bad file descriptor) [pid 6422] close(25) = -1 EBADF (Bad file descriptor) [pid 6422] close(26) = -1 EBADF (Bad file descriptor) [pid 6422] close(27) = -1 EBADF (Bad file descriptor) [pid 6422] close(28) = -1 EBADF (Bad file descriptor) [pid 6422] close(29) = -1 EBADF (Bad file descriptor) [pid 6422] exit_group(0) = ? [pid 6423] <... futex resumed>) = ? [pid 6424] <... futex resumed>) = ? [pid 6424] +++ exited with 0 +++ [pid 6423] +++ exited with 0 +++ [pid 6422] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1346, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./448", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./448", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./448/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./448/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./448/cgroup.cpu") = 0 [pid 5063] umount2("./448/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./448/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./448/binderfs") = 0 [pid 5063] umount2("./448/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./448/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./448/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./448/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./448/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./448/file0") = 0 [pid 5063] umount2("./448/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./448/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./448/cgroup") = 0 [pid 5063] umount2("./448/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./448/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./448/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./448") = 0 [pid 5063] mkdir("./449", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6425 attached , child_tidptr=0x5555560b8690) = 1349 [pid 6425] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6425] chdir("./449") = 0 [pid 6425] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6425] setpgid(0, 0) = 0 [pid 6425] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6425] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6425] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6425] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6425] write(3, "1000", 4) = 4 [pid 6425] close(3) = 0 [pid 6425] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6425] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6425] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6425] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6425] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6425] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6425] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6425] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6426 attached [pid 6426] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6425] <... clone3 resumed> => {parent_tid=[1350]}, 88) = 1350 [pid 6426] <... rseq resumed>) = 0 [pid 6426] set_robust_list(0x7eff0a34a9a0, 24 [pid 6425] rt_sigprocmask(SIG_SETMASK, [], [pid 6426] <... set_robust_list resumed>) = 0 [pid 6425] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6426] rt_sigprocmask(SIG_SETMASK, [], [pid 6425] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6426] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6425] <... futex resumed>) = 0 [pid 6426] memfd_create("syzkaller", 0 [pid 6425] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6426] <... memfd_create resumed>) = 3 [pid 6426] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6426] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6426] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6426] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6426] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6426] close(3) = 0 [pid 6426] mkdir("./file0", 0777) = 0 [pid 6426] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6426] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6426] chdir("./file0") = 0 [pid 6426] ioctl(4, LOOP_CLR_FD) = 0 [pid 6426] close(4) = 0 [pid 6426] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6425] <... futex resumed>) = 0 [pid 6426] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6425] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6425] <... futex resumed>) = 0 [pid 6426] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 316.648673][ T6426] loop0: detected capacity change from 0 to 4096 [ 316.670194][ T6426] ntfs: volume version 3.1. [pid 6425] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6426] <... openat resumed>) = 4 [pid 6426] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6425] <... futex resumed>) = 0 [pid 6426] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6425] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6426] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6425] <... futex resumed>) = 0 [pid 6426] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6425] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6425] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6425] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6425] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6425] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6425] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6427 attached [pid 6427] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6427] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6427] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6427] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6425] <... clone3 resumed> => {parent_tid=[1351]}, 88) = 1351 [pid 6425] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6425] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6427] <... futex resumed>) = 0 [pid 6425] <... futex resumed>) = 1 [pid 6427] creat("./file1", 000) = 5 [pid 6426] <... write resumed>) = 1048064 [pid 6425] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6426] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6426] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6427] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6425] <... futex resumed>) = 0 [pid 6427] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6425] close(3) = 0 [pid 6425] close(4) = 0 [pid 6425] close(5) = 0 [pid 6425] close(6) = -1 EBADF (Bad file descriptor) [pid 6425] close(7) = -1 EBADF (Bad file descriptor) [pid 6425] close(8) = -1 EBADF (Bad file descriptor) [pid 6425] close(9) = -1 EBADF (Bad file descriptor) [pid 6425] close(10) = -1 EBADF (Bad file descriptor) [pid 6425] close(11) = -1 EBADF (Bad file descriptor) [pid 6425] close(12) = -1 EBADF (Bad file descriptor) [pid 6425] close(13) = -1 EBADF (Bad file descriptor) [pid 6425] close(14) = -1 EBADF (Bad file descriptor) [pid 6425] close(15) = -1 EBADF (Bad file descriptor) [pid 6425] close(16) = -1 EBADF (Bad file descriptor) [pid 6425] close(17) = -1 EBADF (Bad file descriptor) [pid 6425] close(18) = -1 EBADF (Bad file descriptor) [pid 6425] close(19) = -1 EBADF (Bad file descriptor) [pid 6425] close(20) = -1 EBADF (Bad file descriptor) [pid 6425] close(21) = -1 EBADF (Bad file descriptor) [pid 6425] close(22) = -1 EBADF (Bad file descriptor) [pid 6425] close(23) = -1 EBADF (Bad file descriptor) [pid 6425] close(24) = -1 EBADF (Bad file descriptor) [pid 6425] close(25) = -1 EBADF (Bad file descriptor) [pid 6425] close(26) = -1 EBADF (Bad file descriptor) [pid 6425] close(27) = -1 EBADF (Bad file descriptor) [pid 6425] close(28) = -1 EBADF (Bad file descriptor) [pid 6425] close(29) = -1 EBADF (Bad file descriptor) [pid 6425] exit_group(0) = ? [pid 6427] <... futex resumed>) = ? [pid 6427] +++ exited with 0 +++ [pid 6426] <... futex resumed>) = ? [pid 6426] +++ exited with 0 +++ [pid 6425] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1349, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./449", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./449", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./449/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./449/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./449/cgroup.cpu") = 0 [pid 5063] umount2("./449/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./449/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./449/binderfs") = 0 [pid 5063] umount2("./449/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./449/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./449/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./449/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./449/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./449/file0") = 0 [pid 5063] umount2("./449/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./449/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./449/cgroup") = 0 [pid 5063] umount2("./449/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./449/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./449/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./449") = 0 [pid 5063] mkdir("./450", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6428 attached [pid 6428] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1352 [pid 6428] chdir("./450") = 0 [pid 6428] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6428] setpgid(0, 0) = 0 [pid 6428] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6428] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6428] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6428] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6428] write(3, "1000", 4) = 4 [pid 6428] close(3) = 0 [pid 6428] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6428] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6428] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6428] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6428] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6428] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6428] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6428] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6429 attached => {parent_tid=[1353]}, 88) = 1353 [pid 6429] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6428] rt_sigprocmask(SIG_SETMASK, [], [pid 6429] <... rseq resumed>) = 0 [pid 6429] set_robust_list(0x7eff0a34a9a0, 24 [pid 6428] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6429] <... set_robust_list resumed>) = 0 [pid 6428] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6429] rt_sigprocmask(SIG_SETMASK, [], [pid 6428] <... futex resumed>) = 0 [pid 6429] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6428] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6429] memfd_create("syzkaller", 0) = 3 [pid 6429] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6429] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6429] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6429] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6429] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6429] close(3) = 0 [pid 6429] mkdir("./file0", 0777) = 0 [pid 6429] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6429] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6429] chdir("./file0") = 0 [pid 6429] ioctl(4, LOOP_CLR_FD) = 0 [pid 6429] close(4) = 0 [pid 6429] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6428] <... futex resumed>) = 0 [pid 6428] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6428] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6429] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6429] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6428] <... futex resumed>) = 0 [pid 6429] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6428] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6429] <... futex resumed>) = 0 [pid 6428] <... futex resumed>) = 1 [pid 6429] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 317.328067][ T6429] loop0: detected capacity change from 0 to 4096 [ 317.359187][ T6429] ntfs: volume version 3.1. [pid 6428] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6428] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6428] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6428] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6428] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6428] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6430 attached => {parent_tid=[1354]}, 88) = 1354 [pid 6430] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6428] rt_sigprocmask(SIG_SETMASK, [], [pid 6430] <... rseq resumed>) = 0 [pid 6430] set_robust_list(0x7eff0a3299a0, 24 [pid 6428] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6430] <... set_robust_list resumed>) = 0 [pid 6428] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6430] rt_sigprocmask(SIG_SETMASK, [], [pid 6428] <... futex resumed>) = 0 [pid 6430] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6428] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6430] creat("./file1", 000) = 5 [pid 6429] <... write resumed>) = 1048064 [pid 6430] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6429] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6428] <... futex resumed>) = 0 [pid 6430] <... futex resumed>) = 1 [pid 6428] close(3) = 0 [pid 6430] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6429] <... futex resumed>) = 0 [pid 6428] close(4 [pid 6429] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6428] <... close resumed>) = 0 [pid 6428] close(5) = 0 [pid 6428] close(6) = -1 EBADF (Bad file descriptor) [pid 6428] close(7) = -1 EBADF (Bad file descriptor) [pid 6428] close(8) = -1 EBADF (Bad file descriptor) [pid 6428] close(9) = -1 EBADF (Bad file descriptor) [pid 6428] close(10) = -1 EBADF (Bad file descriptor) [pid 6428] close(11) = -1 EBADF (Bad file descriptor) [pid 6428] close(12) = -1 EBADF (Bad file descriptor) [pid 6428] close(13) = -1 EBADF (Bad file descriptor) [pid 6428] close(14) = -1 EBADF (Bad file descriptor) [pid 6428] close(15) = -1 EBADF (Bad file descriptor) [pid 6428] close(16) = -1 EBADF (Bad file descriptor) [pid 6428] close(17) = -1 EBADF (Bad file descriptor) [pid 6428] close(18) = -1 EBADF (Bad file descriptor) [pid 6428] close(19) = -1 EBADF (Bad file descriptor) [pid 6428] close(20) = -1 EBADF (Bad file descriptor) [pid 6428] close(21) = -1 EBADF (Bad file descriptor) [pid 6428] close(22) = -1 EBADF (Bad file descriptor) [pid 6428] close(23) = -1 EBADF (Bad file descriptor) [pid 6428] close(24) = -1 EBADF (Bad file descriptor) [pid 6428] close(25) = -1 EBADF (Bad file descriptor) [pid 6428] close(26) = -1 EBADF (Bad file descriptor) [pid 6428] close(27) = -1 EBADF (Bad file descriptor) [pid 6428] close(28) = -1 EBADF (Bad file descriptor) [pid 6428] close(29) = -1 EBADF (Bad file descriptor) [pid 6428] exit_group(0) = ? [pid 6430] <... futex resumed>) = ? [pid 6429] <... futex resumed>) = ? [pid 6429] +++ exited with 0 +++ [pid 6430] +++ exited with 0 +++ [pid 6428] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1352, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./450", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./450", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./450/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./450/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./450/cgroup.cpu") = 0 [pid 5063] umount2("./450/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./450/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./450/binderfs") = 0 [pid 5063] umount2("./450/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./450/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./450/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./450/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./450/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./450/file0") = 0 [pid 5063] umount2("./450/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./450/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./450/cgroup") = 0 [pid 5063] umount2("./450/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./450/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./450/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./450") = 0 [pid 5063] mkdir("./451", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6431 attached , child_tidptr=0x5555560b8690) = 1355 [pid 6431] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6431] chdir("./451") = 0 [pid 6431] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6431] setpgid(0, 0) = 0 [pid 6431] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6431] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6431] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6431] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6431] write(3, "1000", 4) = 4 [pid 6431] close(3) = 0 [pid 6431] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6431] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6431] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6431] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6431] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6431] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6431] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6432 attached [pid 6432] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6431] <... clone3 resumed> => {parent_tid=[1356]}, 88) = 1356 [pid 6432] <... rseq resumed>) = 0 [pid 6431] rt_sigprocmask(SIG_SETMASK, [], [pid 6432] set_robust_list(0x7eff0a34a9a0, 24 [pid 6431] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6432] <... set_robust_list resumed>) = 0 [pid 6431] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6432] rt_sigprocmask(SIG_SETMASK, [], [pid 6431] <... futex resumed>) = 0 [pid 6432] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6431] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6432] memfd_create("syzkaller", 0) = 3 [pid 6432] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6432] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6432] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6432] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6432] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6432] close(3) = 0 [pid 6432] mkdir("./file0", 0777) = 0 [pid 6432] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6432] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6432] chdir("./file0") = 0 [pid 6432] ioctl(4, LOOP_CLR_FD) = 0 [pid 6432] close(4) = 0 [pid 6432] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6431] <... futex resumed>) = 0 [pid 6432] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6431] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6432] <... futex resumed>) = 0 [pid 6431] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 317.972417][ T6432] loop0: detected capacity change from 0 to 4096 [ 318.007721][ T6432] ntfs: volume version 3.1. [pid 6432] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6432] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6432] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6431] <... futex resumed>) = 0 [pid 6431] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6432] <... futex resumed>) = 0 [pid 6432] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6431] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6431] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6431] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6431] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6431] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6431] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6433 attached [pid 6433] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6431] <... clone3 resumed> => {parent_tid=[1357]}, 88) = 1357 [pid 6433] <... rseq resumed>) = 0 [pid 6431] rt_sigprocmask(SIG_SETMASK, [], [pid 6433] set_robust_list(0x7eff0a3299a0, 24 [pid 6431] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6433] <... set_robust_list resumed>) = 0 [pid 6431] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6433] rt_sigprocmask(SIG_SETMASK, [], [pid 6431] <... futex resumed>) = 0 [pid 6433] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6433] creat("./file1", 000 [pid 6431] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6433] <... creat resumed>) = 5 [pid 6432] <... write resumed>) = 1048064 [pid 6433] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6432] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6433] <... futex resumed>) = 1 [pid 6431] <... futex resumed>) = 0 [pid 6433] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6432] <... futex resumed>) = 0 [pid 6431] close(3 [pid 6432] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6431] <... close resumed>) = 0 [pid 6431] close(4) = 0 [pid 6431] close(5) = 0 [pid 6431] close(6) = -1 EBADF (Bad file descriptor) [pid 6431] close(7) = -1 EBADF (Bad file descriptor) [pid 6431] close(8) = -1 EBADF (Bad file descriptor) [pid 6431] close(9) = -1 EBADF (Bad file descriptor) [pid 6431] close(10) = -1 EBADF (Bad file descriptor) [pid 6431] close(11) = -1 EBADF (Bad file descriptor) [pid 6431] close(12) = -1 EBADF (Bad file descriptor) [pid 6431] close(13) = -1 EBADF (Bad file descriptor) [pid 6431] close(14) = -1 EBADF (Bad file descriptor) [pid 6431] close(15) = -1 EBADF (Bad file descriptor) [pid 6431] close(16) = -1 EBADF (Bad file descriptor) [pid 6431] close(17) = -1 EBADF (Bad file descriptor) [pid 6431] close(18) = -1 EBADF (Bad file descriptor) [pid 6431] close(19) = -1 EBADF (Bad file descriptor) [pid 6431] close(20) = -1 EBADF (Bad file descriptor) [pid 6431] close(21) = -1 EBADF (Bad file descriptor) [pid 6431] close(22) = -1 EBADF (Bad file descriptor) [pid 6431] close(23) = -1 EBADF (Bad file descriptor) [pid 6431] close(24) = -1 EBADF (Bad file descriptor) [pid 6431] close(25) = -1 EBADF (Bad file descriptor) [pid 6431] close(26) = -1 EBADF (Bad file descriptor) [pid 6431] close(27) = -1 EBADF (Bad file descriptor) [pid 6431] close(28) = -1 EBADF (Bad file descriptor) [pid 6431] close(29) = -1 EBADF (Bad file descriptor) [pid 6431] exit_group(0 [pid 6433] <... futex resumed>) = ? [pid 6432] <... futex resumed>) = ? [pid 6433] +++ exited with 0 +++ [pid 6431] <... exit_group resumed>) = ? [pid 6432] +++ exited with 0 +++ [pid 6431] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1355, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./451", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./451", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./451/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./451/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./451/cgroup.cpu") = 0 [pid 5063] umount2("./451/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./451/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./451/binderfs") = 0 [pid 5063] umount2("./451/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./451/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./451/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./451/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./451/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./451/file0") = 0 [pid 5063] umount2("./451/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./451/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./451/cgroup") = 0 [pid 5063] umount2("./451/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./451/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./451/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./451") = 0 [pid 5063] mkdir("./452", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6434 attached , child_tidptr=0x5555560b8690) = 1358 [pid 6434] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6434] chdir("./452") = 0 [pid 6434] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6434] setpgid(0, 0) = 0 [pid 6434] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6434] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6434] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6434] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6434] write(3, "1000", 4) = 4 [pid 6434] close(3) = 0 [pid 6434] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6434] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6434] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6434] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6434] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6434] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6434] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6434] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6435 attached => {parent_tid=[1359]}, 88) = 1359 [pid 6435] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6434] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6434] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6434] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6435] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6435] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6435] memfd_create("syzkaller", 0) = 3 [pid 6435] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6435] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6435] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6435] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6435] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6435] close(3) = 0 [pid 6435] mkdir("./file0", 0777) = 0 [pid 6435] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6435] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6435] chdir("./file0") = 0 [pid 6435] ioctl(4, LOOP_CLR_FD) = 0 [pid 6435] close(4) = 0 [ 318.538721][ T6435] loop0: detected capacity change from 0 to 4096 [ 318.568170][ T6435] ntfs: volume version 3.1. [pid 6435] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6434] <... futex resumed>) = 0 [pid 6435] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6434] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6435] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6434] <... futex resumed>) = 0 [pid 6434] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6435] <... openat resumed>) = 4 [pid 6435] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6435] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6434] <... futex resumed>) = 0 [pid 6434] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6435] <... futex resumed>) = 0 [pid 6434] <... futex resumed>) = 1 [pid 6435] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6434] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6434] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6434] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6434] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6434] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6434] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6436 attached [pid 6436] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6434] <... clone3 resumed> => {parent_tid=[1360]}, 88) = 1360 [pid 6436] <... rseq resumed>) = 0 [pid 6436] set_robust_list(0x7eff0a3299a0, 24 [pid 6434] rt_sigprocmask(SIG_SETMASK, [], [pid 6436] <... set_robust_list resumed>) = 0 [pid 6434] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6436] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6434] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6436] creat("./file1", 000 [pid 6434] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6436] <... creat resumed>) = 5 [pid 6436] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6435] <... write resumed>) = 1048064 [pid 6436] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6434] <... futex resumed>) = 0 [pid 6435] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6434] close(3 [pid 6435] <... futex resumed>) = 0 [pid 6435] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6434] <... close resumed>) = 0 [pid 6434] close(4) = 0 [pid 6434] close(5) = 0 [pid 6434] close(6) = -1 EBADF (Bad file descriptor) [pid 6434] close(7) = -1 EBADF (Bad file descriptor) [pid 6434] close(8) = -1 EBADF (Bad file descriptor) [pid 6434] close(9) = -1 EBADF (Bad file descriptor) [pid 6434] close(10) = -1 EBADF (Bad file descriptor) [pid 6434] close(11) = -1 EBADF (Bad file descriptor) [pid 6434] close(12) = -1 EBADF (Bad file descriptor) [pid 6434] close(13) = -1 EBADF (Bad file descriptor) [pid 6434] close(14) = -1 EBADF (Bad file descriptor) [pid 6434] close(15) = -1 EBADF (Bad file descriptor) [pid 6434] close(16) = -1 EBADF (Bad file descriptor) [pid 6434] close(17) = -1 EBADF (Bad file descriptor) [pid 6434] close(18) = -1 EBADF (Bad file descriptor) [pid 6434] close(19) = -1 EBADF (Bad file descriptor) [pid 6434] close(20) = -1 EBADF (Bad file descriptor) [pid 6434] close(21) = -1 EBADF (Bad file descriptor) [pid 6434] close(22) = -1 EBADF (Bad file descriptor) [pid 6434] close(23) = -1 EBADF (Bad file descriptor) [pid 6434] close(24) = -1 EBADF (Bad file descriptor) [pid 6434] close(25) = -1 EBADF (Bad file descriptor) [pid 6434] close(26) = -1 EBADF (Bad file descriptor) [pid 6434] close(27) = -1 EBADF (Bad file descriptor) [pid 6434] close(28) = -1 EBADF (Bad file descriptor) [pid 6434] close(29) = -1 EBADF (Bad file descriptor) [pid 6434] exit_group(0 [pid 6435] <... futex resumed>) = ? [pid 6436] <... futex resumed>) = ? [pid 6434] <... exit_group resumed>) = ? [pid 6436] +++ exited with 0 +++ [pid 6435] +++ exited with 0 +++ [pid 6434] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1358, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./452", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./452", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./452/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./452/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./452/cgroup.cpu") = 0 [pid 5063] umount2("./452/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./452/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./452/binderfs") = 0 [pid 5063] umount2("./452/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./452/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./452/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./452/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./452/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./452/file0") = 0 [pid 5063] umount2("./452/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./452/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./452/cgroup") = 0 [pid 5063] umount2("./452/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./452/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./452/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./452") = 0 [pid 5063] mkdir("./453", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6437 attached , child_tidptr=0x5555560b8690) = 1361 [pid 6437] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6437] chdir("./453") = 0 [pid 6437] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6437] setpgid(0, 0) = 0 [pid 6437] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6437] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6437] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6437] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6437] write(3, "1000", 4) = 4 [pid 6437] close(3) = 0 [pid 6437] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6437] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6437] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6437] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6437] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6437] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6437] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6437] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6438 attached [pid 6438] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6437] <... clone3 resumed> => {parent_tid=[1362]}, 88) = 1362 [pid 6437] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6437] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6438] <... rseq resumed>) = 0 [pid 6438] set_robust_list(0x7eff0a34a9a0, 24 [pid 6437] <... futex resumed>) = 0 [pid 6438] <... set_robust_list resumed>) = 0 [pid 6437] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6438] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6438] memfd_create("syzkaller", 0) = 3 [pid 6438] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6438] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6438] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6438] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6438] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6438] close(3) = 0 [pid 6438] mkdir("./file0", 0777) = 0 [pid 6438] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6438] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6438] chdir("./file0") = 0 [pid 6438] ioctl(4, LOOP_CLR_FD) = 0 [pid 6438] close(4) = 0 [pid 6438] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6437] <... futex resumed>) = 0 [pid 6438] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6437] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6438] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6437] <... futex resumed>) = 0 [pid 6437] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6438] <... openat resumed>) = 4 [pid 6438] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6437] <... futex resumed>) = 0 [pid 6438] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6437] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6438] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6438] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6437] <... futex resumed>) = 0 [ 319.114291][ T6438] loop0: detected capacity change from 0 to 4096 [ 319.144553][ T6438] ntfs: volume version 3.1. [pid 6437] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6437] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6437] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6437] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6437] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6437] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6439 attached => {parent_tid=[1363]}, 88) = 1363 [pid 6439] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6437] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6439] <... rseq resumed>) = 0 [pid 6439] set_robust_list(0x7eff0a3299a0, 24 [pid 6437] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6439] <... set_robust_list resumed>) = 0 [pid 6437] <... futex resumed>) = 0 [pid 6439] rt_sigprocmask(SIG_SETMASK, [], [pid 6437] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6439] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6439] creat("./file1", 000) = 5 [pid 6439] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6437] <... futex resumed>) = 0 [pid 6438] <... write resumed>) = 1048064 [pid 6439] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6438] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6438] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6437] close(3) = 0 [pid 6437] close(4) = 0 [pid 6437] close(5) = 0 [pid 6437] close(6) = -1 EBADF (Bad file descriptor) [pid 6437] close(7) = -1 EBADF (Bad file descriptor) [pid 6437] close(8) = -1 EBADF (Bad file descriptor) [pid 6437] close(9) = -1 EBADF (Bad file descriptor) [pid 6437] close(10) = -1 EBADF (Bad file descriptor) [pid 6437] close(11) = -1 EBADF (Bad file descriptor) [pid 6437] close(12) = -1 EBADF (Bad file descriptor) [pid 6437] close(13) = -1 EBADF (Bad file descriptor) [pid 6437] close(14) = -1 EBADF (Bad file descriptor) [pid 6437] close(15) = -1 EBADF (Bad file descriptor) [pid 6437] close(16) = -1 EBADF (Bad file descriptor) [pid 6437] close(17) = -1 EBADF (Bad file descriptor) [pid 6437] close(18) = -1 EBADF (Bad file descriptor) [pid 6437] close(19) = -1 EBADF (Bad file descriptor) [pid 6437] close(20) = -1 EBADF (Bad file descriptor) [pid 6437] close(21) = -1 EBADF (Bad file descriptor) [pid 6437] close(22) = -1 EBADF (Bad file descriptor) [pid 6437] close(23) = -1 EBADF (Bad file descriptor) [pid 6437] close(24) = -1 EBADF (Bad file descriptor) [pid 6437] close(25) = -1 EBADF (Bad file descriptor) [pid 6437] close(26) = -1 EBADF (Bad file descriptor) [pid 6437] close(27) = -1 EBADF (Bad file descriptor) [pid 6437] close(28) = -1 EBADF (Bad file descriptor) [pid 6437] close(29) = -1 EBADF (Bad file descriptor) [pid 6437] exit_group(0) = ? [pid 6439] <... futex resumed>) = ? [pid 6439] +++ exited with 0 +++ [pid 6438] <... futex resumed>) = ? [pid 6438] +++ exited with 0 +++ [pid 6437] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1361, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./453", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./453", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./453/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./453/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./453/cgroup.cpu") = 0 [pid 5063] umount2("./453/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./453/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./453/binderfs") = 0 [pid 5063] umount2("./453/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./453/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./453/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./453/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./453/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./453/file0") = 0 [pid 5063] umount2("./453/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./453/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./453/cgroup") = 0 [pid 5063] umount2("./453/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./453/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./453/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./453") = 0 [pid 5063] mkdir("./454", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6440 attached , child_tidptr=0x5555560b8690) = 1364 [pid 6440] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6440] chdir("./454") = 0 [pid 6440] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6440] setpgid(0, 0) = 0 [pid 6440] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6440] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6440] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6440] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6440] write(3, "1000", 4) = 4 [pid 6440] close(3) = 0 [pid 6440] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6440] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6440] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6440] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6440] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6440] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6440] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6440] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6441 attached [pid 6441] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6440] <... clone3 resumed> => {parent_tid=[1365]}, 88) = 1365 [pid 6441] <... rseq resumed>) = 0 [pid 6440] rt_sigprocmask(SIG_SETMASK, [], [pid 6441] set_robust_list(0x7eff0a34a9a0, 24 [pid 6440] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6441] <... set_robust_list resumed>) = 0 [pid 6441] rt_sigprocmask(SIG_SETMASK, [], [pid 6440] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6441] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6440] <... futex resumed>) = 0 [pid 6440] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6441] memfd_create("syzkaller", 0) = 3 [pid 6441] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6441] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6441] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6441] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6441] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6441] close(3) = 0 [pid 6441] mkdir("./file0", 0777) = 0 [ 319.623309][ T6441] loop0: detected capacity change from 0 to 4096 [ 319.637501][ T6441] __ntfs_warning: 170 callbacks suppressed [ 319.637512][ T6441] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 319.664097][ T6441] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 319.673676][ T6441] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 319.689593][ T6441] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 319.698375][ T6441] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 319.718339][ T6441] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 319.727084][ T6441] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 319.747241][ T6441] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6441] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6441] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6441] chdir("./file0") = 0 [pid 6441] ioctl(4, LOOP_CLR_FD) = 0 [pid 6441] close(4) = 0 [pid 6441] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6440] <... futex resumed>) = 0 [pid 6441] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6440] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6441] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6440] <... futex resumed>) = 0 [pid 6440] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6441] <... openat resumed>) = 4 [pid 6441] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6440] <... futex resumed>) = 0 [pid 6440] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 319.755984][ T6441] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 319.775936][ T6441] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 319.786156][ T6441] ntfs: volume version 3.1. [pid 6440] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6441] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6440] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6440] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6440] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6440] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6440] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6440] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6442 attached [pid 6442] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6442] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6442] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6442] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6440] <... clone3 resumed> => {parent_tid=[1366]}, 88) = 1366 [pid 6440] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6440] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6442] <... futex resumed>) = 0 [pid 6442] creat("./file1", 000 [pid 6440] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6442] <... creat resumed>) = 5 [pid 6441] <... write resumed>) = 1048064 [pid 6442] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6442] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6440] <... futex resumed>) = 0 [pid 6441] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6440] close(3 [pid 6441] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6440] <... close resumed>) = 0 [pid 6440] close(4) = 0 [pid 6440] close(5) = 0 [pid 6440] close(6) = -1 EBADF (Bad file descriptor) [pid 6440] close(7) = -1 EBADF (Bad file descriptor) [pid 6440] close(8) = -1 EBADF (Bad file descriptor) [pid 6440] close(9) = -1 EBADF (Bad file descriptor) [pid 6440] close(10) = -1 EBADF (Bad file descriptor) [pid 6440] close(11) = -1 EBADF (Bad file descriptor) [pid 6440] close(12) = -1 EBADF (Bad file descriptor) [pid 6440] close(13) = -1 EBADF (Bad file descriptor) [pid 6440] close(14) = -1 EBADF (Bad file descriptor) [pid 6440] close(15) = -1 EBADF (Bad file descriptor) [pid 6440] close(16) = -1 EBADF (Bad file descriptor) [pid 6440] close(17) = -1 EBADF (Bad file descriptor) [pid 6440] close(18) = -1 EBADF (Bad file descriptor) [pid 6440] close(19) = -1 EBADF (Bad file descriptor) [pid 6440] close(20) = -1 EBADF (Bad file descriptor) [pid 6440] close(21) = -1 EBADF (Bad file descriptor) [pid 6440] close(22) = -1 EBADF (Bad file descriptor) [pid 6440] close(23) = -1 EBADF (Bad file descriptor) [pid 6440] close(24) = -1 EBADF (Bad file descriptor) [pid 6440] close(25) = -1 EBADF (Bad file descriptor) [pid 6440] close(26) = -1 EBADF (Bad file descriptor) [pid 6440] close(27) = -1 EBADF (Bad file descriptor) [pid 6440] close(28) = -1 EBADF (Bad file descriptor) [pid 6440] close(29) = -1 EBADF (Bad file descriptor) [pid 6440] exit_group(0 [pid 6442] <... futex resumed>) = ? [pid 6441] <... futex resumed>) = ? [pid 6440] <... exit_group resumed>) = ? [pid 6442] +++ exited with 0 +++ [pid 6441] +++ exited with 0 +++ [pid 6440] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1364, si_uid=0, si_status=0, si_utime=0, si_stime=26 /* 0.26 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./454", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./454", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./454/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./454/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./454/cgroup.cpu") = 0 [pid 5063] umount2("./454/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./454/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./454/binderfs") = 0 [pid 5063] umount2("./454/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./454/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./454/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./454/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./454/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./454/file0") = 0 [pid 5063] umount2("./454/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./454/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./454/cgroup") = 0 [pid 5063] umount2("./454/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./454/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./454/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./454") = 0 [pid 5063] mkdir("./455", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6443 attached , child_tidptr=0x5555560b8690) = 1367 [pid 6443] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6443] chdir("./455") = 0 [pid 6443] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6443] setpgid(0, 0) = 0 [pid 6443] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6443] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6443] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6443] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6443] write(3, "1000", 4) = 4 [pid 6443] close(3) = 0 [pid 6443] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6443] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6443] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6443] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6443] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6443] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6443] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6443] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6444 attached => {parent_tid=[1368]}, 88) = 1368 [pid 6444] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6443] rt_sigprocmask(SIG_SETMASK, [], [pid 6444] <... rseq resumed>) = 0 [pid 6443] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6444] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6443] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6444] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6443] <... futex resumed>) = 0 [pid 6443] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6444] memfd_create("syzkaller", 0) = 3 [pid 6444] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6444] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6444] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6444] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6444] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6444] close(3) = 0 [pid 6444] mkdir("./file0", 0777) = 0 [pid 6444] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6444] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6444] chdir("./file0") = 0 [pid 6444] ioctl(4, LOOP_CLR_FD) = 0 [pid 6444] close(4) = 0 [pid 6444] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6444] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6443] <... futex resumed>) = 0 [ 320.299282][ T6444] loop0: detected capacity change from 0 to 4096 [ 320.324431][ T6444] ntfs: volume version 3.1. [pid 6443] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6444] <... futex resumed>) = 0 [pid 6444] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6443] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6444] <... openat resumed>) = 4 [pid 6444] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6443] <... futex resumed>) = 0 [pid 6444] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6443] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6444] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6444] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6443] <... futex resumed>) = 0 [pid 6443] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6443] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6443] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6443] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6443] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6443] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1369]}, 88) = 1369 ./strace-static-x86_64: Process 6445 attached [pid 6445] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6445] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6443] rt_sigprocmask(SIG_SETMASK, [], [pid 6445] rt_sigprocmask(SIG_SETMASK, [], [pid 6443] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6445] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6443] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6445] creat("./file1", 000 [pid 6443] <... futex resumed>) = 0 [pid 6443] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6445] <... creat resumed>) = 5 [pid 6444] <... write resumed>) = 1048064 [pid 6445] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6443] <... futex resumed>) = 0 [pid 6445] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6444] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6444] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6443] close(3) = 0 [pid 6443] close(4) = 0 [pid 6443] close(5) = 0 [pid 6443] close(6) = -1 EBADF (Bad file descriptor) [pid 6443] close(7) = -1 EBADF (Bad file descriptor) [pid 6443] close(8) = -1 EBADF (Bad file descriptor) [pid 6443] close(9) = -1 EBADF (Bad file descriptor) [pid 6443] close(10) = -1 EBADF (Bad file descriptor) [pid 6443] close(11) = -1 EBADF (Bad file descriptor) [pid 6443] close(12) = -1 EBADF (Bad file descriptor) [pid 6443] close(13) = -1 EBADF (Bad file descriptor) [pid 6443] close(14) = -1 EBADF (Bad file descriptor) [pid 6443] close(15) = -1 EBADF (Bad file descriptor) [pid 6443] close(16) = -1 EBADF (Bad file descriptor) [pid 6443] close(17) = -1 EBADF (Bad file descriptor) [pid 6443] close(18) = -1 EBADF (Bad file descriptor) [pid 6443] close(19) = -1 EBADF (Bad file descriptor) [pid 6443] close(20) = -1 EBADF (Bad file descriptor) [pid 6443] close(21) = -1 EBADF (Bad file descriptor) [pid 6443] close(22) = -1 EBADF (Bad file descriptor) [pid 6443] close(23) = -1 EBADF (Bad file descriptor) [pid 6443] close(24) = -1 EBADF (Bad file descriptor) [pid 6443] close(25) = -1 EBADF (Bad file descriptor) [pid 6443] close(26) = -1 EBADF (Bad file descriptor) [pid 6443] close(27) = -1 EBADF (Bad file descriptor) [pid 6443] close(28) = -1 EBADF (Bad file descriptor) [pid 6443] close(29) = -1 EBADF (Bad file descriptor) [pid 6443] exit_group(0 [pid 6444] <... futex resumed>) = ? [pid 6445] <... futex resumed>) = ? [pid 6443] <... exit_group resumed>) = ? [pid 6444] +++ exited with 0 +++ [pid 6445] +++ exited with 0 +++ [pid 6443] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1367, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] umount2("./455", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./455", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./455/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./455/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./455/cgroup.cpu") = 0 [pid 5063] umount2("./455/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./455/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./455/binderfs") = 0 [pid 5063] umount2("./455/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./455/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./455/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./455/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./455/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./455/file0") = 0 [pid 5063] umount2("./455/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./455/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./455/cgroup") = 0 [pid 5063] umount2("./455/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./455/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./455/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./455") = 0 [pid 5063] mkdir("./456", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6446 attached , child_tidptr=0x5555560b8690) = 1370 [pid 6446] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6446] chdir("./456") = 0 [pid 6446] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6446] setpgid(0, 0) = 0 [pid 6446] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6446] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6446] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6446] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6446] write(3, "1000", 4) = 4 [pid 6446] close(3) = 0 [pid 6446] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6446] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6446] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6446] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6446] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6446] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6446] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6446] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6447 attached => {parent_tid=[1371]}, 88) = 1371 [pid 6447] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6446] rt_sigprocmask(SIG_SETMASK, [], [pid 6447] <... rseq resumed>) = 0 [pid 6446] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6447] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6446] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6447] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6446] <... futex resumed>) = 0 [pid 6446] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6447] memfd_create("syzkaller", 0) = 3 [pid 6447] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6447] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6447] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6447] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6447] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6447] close(3) = 0 [pid 6447] mkdir("./file0", 0777) = 0 [pid 6447] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6447] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6447] chdir("./file0") = 0 [pid 6447] ioctl(4, LOOP_CLR_FD) = 0 [pid 6447] close(4) = 0 [pid 6447] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6446] <... futex resumed>) = 0 [pid 6447] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6446] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6447] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6446] <... futex resumed>) = 0 [pid 6447] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6446] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6447] <... openat resumed>) = 4 [pid 6447] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6446] <... futex resumed>) = 0 [pid 6447] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6446] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6447] <... futex resumed>) = 0 [pid 6446] <... futex resumed>) = 1 [pid 6447] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 320.858407][ T6447] loop0: detected capacity change from 0 to 4096 [ 320.878113][ T6447] ntfs: volume version 3.1. [pid 6446] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6446] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6446] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6446] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6446] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6446] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6448 attached [pid 6448] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6446] <... clone3 resumed> => {parent_tid=[1372]}, 88) = 1372 [pid 6448] <... rseq resumed>) = 0 [pid 6448] set_robust_list(0x7eff0a3299a0, 24 [pid 6446] rt_sigprocmask(SIG_SETMASK, [], [pid 6448] <... set_robust_list resumed>) = 0 [pid 6446] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6448] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6448] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6446] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6448] <... futex resumed>) = 0 [pid 6446] <... futex resumed>) = 1 [pid 6448] creat("./file1", 000 [pid 6446] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6448] <... creat resumed>) = 5 [pid 6447] <... write resumed>) = 1048064 [pid 6448] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6447] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6446] <... futex resumed>) = 0 [pid 6448] <... futex resumed>) = 1 [pid 6447] <... futex resumed>) = 0 [pid 6446] close(3 [pid 6447] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6446] <... close resumed>) = 0 [pid 6448] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6446] close(4) = 0 [pid 6446] close(5) = 0 [pid 6446] close(6) = -1 EBADF (Bad file descriptor) [pid 6446] close(7) = -1 EBADF (Bad file descriptor) [pid 6446] close(8) = -1 EBADF (Bad file descriptor) [pid 6446] close(9) = -1 EBADF (Bad file descriptor) [pid 6446] close(10) = -1 EBADF (Bad file descriptor) [pid 6446] close(11) = -1 EBADF (Bad file descriptor) [pid 6446] close(12) = -1 EBADF (Bad file descriptor) [pid 6446] close(13) = -1 EBADF (Bad file descriptor) [pid 6446] close(14) = -1 EBADF (Bad file descriptor) [pid 6446] close(15) = -1 EBADF (Bad file descriptor) [pid 6446] close(16) = -1 EBADF (Bad file descriptor) [pid 6446] close(17) = -1 EBADF (Bad file descriptor) [pid 6446] close(18) = -1 EBADF (Bad file descriptor) [pid 6446] close(19) = -1 EBADF (Bad file descriptor) [pid 6446] close(20) = -1 EBADF (Bad file descriptor) [pid 6446] close(21) = -1 EBADF (Bad file descriptor) [pid 6446] close(22) = -1 EBADF (Bad file descriptor) [pid 6446] close(23) = -1 EBADF (Bad file descriptor) [pid 6446] close(24) = -1 EBADF (Bad file descriptor) [pid 6446] close(25) = -1 EBADF (Bad file descriptor) [pid 6446] close(26) = -1 EBADF (Bad file descriptor) [pid 6446] close(27) = -1 EBADF (Bad file descriptor) [pid 6446] close(28) = -1 EBADF (Bad file descriptor) [pid 6446] close(29) = -1 EBADF (Bad file descriptor) [pid 6446] exit_group(0) = ? [pid 6448] <... futex resumed>) = ? [pid 6447] <... futex resumed>) = ? [pid 6448] +++ exited with 0 +++ [pid 6447] +++ exited with 0 +++ [pid 6446] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1370, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./456", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./456", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./456/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./456/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./456/cgroup.cpu") = 0 [pid 5063] umount2("./456/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./456/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./456/binderfs") = 0 [pid 5063] umount2("./456/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./456/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./456/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./456/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./456/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./456/file0") = 0 [pid 5063] umount2("./456/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./456/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./456/cgroup") = 0 [pid 5063] umount2("./456/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./456/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./456/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./456") = 0 [pid 5063] mkdir("./457", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6449 attached [pid 6449] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1373 [pid 6449] <... set_robust_list resumed>) = 0 [pid 6449] chdir("./457") = 0 [pid 6449] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6449] setpgid(0, 0) = 0 [pid 6449] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6449] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6449] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6449] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6449] write(3, "1000", 4) = 4 [pid 6449] close(3) = 0 [pid 6449] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6449] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6449] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6449] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6449] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6449] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6449] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6449] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6450 attached => {parent_tid=[1374]}, 88) = 1374 [pid 6450] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6449] rt_sigprocmask(SIG_SETMASK, [], [pid 6450] set_robust_list(0x7eff0a34a9a0, 24 [pid 6449] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6450] <... set_robust_list resumed>) = 0 [pid 6449] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6450] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6449] <... futex resumed>) = 0 [pid 6449] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6450] memfd_create("syzkaller", 0) = 3 [pid 6450] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6450] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6450] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6450] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6450] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6450] close(3) = 0 [pid 6450] mkdir("./file0", 0777) = 0 [pid 6450] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6450] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6450] chdir("./file0") = 0 [pid 6450] ioctl(4, LOOP_CLR_FD) = 0 [pid 6450] close(4) = 0 [pid 6450] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6449] <... futex resumed>) = 0 [pid 6450] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6449] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6450] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6449] <... futex resumed>) = 0 [pid 6450] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6449] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6450] <... openat resumed>) = 4 [pid 6450] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6449] <... futex resumed>) = 0 [pid 6450] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6449] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6450] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6449] <... futex resumed>) = 0 [ 321.438050][ T6450] loop0: detected capacity change from 0 to 4096 [ 321.452824][ T6450] ntfs: volume version 3.1. [pid 6449] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6449] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6449] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6449] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6449] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6449] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6451 attached [pid 6451] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6449] <... clone3 resumed> => {parent_tid=[1375]}, 88) = 1375 [pid 6451] <... rseq resumed>) = 0 [pid 6449] rt_sigprocmask(SIG_SETMASK, [], [pid 6451] set_robust_list(0x7eff0a3299a0, 24 [pid 6449] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6449] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6451] <... set_robust_list resumed>) = 0 [pid 6449] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6451] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6451] creat("./file1", 000) = 5 [pid 6450] <... write resumed>) = 1048064 [pid 6451] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6450] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6451] <... futex resumed>) = 1 [pid 6449] <... futex resumed>) = 0 [pid 6451] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6450] <... futex resumed>) = 0 [pid 6450] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6449] close(3) = 0 [pid 6449] close(4) = 0 [pid 6449] close(5) = 0 [pid 6449] close(6) = -1 EBADF (Bad file descriptor) [pid 6449] close(7) = -1 EBADF (Bad file descriptor) [pid 6449] close(8) = -1 EBADF (Bad file descriptor) [pid 6449] close(9) = -1 EBADF (Bad file descriptor) [pid 6449] close(10) = -1 EBADF (Bad file descriptor) [pid 6449] close(11) = -1 EBADF (Bad file descriptor) [pid 6449] close(12) = -1 EBADF (Bad file descriptor) [pid 6449] close(13) = -1 EBADF (Bad file descriptor) [pid 6449] close(14) = -1 EBADF (Bad file descriptor) [pid 6449] close(15) = -1 EBADF (Bad file descriptor) [pid 6449] close(16) = -1 EBADF (Bad file descriptor) [pid 6449] close(17) = -1 EBADF (Bad file descriptor) [pid 6449] close(18) = -1 EBADF (Bad file descriptor) [pid 6449] close(19) = -1 EBADF (Bad file descriptor) [pid 6449] close(20) = -1 EBADF (Bad file descriptor) [pid 6449] close(21) = -1 EBADF (Bad file descriptor) [pid 6449] close(22) = -1 EBADF (Bad file descriptor) [pid 6449] close(23) = -1 EBADF (Bad file descriptor) [pid 6449] close(24) = -1 EBADF (Bad file descriptor) [pid 6449] close(25) = -1 EBADF (Bad file descriptor) [pid 6449] close(26) = -1 EBADF (Bad file descriptor) [pid 6449] close(27) = -1 EBADF (Bad file descriptor) [pid 6449] close(28) = -1 EBADF (Bad file descriptor) [pid 6449] close(29) = -1 EBADF (Bad file descriptor) [pid 6449] exit_group(0) = ? [pid 6450] <... futex resumed>) = ? [pid 6450] +++ exited with 0 +++ [pid 6451] <... futex resumed>) = ? [pid 6451] +++ exited with 0 +++ [pid 6449] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1373, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./457", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./457", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./457/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./457/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./457/cgroup.cpu") = 0 [pid 5063] umount2("./457/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./457/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./457/binderfs") = 0 [pid 5063] umount2("./457/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./457/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./457/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./457/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./457/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./457/file0") = 0 [pid 5063] umount2("./457/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./457/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./457/cgroup") = 0 [pid 5063] umount2("./457/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./457/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./457/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./457") = 0 [pid 5063] mkdir("./458", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6452 attached , child_tidptr=0x5555560b8690) = 1376 [pid 6452] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6452] chdir("./458") = 0 [pid 6452] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6452] setpgid(0, 0) = 0 [pid 6452] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6452] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6452] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6452] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6452] write(3, "1000", 4) = 4 [pid 6452] close(3) = 0 [pid 6452] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6452] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6452] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6452] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6452] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6452] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6452] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6452] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6453 attached => {parent_tid=[1377]}, 88) = 1377 [pid 6452] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6453] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6452] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6453] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6452] <... futex resumed>) = 0 [pid 6453] rt_sigprocmask(SIG_SETMASK, [], [pid 6452] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6453] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6453] memfd_create("syzkaller", 0) = 3 [pid 6453] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6453] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6453] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6453] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6453] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6453] close(3) = 0 [pid 6453] mkdir("./file0", 0777) = 0 [pid 6453] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6453] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6453] chdir("./file0") = 0 [pid 6453] ioctl(4, LOOP_CLR_FD) = 0 [pid 6453] close(4) = 0 [pid 6453] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6453] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6452] <... futex resumed>) = 0 [pid 6452] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6453] <... futex resumed>) = 0 [pid 6452] <... futex resumed>) = 1 [ 322.010146][ T6453] loop0: detected capacity change from 0 to 4096 [ 322.034183][ T6453] ntfs: volume version 3.1. [pid 6453] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6452] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6453] <... openat resumed>) = 4 [pid 6453] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6452] <... futex resumed>) = 0 [pid 6453] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6452] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6453] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6452] <... futex resumed>) = 0 [pid 6453] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6452] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6452] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6452] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6452] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6452] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6452] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6454 attached => {parent_tid=[1378]}, 88) = 1378 [pid 6454] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6452] rt_sigprocmask(SIG_SETMASK, [], [pid 6454] <... rseq resumed>) = 0 [pid 6452] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6454] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6452] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6454] rt_sigprocmask(SIG_SETMASK, [], [pid 6452] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6454] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6454] creat("./file1", 000) = 5 [pid 6453] <... write resumed>) = 1048064 [pid 6454] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6453] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6454] <... futex resumed>) = 1 [pid 6452] <... futex resumed>) = 0 [pid 6454] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6453] <... futex resumed>) = 0 [pid 6452] close(3 [pid 6453] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6452] <... close resumed>) = 0 [pid 6452] close(4) = 0 [pid 6452] close(5) = 0 [pid 6452] close(6) = -1 EBADF (Bad file descriptor) [pid 6452] close(7) = -1 EBADF (Bad file descriptor) [pid 6452] close(8) = -1 EBADF (Bad file descriptor) [pid 6452] close(9) = -1 EBADF (Bad file descriptor) [pid 6452] close(10) = -1 EBADF (Bad file descriptor) [pid 6452] close(11) = -1 EBADF (Bad file descriptor) [pid 6452] close(12) = -1 EBADF (Bad file descriptor) [pid 6452] close(13) = -1 EBADF (Bad file descriptor) [pid 6452] close(14) = -1 EBADF (Bad file descriptor) [pid 6452] close(15) = -1 EBADF (Bad file descriptor) [pid 6452] close(16) = -1 EBADF (Bad file descriptor) [pid 6452] close(17) = -1 EBADF (Bad file descriptor) [pid 6452] close(18) = -1 EBADF (Bad file descriptor) [pid 6452] close(19) = -1 EBADF (Bad file descriptor) [pid 6452] close(20) = -1 EBADF (Bad file descriptor) [pid 6452] close(21) = -1 EBADF (Bad file descriptor) [pid 6452] close(22) = -1 EBADF (Bad file descriptor) [pid 6452] close(23) = -1 EBADF (Bad file descriptor) [pid 6452] close(24) = -1 EBADF (Bad file descriptor) [pid 6452] close(25) = -1 EBADF (Bad file descriptor) [pid 6452] close(26) = -1 EBADF (Bad file descriptor) [pid 6452] close(27) = -1 EBADF (Bad file descriptor) [pid 6452] close(28) = -1 EBADF (Bad file descriptor) [pid 6452] close(29) = -1 EBADF (Bad file descriptor) [pid 6452] exit_group(0 [pid 6453] <... futex resumed>) = ? [pid 6452] <... exit_group resumed>) = ? [pid 6454] <... futex resumed>) = ? [pid 6453] +++ exited with 0 +++ [pid 6454] +++ exited with 0 +++ [pid 6452] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1376, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./458", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./458", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./458/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./458/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./458/cgroup.cpu") = 0 [pid 5063] umount2("./458/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./458/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./458/binderfs") = 0 [pid 5063] umount2("./458/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./458/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./458/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./458/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./458/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./458/file0") = 0 [pid 5063] umount2("./458/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./458/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./458/cgroup") = 0 [pid 5063] umount2("./458/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./458/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./458/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./458") = 0 [pid 5063] mkdir("./459", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6455 attached , child_tidptr=0x5555560b8690) = 1379 [pid 6455] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6455] chdir("./459") = 0 [pid 6455] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6455] setpgid(0, 0) = 0 [pid 6455] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6455] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6455] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6455] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6455] write(3, "1000", 4) = 4 [pid 6455] close(3) = 0 [pid 6455] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6455] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6455] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6455] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6455] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6455] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6455] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6455] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6456 attached => {parent_tid=[1380]}, 88) = 1380 [pid 6456] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6455] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6456] <... rseq resumed>) = 0 [pid 6455] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6456] set_robust_list(0x7eff0a34a9a0, 24 [pid 6455] <... futex resumed>) = 0 [pid 6456] <... set_robust_list resumed>) = 0 [pid 6455] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6456] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6456] memfd_create("syzkaller", 0) = 3 [pid 6456] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6456] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6456] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6456] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6456] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6456] close(3) = 0 [pid 6456] mkdir("./file0", 0777) = 0 [pid 6456] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6456] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6456] chdir("./file0") = 0 [pid 6456] ioctl(4, LOOP_CLR_FD) = 0 [pid 6456] close(4) = 0 [ 322.651239][ T6456] loop0: detected capacity change from 0 to 4096 [ 322.681181][ T6456] ntfs: volume version 3.1. [pid 6456] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6455] <... futex resumed>) = 0 [pid 6456] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6455] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6455] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6456] <... openat resumed>) = 4 [pid 6456] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6455] <... futex resumed>) = 0 [pid 6456] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6455] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6456] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6456] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6455] <... futex resumed>) = 0 [pid 6455] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6455] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6455] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6455] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6455] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6455] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6457 attached => {parent_tid=[1381]}, 88) = 1381 [pid 6457] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6455] rt_sigprocmask(SIG_SETMASK, [], [pid 6457] <... rseq resumed>) = 0 [pid 6455] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6457] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6455] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6457] rt_sigprocmask(SIG_SETMASK, [], [pid 6455] <... futex resumed>) = 0 [pid 6457] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6455] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6457] creat("./file1", 000) = 5 [pid 6456] <... write resumed>) = 1048064 [pid 6457] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6456] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6456] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6457] <... futex resumed>) = 1 [pid 6455] <... futex resumed>) = 0 [pid 6457] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6455] close(3) = 0 [pid 6455] close(4) = 0 [pid 6455] close(5) = 0 [pid 6455] close(6) = -1 EBADF (Bad file descriptor) [pid 6455] close(7) = -1 EBADF (Bad file descriptor) [pid 6455] close(8) = -1 EBADF (Bad file descriptor) [pid 6455] close(9) = -1 EBADF (Bad file descriptor) [pid 6455] close(10) = -1 EBADF (Bad file descriptor) [pid 6455] close(11) = -1 EBADF (Bad file descriptor) [pid 6455] close(12) = -1 EBADF (Bad file descriptor) [pid 6455] close(13) = -1 EBADF (Bad file descriptor) [pid 6455] close(14) = -1 EBADF (Bad file descriptor) [pid 6455] close(15) = -1 EBADF (Bad file descriptor) [pid 6455] close(16) = -1 EBADF (Bad file descriptor) [pid 6455] close(17) = -1 EBADF (Bad file descriptor) [pid 6455] close(18) = -1 EBADF (Bad file descriptor) [pid 6455] close(19) = -1 EBADF (Bad file descriptor) [pid 6455] close(20) = -1 EBADF (Bad file descriptor) [pid 6455] close(21) = -1 EBADF (Bad file descriptor) [pid 6455] close(22) = -1 EBADF (Bad file descriptor) [pid 6455] close(23) = -1 EBADF (Bad file descriptor) [pid 6455] close(24) = -1 EBADF (Bad file descriptor) [pid 6455] close(25) = -1 EBADF (Bad file descriptor) [pid 6455] close(26) = -1 EBADF (Bad file descriptor) [pid 6455] close(27) = -1 EBADF (Bad file descriptor) [pid 6455] close(28) = -1 EBADF (Bad file descriptor) [pid 6455] close(29) = -1 EBADF (Bad file descriptor) [pid 6455] exit_group(0 [pid 6456] <... futex resumed>) = ? [pid 6455] <... exit_group resumed>) = ? [pid 6457] <... futex resumed>) = ? [pid 6456] +++ exited with 0 +++ [pid 6457] +++ exited with 0 +++ [pid 6455] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1379, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] umount2("./459", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./459", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./459/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./459/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./459/cgroup.cpu") = 0 [pid 5063] umount2("./459/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./459/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./459/binderfs") = 0 [pid 5063] umount2("./459/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./459/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./459/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./459/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./459/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./459/file0") = 0 [pid 5063] umount2("./459/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./459/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./459/cgroup") = 0 [pid 5063] umount2("./459/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./459/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./459/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./459") = 0 [pid 5063] mkdir("./460", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6458 attached [pid 6458] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6458] chdir("./460" [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1382 [pid 6458] <... chdir resumed>) = 0 [pid 6458] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6458] setpgid(0, 0) = 0 [pid 6458] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6458] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6458] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6458] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6458] write(3, "1000", 4) = 4 [pid 6458] close(3) = 0 [pid 6458] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6458] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6458] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6458] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6458] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6458] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6459 attached => {parent_tid=[1383]}, 88) = 1383 [pid 6459] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6458] rt_sigprocmask(SIG_SETMASK, [], [pid 6459] set_robust_list(0x7eff0a34a9a0, 24 [pid 6458] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6459] <... set_robust_list resumed>) = 0 [pid 6459] rt_sigprocmask(SIG_SETMASK, [], [pid 6458] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6459] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6458] <... futex resumed>) = 0 [pid 6458] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6459] memfd_create("syzkaller", 0) = 3 [pid 6459] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6459] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6459] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6459] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6459] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6459] close(3) = 0 [pid 6459] mkdir("./file0", 0777) = 0 [pid 6459] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6459] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6459] chdir("./file0") = 0 [pid 6459] ioctl(4, LOOP_CLR_FD) = 0 [pid 6459] close(4) = 0 [pid 6459] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6458] <... futex resumed>) = 0 [pid 6458] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6459] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6458] <... futex resumed>) = 0 [pid 6458] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6459] <... openat resumed>) = 4 [pid 6459] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6458] <... futex resumed>) = 0 [pid 6459] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6458] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6459] <... futex resumed>) = 0 [pid 6458] <... futex resumed>) = 1 [pid 6459] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 323.149926][ T6459] loop0: detected capacity change from 0 to 4096 [ 323.170663][ T6459] ntfs: volume version 3.1. [pid 6458] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6458] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6458] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6458] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6458] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6458] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1384]}, 88) = 1384 [pid 6458] rt_sigprocmask(SIG_SETMASK, [], ./strace-static-x86_64: Process 6460 attached [pid 6460] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6458] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6460] <... rseq resumed>) = 0 [pid 6460] set_robust_list(0x7eff0a3299a0, 24 [pid 6458] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6460] <... set_robust_list resumed>) = 0 [pid 6460] rt_sigprocmask(SIG_SETMASK, [], [pid 6458] <... futex resumed>) = 0 [pid 6460] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6458] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6460] creat("./file1", 000) = 5 [pid 6460] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6460] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6459] <... write resumed>) = 1048064 [pid 6458] <... futex resumed>) = 0 [pid 6459] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6459] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6458] close(3) = 0 [pid 6458] close(4) = 0 [pid 6458] close(5) = 0 [pid 6458] close(6) = -1 EBADF (Bad file descriptor) [pid 6458] close(7) = -1 EBADF (Bad file descriptor) [pid 6458] close(8) = -1 EBADF (Bad file descriptor) [pid 6458] close(9) = -1 EBADF (Bad file descriptor) [pid 6458] close(10) = -1 EBADF (Bad file descriptor) [pid 6458] close(11) = -1 EBADF (Bad file descriptor) [pid 6458] close(12) = -1 EBADF (Bad file descriptor) [pid 6458] close(13) = -1 EBADF (Bad file descriptor) [pid 6458] close(14) = -1 EBADF (Bad file descriptor) [pid 6458] close(15) = -1 EBADF (Bad file descriptor) [pid 6458] close(16) = -1 EBADF (Bad file descriptor) [pid 6458] close(17) = -1 EBADF (Bad file descriptor) [pid 6458] close(18) = -1 EBADF (Bad file descriptor) [pid 6458] close(19) = -1 EBADF (Bad file descriptor) [pid 6458] close(20) = -1 EBADF (Bad file descriptor) [pid 6458] close(21) = -1 EBADF (Bad file descriptor) [pid 6458] close(22) = -1 EBADF (Bad file descriptor) [pid 6458] close(23) = -1 EBADF (Bad file descriptor) [pid 6458] close(24) = -1 EBADF (Bad file descriptor) [pid 6458] close(25) = -1 EBADF (Bad file descriptor) [pid 6458] close(26) = -1 EBADF (Bad file descriptor) [pid 6458] close(27) = -1 EBADF (Bad file descriptor) [pid 6458] close(28) = -1 EBADF (Bad file descriptor) [pid 6458] close(29) = -1 EBADF (Bad file descriptor) [pid 6458] exit_group(0) = ? [pid 6460] <... futex resumed>) = ? [pid 6459] <... futex resumed>) = ? [pid 6460] +++ exited with 0 +++ [pid 6459] +++ exited with 0 +++ [pid 6458] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1382, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./460", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./460", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./460/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./460/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./460/cgroup.cpu") = 0 [pid 5063] umount2("./460/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./460/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./460/binderfs") = 0 [pid 5063] umount2("./460/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./460/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./460/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./460/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./460/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./460/file0") = 0 [pid 5063] umount2("./460/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./460/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./460/cgroup") = 0 [pid 5063] umount2("./460/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./460/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./460/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./460") = 0 [pid 5063] mkdir("./461", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1385 ./strace-static-x86_64: Process 6461 attached [pid 6461] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6461] chdir("./461") = 0 [pid 6461] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6461] setpgid(0, 0) = 0 [pid 6461] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6461] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6461] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6461] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6461] write(3, "1000", 4) = 4 [pid 6461] close(3) = 0 [pid 6461] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6461] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6461] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6461] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6461] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6461] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6461] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6461] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6462 attached [pid 6462] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6461] <... clone3 resumed> => {parent_tid=[1386]}, 88) = 1386 [pid 6462] <... rseq resumed>) = 0 [pid 6461] rt_sigprocmask(SIG_SETMASK, [], [pid 6462] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6461] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6462] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6461] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6461] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6462] memfd_create("syzkaller", 0) = 3 [pid 6462] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6462] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6462] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6462] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6462] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6462] close(3) = 0 [pid 6462] mkdir("./file0", 0777) = 0 [pid 6462] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6462] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6462] chdir("./file0") = 0 [pid 6462] ioctl(4, LOOP_CLR_FD) = 0 [pid 6462] close(4) = 0 [pid 6462] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6461] <... futex resumed>) = 0 [pid 6462] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6461] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6462] <... futex resumed>) = 0 [pid 6461] <... futex resumed>) = 1 [pid 6462] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6461] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6462] <... openat resumed>) = 4 [pid 6462] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6461] <... futex resumed>) = 0 [pid 6462] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6461] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6462] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6461] <... futex resumed>) = 0 [ 323.739754][ T6462] loop0: detected capacity change from 0 to 4096 [ 323.770481][ T6462] ntfs: volume version 3.1. [pid 6461] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6461] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6461] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6461] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6461] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6461] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6463 attached [pid 6463] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6462] <... write resumed>) = 1048064 [pid 6461] <... clone3 resumed> => {parent_tid=[1387]}, 88) = 1387 [pid 6462] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6463] <... rseq resumed>) = 0 [pid 6462] <... futex resumed>) = 0 [pid 6461] rt_sigprocmask(SIG_SETMASK, [], [pid 6463] set_robust_list(0x7eff0a3299a0, 24 [pid 6462] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6461] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6463] <... set_robust_list resumed>) = 0 [pid 6461] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6463] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6461] <... futex resumed>) = 0 [pid 6461] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6463] creat("./file1", 000) = 5 [pid 6463] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6461] <... futex resumed>) = 0 [pid 6461] close(3 [pid 6463] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6461] <... close resumed>) = 0 [pid 6461] close(4) = 0 [pid 6461] close(5) = 0 [pid 6461] close(6) = -1 EBADF (Bad file descriptor) [pid 6461] close(7) = -1 EBADF (Bad file descriptor) [pid 6461] close(8) = -1 EBADF (Bad file descriptor) [pid 6461] close(9) = -1 EBADF (Bad file descriptor) [pid 6461] close(10) = -1 EBADF (Bad file descriptor) [pid 6461] close(11) = -1 EBADF (Bad file descriptor) [pid 6461] close(12) = -1 EBADF (Bad file descriptor) [pid 6461] close(13) = -1 EBADF (Bad file descriptor) [pid 6461] close(14) = -1 EBADF (Bad file descriptor) [pid 6461] close(15) = -1 EBADF (Bad file descriptor) [pid 6461] close(16) = -1 EBADF (Bad file descriptor) [pid 6461] close(17) = -1 EBADF (Bad file descriptor) [pid 6461] close(18) = -1 EBADF (Bad file descriptor) [pid 6461] close(19) = -1 EBADF (Bad file descriptor) [pid 6461] close(20) = -1 EBADF (Bad file descriptor) [pid 6461] close(21) = -1 EBADF (Bad file descriptor) [pid 6461] close(22) = -1 EBADF (Bad file descriptor) [pid 6461] close(23) = -1 EBADF (Bad file descriptor) [pid 6461] close(24) = -1 EBADF (Bad file descriptor) [pid 6461] close(25) = -1 EBADF (Bad file descriptor) [pid 6461] close(26) = -1 EBADF (Bad file descriptor) [pid 6461] close(27) = -1 EBADF (Bad file descriptor) [pid 6461] close(28) = -1 EBADF (Bad file descriptor) [pid 6461] close(29) = -1 EBADF (Bad file descriptor) [pid 6461] exit_group(0) = ? [pid 6463] <... futex resumed>) = ? [pid 6462] <... futex resumed>) = ? [pid 6463] +++ exited with 0 +++ [pid 6462] +++ exited with 0 +++ [pid 6461] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1385, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./461", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./461", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./461/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./461/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./461/cgroup.cpu") = 0 [pid 5063] umount2("./461/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./461/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./461/binderfs") = 0 [pid 5063] umount2("./461/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./461/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./461/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./461/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./461/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./461/file0") = 0 [pid 5063] umount2("./461/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./461/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./461/cgroup") = 0 [pid 5063] umount2("./461/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./461/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./461/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./461") = 0 [pid 5063] mkdir("./462", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6464 attached , child_tidptr=0x5555560b8690) = 1388 [pid 6464] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6464] chdir("./462") = 0 [pid 6464] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6464] setpgid(0, 0) = 0 [pid 6464] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6464] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6464] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6464] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6464] write(3, "1000", 4) = 4 [pid 6464] close(3) = 0 [pid 6464] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6464] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6464] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6464] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6464] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6464] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6464] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6464] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6465 attached [pid 6465] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6464] <... clone3 resumed> => {parent_tid=[1389]}, 88) = 1389 [pid 6465] <... rseq resumed>) = 0 [pid 6464] rt_sigprocmask(SIG_SETMASK, [], [pid 6465] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6464] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6465] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6464] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6464] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6465] memfd_create("syzkaller", 0) = 3 [pid 6465] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6465] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6465] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6465] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6465] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6465] close(3) = 0 [pid 6465] mkdir("./file0", 0777) = 0 [pid 6465] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6465] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6465] chdir("./file0") = 0 [pid 6465] ioctl(4, LOOP_CLR_FD) = 0 [pid 6465] close(4) = 0 [pid 6465] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6464] <... futex resumed>) = 0 [pid 6465] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6464] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6465] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6464] <... futex resumed>) = 0 [pid 6465] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6464] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6465] <... openat resumed>) = 4 [pid 6465] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6464] <... futex resumed>) = 0 [pid 6465] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6464] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6465] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6464] <... futex resumed>) = 0 [pid 6465] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 324.419257][ T6465] loop0: detected capacity change from 0 to 4096 [ 324.435450][ T6465] ntfs: volume version 3.1. [pid 6464] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6464] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6464] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6464] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6464] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6464] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6466 attached => {parent_tid=[1390]}, 88) = 1390 [pid 6466] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6464] rt_sigprocmask(SIG_SETMASK, [], [pid 6466] <... rseq resumed>) = 0 [pid 6464] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6466] set_robust_list(0x7eff0a3299a0, 24 [pid 6464] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6466] <... set_robust_list resumed>) = 0 [pid 6466] rt_sigprocmask(SIG_SETMASK, [], [pid 6464] <... futex resumed>) = 0 [pid 6466] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6466] creat("./file1", 000 [pid 6464] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6466] <... creat resumed>) = 5 [pid 6465] <... write resumed>) = 1048064 [pid 6465] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6465] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6466] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6464] <... futex resumed>) = 0 [pid 6464] close(3) = 0 [pid 6466] <... futex resumed>) = 1 [pid 6464] close(4 [pid 6466] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6464] <... close resumed>) = 0 [pid 6464] close(5) = 0 [pid 6464] close(6) = -1 EBADF (Bad file descriptor) [pid 6464] close(7) = -1 EBADF (Bad file descriptor) [pid 6464] close(8) = -1 EBADF (Bad file descriptor) [pid 6464] close(9) = -1 EBADF (Bad file descriptor) [pid 6464] close(10) = -1 EBADF (Bad file descriptor) [pid 6464] close(11) = -1 EBADF (Bad file descriptor) [pid 6464] close(12) = -1 EBADF (Bad file descriptor) [pid 6464] close(13) = -1 EBADF (Bad file descriptor) [pid 6464] close(14) = -1 EBADF (Bad file descriptor) [pid 6464] close(15) = -1 EBADF (Bad file descriptor) [pid 6464] close(16) = -1 EBADF (Bad file descriptor) [pid 6464] close(17) = -1 EBADF (Bad file descriptor) [pid 6464] close(18) = -1 EBADF (Bad file descriptor) [pid 6464] close(19) = -1 EBADF (Bad file descriptor) [pid 6464] close(20) = -1 EBADF (Bad file descriptor) [pid 6464] close(21) = -1 EBADF (Bad file descriptor) [pid 6464] close(22) = -1 EBADF (Bad file descriptor) [pid 6464] close(23) = -1 EBADF (Bad file descriptor) [pid 6464] close(24) = -1 EBADF (Bad file descriptor) [pid 6464] close(25) = -1 EBADF (Bad file descriptor) [pid 6464] close(26) = -1 EBADF (Bad file descriptor) [pid 6464] close(27) = -1 EBADF (Bad file descriptor) [pid 6464] close(28) = -1 EBADF (Bad file descriptor) [pid 6464] close(29) = -1 EBADF (Bad file descriptor) [pid 6464] exit_group(0) = ? [pid 6466] <... futex resumed>) = ? [pid 6465] <... futex resumed>) = ? [pid 6466] +++ exited with 0 +++ [pid 6465] +++ exited with 0 +++ [pid 6464] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1388, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./462", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./462", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./462/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./462/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./462/cgroup.cpu") = 0 [pid 5063] umount2("./462/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./462/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./462/binderfs") = 0 [pid 5063] umount2("./462/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./462/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./462/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./462/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./462/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./462/file0") = 0 [pid 5063] umount2("./462/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./462/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./462/cgroup") = 0 [pid 5063] umount2("./462/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./462/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./462/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./462") = 0 [pid 5063] mkdir("./463", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6467 attached , child_tidptr=0x5555560b8690) = 1391 [pid 6467] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6467] chdir("./463") = 0 [pid 6467] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6467] setpgid(0, 0) = 0 [pid 6467] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6467] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6467] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6467] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6467] write(3, "1000", 4) = 4 [pid 6467] close(3) = 0 [pid 6467] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6467] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6467] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6467] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6467] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6467] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6467] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6467] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6468 attached => {parent_tid=[1392]}, 88) = 1392 [pid 6468] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6468] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6468] rt_sigprocmask(SIG_SETMASK, [], [pid 6467] rt_sigprocmask(SIG_SETMASK, [], [pid 6468] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6468] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6467] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6467] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6468] <... futex resumed>) = 0 [pid 6467] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6468] memfd_create("syzkaller", 0) = 3 [pid 6468] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6468] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6468] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6468] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6468] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6468] close(3) = 0 [pid 6468] mkdir("./file0", 0777) = 0 [ 324.914361][ T6468] loop0: detected capacity change from 0 to 4096 [ 324.927541][ T6468] __ntfs_warning: 170 callbacks suppressed [ 324.933494][ T6468] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 324.954345][ T6468] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 324.963959][ T6468] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 324.980228][ T6468] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 324.989002][ T6468] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 325.009068][ T6468] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 325.017822][ T6468] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 325.038003][ T6468] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6468] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6468] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6468] chdir("./file0") = 0 [pid 6468] ioctl(4, LOOP_CLR_FD) = 0 [pid 6468] close(4) = 0 [pid 6468] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6467] <... futex resumed>) = 0 [pid 6468] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6467] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6468] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6467] <... futex resumed>) = 0 [pid 6468] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6467] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6468] <... openat resumed>) = 4 [pid 6468] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6467] <... futex resumed>) = 0 [pid 6468] <... futex resumed>) = 1 [pid 6467] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [ 325.046773][ T6468] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 325.066799][ T6468] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 325.077409][ T6468] ntfs: volume version 3.1. [pid 6468] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6467] <... futex resumed>) = 0 [pid 6467] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6467] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6467] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6467] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6467] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6467] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6469 attached [pid 6469] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6467] <... clone3 resumed> => {parent_tid=[1393]}, 88) = 1393 [pid 6469] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6469] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6469] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6467] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6467] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6469] <... futex resumed>) = 0 [pid 6469] creat("./file1", 000 [pid 6467] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6469] <... creat resumed>) = 5 [pid 6468] <... write resumed>) = 1048064 [pid 6469] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6467] <... futex resumed>) = 0 [pid 6469] <... futex resumed>) = 1 [pid 6468] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6469] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6468] <... futex resumed>) = 0 [pid 6467] close(3 [pid 6468] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6467] <... close resumed>) = 0 [pid 6467] close(4) = 0 [pid 6467] close(5) = 0 [pid 6467] close(6) = -1 EBADF (Bad file descriptor) [pid 6467] close(7) = -1 EBADF (Bad file descriptor) [pid 6467] close(8) = -1 EBADF (Bad file descriptor) [pid 6467] close(9) = -1 EBADF (Bad file descriptor) [pid 6467] close(10) = -1 EBADF (Bad file descriptor) [pid 6467] close(11) = -1 EBADF (Bad file descriptor) [pid 6467] close(12) = -1 EBADF (Bad file descriptor) [pid 6467] close(13) = -1 EBADF (Bad file descriptor) [pid 6467] close(14) = -1 EBADF (Bad file descriptor) [pid 6467] close(15) = -1 EBADF (Bad file descriptor) [pid 6467] close(16) = -1 EBADF (Bad file descriptor) [pid 6467] close(17) = -1 EBADF (Bad file descriptor) [pid 6467] close(18) = -1 EBADF (Bad file descriptor) [pid 6467] close(19) = -1 EBADF (Bad file descriptor) [pid 6467] close(20) = -1 EBADF (Bad file descriptor) [pid 6467] close(21) = -1 EBADF (Bad file descriptor) [pid 6467] close(22) = -1 EBADF (Bad file descriptor) [pid 6467] close(23) = -1 EBADF (Bad file descriptor) [pid 6467] close(24) = -1 EBADF (Bad file descriptor) [pid 6467] close(25) = -1 EBADF (Bad file descriptor) [pid 6467] close(26) = -1 EBADF (Bad file descriptor) [pid 6467] close(27) = -1 EBADF (Bad file descriptor) [pid 6467] close(28) = -1 EBADF (Bad file descriptor) [pid 6467] close(29) = -1 EBADF (Bad file descriptor) [pid 6467] exit_group(0 [pid 6469] <... futex resumed>) = ? [pid 6468] <... futex resumed>) = ? [pid 6467] <... exit_group resumed>) = ? [pid 6469] +++ exited with 0 +++ [pid 6468] +++ exited with 0 +++ [pid 6467] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1391, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=25 /* 0.25 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./463", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./463", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./463/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./463/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./463/cgroup.cpu") = 0 [pid 5063] umount2("./463/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./463/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./463/binderfs") = 0 [pid 5063] umount2("./463/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./463/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./463/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./463/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./463/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./463/file0") = 0 [pid 5063] umount2("./463/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./463/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./463/cgroup") = 0 [pid 5063] umount2("./463/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./463/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./463/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./463") = 0 [pid 5063] mkdir("./464", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6470 attached , child_tidptr=0x5555560b8690) = 1394 [pid 6470] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6470] chdir("./464") = 0 [pid 6470] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6470] setpgid(0, 0) = 0 [pid 6470] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6470] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6470] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6470] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6470] write(3, "1000", 4) = 4 [pid 6470] close(3) = 0 [pid 6470] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6470] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6470] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6470] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6470] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6470] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6470] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6470] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6471 attached => {parent_tid=[1395]}, 88) = 1395 [pid 6471] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6470] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6470] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6470] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6471] <... rseq resumed>) = 0 [pid 6471] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6471] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6471] memfd_create("syzkaller", 0) = 3 [pid 6471] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6471] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6471] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6471] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6471] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6471] close(3) = 0 [pid 6471] mkdir("./file0", 0777) = 0 [pid 6471] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6471] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6471] chdir("./file0") = 0 [pid 6471] ioctl(4, LOOP_CLR_FD) = 0 [pid 6471] close(4) = 0 [pid 6471] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6470] <... futex resumed>) = 0 [pid 6471] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6470] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6470] <... futex resumed>) = 0 [pid 6471] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6470] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6471] <... openat resumed>) = 4 [pid 6471] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6470] <... futex resumed>) = 0 [pid 6471] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6470] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6471] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6470] <... futex resumed>) = 0 [pid 6471] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 325.641750][ T6471] loop0: detected capacity change from 0 to 4096 [ 325.661704][ T6471] ntfs: volume version 3.1. [pid 6470] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6470] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6470] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6470] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6470] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6470] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6472 attached => {parent_tid=[1396]}, 88) = 1396 [pid 6470] rt_sigprocmask(SIG_SETMASK, [], [pid 6472] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6470] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6472] <... rseq resumed>) = 0 [pid 6470] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6470] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6472] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6472] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6472] creat("./file1", 000) = 5 [pid 6471] <... write resumed>) = 1048064 [pid 6472] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6471] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6471] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6472] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6470] <... futex resumed>) = 0 [pid 6470] close(3) = 0 [pid 6470] close(4) = 0 [pid 6470] close(5) = 0 [pid 6470] close(6) = -1 EBADF (Bad file descriptor) [pid 6470] close(7) = -1 EBADF (Bad file descriptor) [pid 6470] close(8) = -1 EBADF (Bad file descriptor) [pid 6470] close(9) = -1 EBADF (Bad file descriptor) [pid 6470] close(10) = -1 EBADF (Bad file descriptor) [pid 6470] close(11) = -1 EBADF (Bad file descriptor) [pid 6470] close(12) = -1 EBADF (Bad file descriptor) [pid 6470] close(13) = -1 EBADF (Bad file descriptor) [pid 6470] close(14) = -1 EBADF (Bad file descriptor) [pid 6470] close(15) = -1 EBADF (Bad file descriptor) [pid 6470] close(16) = -1 EBADF (Bad file descriptor) [pid 6470] close(17) = -1 EBADF (Bad file descriptor) [pid 6470] close(18) = -1 EBADF (Bad file descriptor) [pid 6470] close(19) = -1 EBADF (Bad file descriptor) [pid 6470] close(20) = -1 EBADF (Bad file descriptor) [pid 6470] close(21) = -1 EBADF (Bad file descriptor) [pid 6470] close(22) = -1 EBADF (Bad file descriptor) [pid 6470] close(23) = -1 EBADF (Bad file descriptor) [pid 6470] close(24) = -1 EBADF (Bad file descriptor) [pid 6470] close(25) = -1 EBADF (Bad file descriptor) [pid 6470] close(26) = -1 EBADF (Bad file descriptor) [pid 6470] close(27) = -1 EBADF (Bad file descriptor) [pid 6470] close(28) = -1 EBADF (Bad file descriptor) [pid 6470] close(29) = -1 EBADF (Bad file descriptor) [pid 6470] exit_group(0 [pid 6472] <... futex resumed>) = ? [pid 6471] <... futex resumed>) = ? [pid 6470] <... exit_group resumed>) = ? [pid 6471] +++ exited with 0 +++ [pid 6472] +++ exited with 0 +++ [pid 6470] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1394, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./464", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./464", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./464/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./464/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./464/cgroup.cpu") = 0 [pid 5063] umount2("./464/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./464/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./464/binderfs") = 0 [pid 5063] umount2("./464/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./464/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./464/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./464/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./464/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./464/file0") = 0 [pid 5063] umount2("./464/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./464/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./464/cgroup") = 0 [pid 5063] umount2("./464/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./464/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./464/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./464") = 0 [pid 5063] mkdir("./465", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1397 ./strace-static-x86_64: Process 6473 attached [pid 6473] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6473] chdir("./465") = 0 [pid 6473] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6473] setpgid(0, 0) = 0 [pid 6473] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6473] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6473] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6473] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6473] write(3, "1000", 4) = 4 [pid 6473] close(3) = 0 [pid 6473] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6473] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6473] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6473] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6473] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6473] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6473] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6473] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6474 attached => {parent_tid=[1398]}, 88) = 1398 [pid 6474] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6474] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6474] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6473] rt_sigprocmask(SIG_SETMASK, [], [pid 6474] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6473] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6473] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6474] <... futex resumed>) = 0 [pid 6473] <... futex resumed>) = 1 [pid 6473] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6474] memfd_create("syzkaller", 0) = 3 [pid 6474] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6474] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6474] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6474] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6474] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6474] close(3) = 0 [pid 6474] mkdir("./file0", 0777) = 0 [pid 6474] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6474] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6474] chdir("./file0") = 0 [pid 6474] ioctl(4, LOOP_CLR_FD) = 0 [pid 6474] close(4) = 0 [pid 6474] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6473] <... futex resumed>) = 0 [pid 6474] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6473] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6474] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6473] <... futex resumed>) = 0 [pid 6473] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6474] <... openat resumed>) = 4 [ 326.206557][ T6474] loop0: detected capacity change from 0 to 4096 [ 326.227552][ T6474] ntfs: volume version 3.1. [pid 6474] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6474] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6473] <... futex resumed>) = 0 [pid 6473] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6474] <... futex resumed>) = 0 [pid 6474] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6473] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6473] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6473] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6473] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6473] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6473] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6475 attached [pid 6475] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6473] <... clone3 resumed> => {parent_tid=[1399]}, 88) = 1399 [pid 6475] <... rseq resumed>) = 0 [pid 6473] rt_sigprocmask(SIG_SETMASK, [], [pid 6475] set_robust_list(0x7eff0a3299a0, 24 [pid 6473] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6473] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6475] <... set_robust_list resumed>) = 0 [pid 6473] <... futex resumed>) = 0 [pid 6473] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6475] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6475] creat("./file1", 000) = 5 [pid 6475] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6473] <... futex resumed>) = 0 [pid 6475] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6474] <... write resumed>) = 1048064 [pid 6474] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6474] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6473] close(3) = 0 [pid 6473] close(4) = 0 [pid 6473] close(5) = 0 [pid 6473] close(6) = -1 EBADF (Bad file descriptor) [pid 6473] close(7) = -1 EBADF (Bad file descriptor) [pid 6473] close(8) = -1 EBADF (Bad file descriptor) [pid 6473] close(9) = -1 EBADF (Bad file descriptor) [pid 6473] close(10) = -1 EBADF (Bad file descriptor) [pid 6473] close(11) = -1 EBADF (Bad file descriptor) [pid 6473] close(12) = -1 EBADF (Bad file descriptor) [pid 6473] close(13) = -1 EBADF (Bad file descriptor) [pid 6473] close(14) = -1 EBADF (Bad file descriptor) [pid 6473] close(15) = -1 EBADF (Bad file descriptor) [pid 6473] close(16) = -1 EBADF (Bad file descriptor) [pid 6473] close(17) = -1 EBADF (Bad file descriptor) [pid 6473] close(18) = -1 EBADF (Bad file descriptor) [pid 6473] close(19) = -1 EBADF (Bad file descriptor) [pid 6473] close(20) = -1 EBADF (Bad file descriptor) [pid 6473] close(21) = -1 EBADF (Bad file descriptor) [pid 6473] close(22) = -1 EBADF (Bad file descriptor) [pid 6473] close(23) = -1 EBADF (Bad file descriptor) [pid 6473] close(24) = -1 EBADF (Bad file descriptor) [pid 6473] close(25) = -1 EBADF (Bad file descriptor) [pid 6473] close(26) = -1 EBADF (Bad file descriptor) [pid 6473] close(27) = -1 EBADF (Bad file descriptor) [pid 6473] close(28) = -1 EBADF (Bad file descriptor) [pid 6473] close(29) = -1 EBADF (Bad file descriptor) [pid 6473] exit_group(0) = ? [pid 6475] <... futex resumed>) = ? [pid 6474] <... futex resumed>) = ? [pid 6474] +++ exited with 0 +++ [pid 6475] +++ exited with 0 +++ [pid 6473] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1397, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./465", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./465", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./465/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./465/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./465/cgroup.cpu") = 0 [pid 5063] umount2("./465/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./465/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./465/binderfs") = 0 [pid 5063] umount2("./465/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./465/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./465/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./465/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./465/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./465/file0") = 0 [pid 5063] umount2("./465/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./465/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./465/cgroup") = 0 [pid 5063] umount2("./465/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./465/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./465/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./465") = 0 [pid 5063] mkdir("./466", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6476 attached , child_tidptr=0x5555560b8690) = 1400 [pid 6476] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6476] chdir("./466") = 0 [pid 6476] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6476] setpgid(0, 0) = 0 [pid 6476] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6476] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6476] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6476] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6476] write(3, "1000", 4) = 4 [pid 6476] close(3) = 0 [pid 6476] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6476] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6476] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6476] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6476] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6476] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6476] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6476] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6477 attached => {parent_tid=[1401]}, 88) = 1401 [pid 6477] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6476] rt_sigprocmask(SIG_SETMASK, [], [pid 6477] <... rseq resumed>) = 0 [pid 6476] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6477] set_robust_list(0x7eff0a34a9a0, 24 [pid 6476] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6477] <... set_robust_list resumed>) = 0 [pid 6477] rt_sigprocmask(SIG_SETMASK, [], [pid 6476] <... futex resumed>) = 0 [pid 6476] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6477] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6477] memfd_create("syzkaller", 0) = 3 [pid 6477] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6477] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6477] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6477] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6477] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6477] close(3) = 0 [pid 6477] mkdir("./file0", 0777) = 0 [pid 6477] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6477] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6477] chdir("./file0") = 0 [pid 6477] ioctl(4, LOOP_CLR_FD) = 0 [pid 6477] close(4) = 0 [ 326.717514][ T6477] loop0: detected capacity change from 0 to 4096 [ 326.736692][ T6477] ntfs: volume version 3.1. [pid 6477] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6476] <... futex resumed>) = 0 [pid 6477] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6476] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6477] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6476] <... futex resumed>) = 0 [pid 6477] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6476] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6477] <... openat resumed>) = 4 [pid 6477] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6476] <... futex resumed>) = 0 [pid 6477] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6476] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6477] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6476] <... futex resumed>) = 0 [pid 6477] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6476] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6476] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6476] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6476] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6476] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6476] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6478 attached => {parent_tid=[1402]}, 88) = 1402 [pid 6478] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6476] rt_sigprocmask(SIG_SETMASK, [], [pid 6478] <... rseq resumed>) = 0 [pid 6476] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6478] set_robust_list(0x7eff0a3299a0, 24 [pid 6476] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6478] <... set_robust_list resumed>) = 0 [pid 6476] <... futex resumed>) = 0 [pid 6478] rt_sigprocmask(SIG_SETMASK, [], [pid 6476] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6478] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6478] creat("./file1", 000) = 5 [pid 6478] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6478] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6477] <... write resumed>) = 1048064 [pid 6476] <... futex resumed>) = 0 [pid 6477] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6476] close(3) = 0 [pid 6476] close(4) = 0 [pid 6477] <... futex resumed>) = 0 [pid 6477] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6476] close(5) = 0 [pid 6476] close(6) = -1 EBADF (Bad file descriptor) [pid 6476] close(7) = -1 EBADF (Bad file descriptor) [pid 6476] close(8) = -1 EBADF (Bad file descriptor) [pid 6476] close(9) = -1 EBADF (Bad file descriptor) [pid 6476] close(10) = -1 EBADF (Bad file descriptor) [pid 6476] close(11) = -1 EBADF (Bad file descriptor) [pid 6476] close(12) = -1 EBADF (Bad file descriptor) [pid 6476] close(13) = -1 EBADF (Bad file descriptor) [pid 6476] close(14) = -1 EBADF (Bad file descriptor) [pid 6476] close(15) = -1 EBADF (Bad file descriptor) [pid 6476] close(16) = -1 EBADF (Bad file descriptor) [pid 6476] close(17) = -1 EBADF (Bad file descriptor) [pid 6476] close(18) = -1 EBADF (Bad file descriptor) [pid 6476] close(19) = -1 EBADF (Bad file descriptor) [pid 6476] close(20) = -1 EBADF (Bad file descriptor) [pid 6476] close(21) = -1 EBADF (Bad file descriptor) [pid 6476] close(22) = -1 EBADF (Bad file descriptor) [pid 6476] close(23) = -1 EBADF (Bad file descriptor) [pid 6476] close(24) = -1 EBADF (Bad file descriptor) [pid 6476] close(25) = -1 EBADF (Bad file descriptor) [pid 6476] close(26) = -1 EBADF (Bad file descriptor) [pid 6476] close(27) = -1 EBADF (Bad file descriptor) [pid 6476] close(28) = -1 EBADF (Bad file descriptor) [pid 6476] close(29) = -1 EBADF (Bad file descriptor) [pid 6476] exit_group(0 [pid 6477] <... futex resumed>) = ? [pid 6476] <... exit_group resumed>) = ? [pid 6478] <... futex resumed>) = ? [pid 6478] +++ exited with 0 +++ [pid 6477] +++ exited with 0 +++ [pid 6476] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1400, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./466", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./466", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./466/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./466/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./466/cgroup.cpu") = 0 [pid 5063] umount2("./466/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./466/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./466/binderfs") = 0 [pid 5063] umount2("./466/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./466/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./466/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./466/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./466/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./466/file0") = 0 [pid 5063] umount2("./466/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./466/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./466/cgroup") = 0 [pid 5063] umount2("./466/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./466/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./466/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./466") = 0 [pid 5063] mkdir("./467", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6479 attached , child_tidptr=0x5555560b8690) = 1403 [pid 6479] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6479] chdir("./467") = 0 [pid 6479] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6479] setpgid(0, 0) = 0 [pid 6479] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6479] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6479] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6479] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6479] write(3, "1000", 4) = 4 [pid 6479] close(3) = 0 [pid 6479] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6479] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6479] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6479] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6479] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6479] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6479] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6479] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6480 attached => {parent_tid=[1404]}, 88) = 1404 [pid 6480] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6479] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6479] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6479] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6480] <... rseq resumed>) = 0 [pid 6480] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6480] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6480] memfd_create("syzkaller", 0) = 3 [pid 6480] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6480] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6480] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6480] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6480] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6480] close(3) = 0 [pid 6480] mkdir("./file0", 0777) = 0 [pid 6480] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6480] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6480] chdir("./file0") = 0 [pid 6480] ioctl(4, LOOP_CLR_FD) = 0 [ 327.270789][ T6480] loop0: detected capacity change from 0 to 4096 [ 327.290781][ T6480] ntfs: volume version 3.1. [pid 6480] close(4) = 0 [pid 6480] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6479] <... futex resumed>) = 0 [pid 6480] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6479] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6479] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6480] <... openat resumed>) = 4 [pid 6480] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6479] <... futex resumed>) = 0 [pid 6480] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6479] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6479] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6480] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6480] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6479] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6479] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6479] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6479] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6479] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6479] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6481 attached => {parent_tid=[1405]}, 88) = 1405 [pid 6481] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6479] rt_sigprocmask(SIG_SETMASK, [], [pid 6481] set_robust_list(0x7eff0a3299a0, 24 [pid 6479] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6481] <... set_robust_list resumed>) = 0 [pid 6481] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6479] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6481] creat("./file1", 000 [pid 6479] <... futex resumed>) = 0 [pid 6479] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6481] <... creat resumed>) = 5 [pid 6481] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6480] <... write resumed>) = 1048064 [pid 6481] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6480] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6479] <... futex resumed>) = 0 [pid 6480] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6479] close(3) = 0 [pid 6479] close(4) = 0 [pid 6479] close(5) = 0 [pid 6479] close(6) = -1 EBADF (Bad file descriptor) [pid 6479] close(7) = -1 EBADF (Bad file descriptor) [pid 6479] close(8) = -1 EBADF (Bad file descriptor) [pid 6479] close(9) = -1 EBADF (Bad file descriptor) [pid 6479] close(10) = -1 EBADF (Bad file descriptor) [pid 6479] close(11) = -1 EBADF (Bad file descriptor) [pid 6479] close(12) = -1 EBADF (Bad file descriptor) [pid 6479] close(13) = -1 EBADF (Bad file descriptor) [pid 6479] close(14) = -1 EBADF (Bad file descriptor) [pid 6479] close(15) = -1 EBADF (Bad file descriptor) [pid 6479] close(16) = -1 EBADF (Bad file descriptor) [pid 6479] close(17) = -1 EBADF (Bad file descriptor) [pid 6479] close(18) = -1 EBADF (Bad file descriptor) [pid 6479] close(19) = -1 EBADF (Bad file descriptor) [pid 6479] close(20) = -1 EBADF (Bad file descriptor) [pid 6479] close(21) = -1 EBADF (Bad file descriptor) [pid 6479] close(22) = -1 EBADF (Bad file descriptor) [pid 6479] close(23) = -1 EBADF (Bad file descriptor) [pid 6479] close(24) = -1 EBADF (Bad file descriptor) [pid 6479] close(25) = -1 EBADF (Bad file descriptor) [pid 6479] close(26) = -1 EBADF (Bad file descriptor) [pid 6479] close(27) = -1 EBADF (Bad file descriptor) [pid 6479] close(28) = -1 EBADF (Bad file descriptor) [pid 6479] close(29) = -1 EBADF (Bad file descriptor) [pid 6479] exit_group(0) = ? [pid 6481] <... futex resumed>) = ? [pid 6480] <... futex resumed>) = ? [pid 6481] +++ exited with 0 +++ [pid 6480] +++ exited with 0 +++ [pid 6479] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1403, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./467", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./467", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./467/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./467/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./467/cgroup.cpu") = 0 [pid 5063] umount2("./467/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./467/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./467/binderfs") = 0 [pid 5063] umount2("./467/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./467/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./467/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./467/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./467/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./467/file0") = 0 [pid 5063] umount2("./467/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./467/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./467/cgroup") = 0 [pid 5063] umount2("./467/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./467/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./467/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./467") = 0 [pid 5063] mkdir("./468", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6482 attached , child_tidptr=0x5555560b8690) = 1406 [pid 6482] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6482] chdir("./468") = 0 [pid 6482] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6482] setpgid(0, 0) = 0 [pid 6482] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6482] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6482] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6482] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6482] write(3, "1000", 4) = 4 [pid 6482] close(3) = 0 [pid 6482] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6482] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6482] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6482] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6482] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6482] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6482] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6482] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6483 attached => {parent_tid=[1407]}, 88) = 1407 [pid 6483] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6482] rt_sigprocmask(SIG_SETMASK, [], [pid 6483] <... rseq resumed>) = 0 [pid 6482] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6483] set_robust_list(0x7eff0a34a9a0, 24 [pid 6482] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6483] <... set_robust_list resumed>) = 0 [pid 6483] rt_sigprocmask(SIG_SETMASK, [], [pid 6482] <... futex resumed>) = 0 [pid 6483] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6482] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6483] memfd_create("syzkaller", 0) = 3 [pid 6483] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6483] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6483] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6483] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6483] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6483] close(3) = 0 [pid 6483] mkdir("./file0", 0777) = 0 [pid 6483] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6483] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6483] chdir("./file0") = 0 [pid 6483] ioctl(4, LOOP_CLR_FD) = 0 [pid 6483] close(4) = 0 [ 327.858312][ T6483] loop0: detected capacity change from 0 to 4096 [ 327.876517][ T6483] ntfs: volume version 3.1. [pid 6483] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6482] <... futex resumed>) = 0 [pid 6483] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6482] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6483] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6483] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6482] <... futex resumed>) = 0 [pid 6482] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6483] <... openat resumed>) = 4 [pid 6483] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6482] <... futex resumed>) = 0 [pid 6483] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6482] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6483] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6482] <... futex resumed>) = 0 [pid 6483] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6482] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6482] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6482] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6482] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6482] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6482] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6484 attached => {parent_tid=[1408]}, 88) = 1408 [pid 6484] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6482] rt_sigprocmask(SIG_SETMASK, [], [pid 6484] <... rseq resumed>) = 0 [pid 6482] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6484] set_robust_list(0x7eff0a3299a0, 24 [pid 6482] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6484] <... set_robust_list resumed>) = 0 [pid 6482] <... futex resumed>) = 0 [pid 6484] rt_sigprocmask(SIG_SETMASK, [], [pid 6482] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6484] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6484] creat("./file1", 000 [pid 6483] <... write resumed>) = 1048064 [pid 6484] <... creat resumed>) = 5 [pid 6484] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6483] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6483] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6484] <... futex resumed>) = 1 [pid 6482] <... futex resumed>) = 0 [pid 6484] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6482] close(3) = 0 [pid 6482] close(4) = 0 [pid 6482] close(5) = 0 [pid 6482] close(6) = -1 EBADF (Bad file descriptor) [pid 6482] close(7) = -1 EBADF (Bad file descriptor) [pid 6482] close(8) = -1 EBADF (Bad file descriptor) [pid 6482] close(9) = -1 EBADF (Bad file descriptor) [pid 6482] close(10) = -1 EBADF (Bad file descriptor) [pid 6482] close(11) = -1 EBADF (Bad file descriptor) [pid 6482] close(12) = -1 EBADF (Bad file descriptor) [pid 6482] close(13) = -1 EBADF (Bad file descriptor) [pid 6482] close(14) = -1 EBADF (Bad file descriptor) [pid 6482] close(15) = -1 EBADF (Bad file descriptor) [pid 6482] close(16) = -1 EBADF (Bad file descriptor) [pid 6482] close(17) = -1 EBADF (Bad file descriptor) [pid 6482] close(18) = -1 EBADF (Bad file descriptor) [pid 6482] close(19) = -1 EBADF (Bad file descriptor) [pid 6482] close(20) = -1 EBADF (Bad file descriptor) [pid 6482] close(21) = -1 EBADF (Bad file descriptor) [pid 6482] close(22) = -1 EBADF (Bad file descriptor) [pid 6482] close(23) = -1 EBADF (Bad file descriptor) [pid 6482] close(24) = -1 EBADF (Bad file descriptor) [pid 6482] close(25) = -1 EBADF (Bad file descriptor) [pid 6482] close(26) = -1 EBADF (Bad file descriptor) [pid 6482] close(27) = -1 EBADF (Bad file descriptor) [pid 6482] close(28) = -1 EBADF (Bad file descriptor) [pid 6482] close(29) = -1 EBADF (Bad file descriptor) [pid 6482] exit_group(0 [pid 6483] <... futex resumed>) = ? [pid 6484] <... futex resumed>) = ? [pid 6482] <... exit_group resumed>) = ? [pid 6484] +++ exited with 0 +++ [pid 6483] +++ exited with 0 +++ [pid 6482] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1406, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./468", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./468", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./468/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./468/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./468/cgroup.cpu") = 0 [pid 5063] umount2("./468/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./468/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./468/binderfs") = 0 [pid 5063] umount2("./468/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./468/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./468/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./468/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./468/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./468/file0") = 0 [pid 5063] umount2("./468/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./468/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./468/cgroup") = 0 [pid 5063] umount2("./468/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./468/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./468/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./468") = 0 [pid 5063] mkdir("./469", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1409 ./strace-static-x86_64: Process 6485 attached [pid 6485] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6485] chdir("./469") = 0 [pid 6485] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6485] setpgid(0, 0) = 0 [pid 6485] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6485] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6485] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6485] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6485] write(3, "1000", 4) = 4 [pid 6485] close(3) = 0 [pid 6485] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6485] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6485] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6485] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6485] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6485] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6485] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6485] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6486 attached => {parent_tid=[1410]}, 88) = 1410 [pid 6486] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6485] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6485] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6486] <... rseq resumed>) = 0 [pid 6486] set_robust_list(0x7eff0a34a9a0, 24 [pid 6485] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6486] <... set_robust_list resumed>) = 0 [pid 6486] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6486] memfd_create("syzkaller", 0) = 3 [pid 6486] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6486] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6486] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6486] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6486] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6486] close(3) = 0 [pid 6486] mkdir("./file0", 0777) = 0 [pid 6486] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6486] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6486] chdir("./file0") = 0 [pid 6486] ioctl(4, LOOP_CLR_FD) = 0 [ 328.484112][ T6486] loop0: detected capacity change from 0 to 4096 [ 328.499893][ T6486] ntfs: volume version 3.1. [pid 6486] close(4) = 0 [pid 6486] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6485] <... futex resumed>) = 0 [pid 6486] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6485] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6486] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6486] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6485] <... futex resumed>) = 0 [pid 6485] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6486] <... openat resumed>) = 4 [pid 6486] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6485] <... futex resumed>) = 0 [pid 6486] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6485] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6486] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6485] <... futex resumed>) = 0 [pid 6486] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6485] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6485] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6485] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6485] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6485] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6485] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6487 attached [pid 6487] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6485] <... clone3 resumed> => {parent_tid=[1411]}, 88) = 1411 [pid 6487] set_robust_list(0x7eff0a3299a0, 24 [pid 6485] rt_sigprocmask(SIG_SETMASK, [], [pid 6487] <... set_robust_list resumed>) = 0 [pid 6487] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6487] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6485] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6485] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6487] <... futex resumed>) = 0 [pid 6485] <... futex resumed>) = 1 [pid 6487] creat("./file1", 000 [pid 6485] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6487] <... creat resumed>) = 5 [pid 6486] <... write resumed>) = 1048064 [pid 6487] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6486] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6487] <... futex resumed>) = 1 [pid 6485] <... futex resumed>) = 0 [pid 6486] <... futex resumed>) = 0 [pid 6487] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6485] close(3) = 0 [pid 6486] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6485] close(4) = 0 [pid 6485] close(5) = 0 [pid 6485] close(6) = -1 EBADF (Bad file descriptor) [pid 6485] close(7) = -1 EBADF (Bad file descriptor) [pid 6485] close(8) = -1 EBADF (Bad file descriptor) [pid 6485] close(9) = -1 EBADF (Bad file descriptor) [pid 6485] close(10) = -1 EBADF (Bad file descriptor) [pid 6485] close(11) = -1 EBADF (Bad file descriptor) [pid 6485] close(12) = -1 EBADF (Bad file descriptor) [pid 6485] close(13) = -1 EBADF (Bad file descriptor) [pid 6485] close(14) = -1 EBADF (Bad file descriptor) [pid 6485] close(15) = -1 EBADF (Bad file descriptor) [pid 6485] close(16) = -1 EBADF (Bad file descriptor) [pid 6485] close(17) = -1 EBADF (Bad file descriptor) [pid 6485] close(18) = -1 EBADF (Bad file descriptor) [pid 6485] close(19) = -1 EBADF (Bad file descriptor) [pid 6485] close(20) = -1 EBADF (Bad file descriptor) [pid 6485] close(21) = -1 EBADF (Bad file descriptor) [pid 6485] close(22) = -1 EBADF (Bad file descriptor) [pid 6485] close(23) = -1 EBADF (Bad file descriptor) [pid 6485] close(24) = -1 EBADF (Bad file descriptor) [pid 6485] close(25) = -1 EBADF (Bad file descriptor) [pid 6485] close(26) = -1 EBADF (Bad file descriptor) [pid 6485] close(27) = -1 EBADF (Bad file descriptor) [pid 6485] close(28) = -1 EBADF (Bad file descriptor) [pid 6485] close(29) = -1 EBADF (Bad file descriptor) [pid 6485] exit_group(0 [pid 6487] <... futex resumed>) = ? [pid 6486] <... futex resumed>) = ? [pid 6485] <... exit_group resumed>) = ? [pid 6487] +++ exited with 0 +++ [pid 6486] +++ exited with 0 +++ [pid 6485] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1409, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./469", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./469", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./469/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./469/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./469/cgroup.cpu") = 0 [pid 5063] umount2("./469/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./469/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./469/binderfs") = 0 [pid 5063] umount2("./469/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./469/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./469/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./469/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./469/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./469/file0") = 0 [pid 5063] umount2("./469/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./469/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./469/cgroup") = 0 [pid 5063] umount2("./469/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./469/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./469/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./469") = 0 [pid 5063] mkdir("./470", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6488 attached , child_tidptr=0x5555560b8690) = 1412 [pid 6488] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6488] chdir("./470") = 0 [pid 6488] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6488] setpgid(0, 0) = 0 [pid 6488] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6488] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6488] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6488] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6488] write(3, "1000", 4) = 4 [pid 6488] close(3) = 0 [pid 6488] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6488] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6488] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6488] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6488] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6488] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6488] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6488] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6489 attached [pid 6489] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6489] set_robust_list(0x7eff0a34a9a0, 24 [pid 6488] <... clone3 resumed> => {parent_tid=[1413]}, 88) = 1413 [pid 6489] <... set_robust_list resumed>) = 0 [pid 6488] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6488] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6489] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6488] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6489] memfd_create("syzkaller", 0) = 3 [pid 6489] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6489] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6489] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6489] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6489] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6489] close(3) = 0 [pid 6489] mkdir("./file0", 0777) = 0 [pid 6489] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6489] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6489] chdir("./file0") = 0 [pid 6489] ioctl(4, LOOP_CLR_FD) = 0 [pid 6489] close(4) = 0 [pid 6489] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6488] <... futex resumed>) = 0 [ 329.052592][ T6489] loop0: detected capacity change from 0 to 4096 [ 329.072988][ T6489] ntfs: volume version 3.1. [pid 6489] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6488] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6488] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6489] <... openat resumed>) = 4 [pid 6489] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6489] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6488] <... futex resumed>) = 0 [pid 6488] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6489] <... futex resumed>) = 0 [pid 6488] <... futex resumed>) = 1 [pid 6489] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6488] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6488] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6488] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6488] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6488] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6488] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6490 attached => {parent_tid=[1414]}, 88) = 1414 [pid 6490] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6488] rt_sigprocmask(SIG_SETMASK, [], [pid 6490] set_robust_list(0x7eff0a3299a0, 24 [pid 6488] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6490] <... set_robust_list resumed>) = 0 [pid 6488] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6490] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6488] <... futex resumed>) = 0 [pid 6490] creat("./file1", 000 [pid 6488] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6490] <... creat resumed>) = 5 [pid 6489] <... write resumed>) = 1048064 [pid 6490] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6488] <... futex resumed>) = 0 [pid 6490] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6489] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6489] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6488] close(3) = 0 [pid 6488] close(4) = 0 [pid 6488] close(5) = 0 [pid 6488] close(6) = -1 EBADF (Bad file descriptor) [pid 6488] close(7) = -1 EBADF (Bad file descriptor) [pid 6488] close(8) = -1 EBADF (Bad file descriptor) [pid 6488] close(9) = -1 EBADF (Bad file descriptor) [pid 6488] close(10) = -1 EBADF (Bad file descriptor) [pid 6488] close(11) = -1 EBADF (Bad file descriptor) [pid 6488] close(12) = -1 EBADF (Bad file descriptor) [pid 6488] close(13) = -1 EBADF (Bad file descriptor) [pid 6488] close(14) = -1 EBADF (Bad file descriptor) [pid 6488] close(15) = -1 EBADF (Bad file descriptor) [pid 6488] close(16) = -1 EBADF (Bad file descriptor) [pid 6488] close(17) = -1 EBADF (Bad file descriptor) [pid 6488] close(18) = -1 EBADF (Bad file descriptor) [pid 6488] close(19) = -1 EBADF (Bad file descriptor) [pid 6488] close(20) = -1 EBADF (Bad file descriptor) [pid 6488] close(21) = -1 EBADF (Bad file descriptor) [pid 6488] close(22) = -1 EBADF (Bad file descriptor) [pid 6488] close(23) = -1 EBADF (Bad file descriptor) [pid 6488] close(24) = -1 EBADF (Bad file descriptor) [pid 6488] close(25) = -1 EBADF (Bad file descriptor) [pid 6488] close(26) = -1 EBADF (Bad file descriptor) [pid 6488] close(27) = -1 EBADF (Bad file descriptor) [pid 6488] close(28) = -1 EBADF (Bad file descriptor) [pid 6488] close(29) = -1 EBADF (Bad file descriptor) [pid 6488] exit_group(0 [pid 6489] <... futex resumed>) = ? [pid 6490] <... futex resumed>) = ? [pid 6489] +++ exited with 0 +++ [pid 6488] <... exit_group resumed>) = ? [pid 6490] +++ exited with 0 +++ [pid 6488] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1412, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./470", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./470", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./470/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./470/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./470/cgroup.cpu") = 0 [pid 5063] umount2("./470/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./470/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./470/binderfs") = 0 [pid 5063] umount2("./470/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./470/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./470/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./470/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./470/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./470/file0") = 0 [pid 5063] umount2("./470/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./470/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./470/cgroup") = 0 [pid 5063] umount2("./470/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./470/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./470/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./470") = 0 [pid 5063] mkdir("./471", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1415 ./strace-static-x86_64: Process 6491 attached [pid 6491] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6491] chdir("./471") = 0 [pid 6491] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6491] setpgid(0, 0) = 0 [pid 6491] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6491] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6491] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6491] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6491] write(3, "1000", 4) = 4 [pid 6491] close(3) = 0 [pid 6491] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6491] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6491] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6491] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6491] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6491] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6491] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6491] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6492 attached [pid 6492] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6491] <... clone3 resumed> => {parent_tid=[1416]}, 88) = 1416 [pid 6492] <... rseq resumed>) = 0 [pid 6491] rt_sigprocmask(SIG_SETMASK, [], [pid 6492] set_robust_list(0x7eff0a34a9a0, 24 [pid 6491] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6492] <... set_robust_list resumed>) = 0 [pid 6491] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6492] rt_sigprocmask(SIG_SETMASK, [], [pid 6491] <... futex resumed>) = 0 [pid 6492] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6491] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6492] memfd_create("syzkaller", 0) = 3 [pid 6492] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6492] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6492] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6492] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6492] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6492] close(3) = 0 [pid 6492] mkdir("./file0", 0777) = 0 [pid 6492] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6492] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6492] chdir("./file0") = 0 [pid 6492] ioctl(4, LOOP_CLR_FD) = 0 [pid 6492] close(4) = 0 [pid 6492] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6491] <... futex resumed>) = 0 [pid 6491] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [ 329.621808][ T6492] loop0: detected capacity change from 0 to 4096 [ 329.652162][ T6492] ntfs: volume version 3.1. [pid 6492] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6491] <... futex resumed>) = 0 [pid 6491] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6492] <... openat resumed>) = 4 [pid 6492] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6491] <... futex resumed>) = 0 [pid 6492] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6491] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6491] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6492] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6492] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6491] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6491] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6491] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6491] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6491] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6491] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6493 attached => {parent_tid=[1417]}, 88) = 1417 [pid 6493] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6491] rt_sigprocmask(SIG_SETMASK, [], [pid 6493] set_robust_list(0x7eff0a3299a0, 24 [pid 6491] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6493] <... set_robust_list resumed>) = 0 [pid 6493] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6493] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6491] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6493] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6491] <... futex resumed>) = 0 [pid 6493] creat("./file1", 000 [pid 6491] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6493] <... creat resumed>) = 5 [pid 6492] <... write resumed>) = 1048064 [pid 6493] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6492] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6493] <... futex resumed>) = 1 [pid 6491] <... futex resumed>) = 0 [pid 6493] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6492] <... futex resumed>) = 0 [pid 6491] close(3 [pid 6492] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6491] <... close resumed>) = 0 [pid 6491] close(4) = 0 [pid 6491] close(5) = 0 [pid 6491] close(6) = -1 EBADF (Bad file descriptor) [pid 6491] close(7) = -1 EBADF (Bad file descriptor) [pid 6491] close(8) = -1 EBADF (Bad file descriptor) [pid 6491] close(9) = -1 EBADF (Bad file descriptor) [pid 6491] close(10) = -1 EBADF (Bad file descriptor) [pid 6491] close(11) = -1 EBADF (Bad file descriptor) [pid 6491] close(12) = -1 EBADF (Bad file descriptor) [pid 6491] close(13) = -1 EBADF (Bad file descriptor) [pid 6491] close(14) = -1 EBADF (Bad file descriptor) [pid 6491] close(15) = -1 EBADF (Bad file descriptor) [pid 6491] close(16) = -1 EBADF (Bad file descriptor) [pid 6491] close(17) = -1 EBADF (Bad file descriptor) [pid 6491] close(18) = -1 EBADF (Bad file descriptor) [pid 6491] close(19) = -1 EBADF (Bad file descriptor) [pid 6491] close(20) = -1 EBADF (Bad file descriptor) [pid 6491] close(21) = -1 EBADF (Bad file descriptor) [pid 6491] close(22) = -1 EBADF (Bad file descriptor) [pid 6491] close(23) = -1 EBADF (Bad file descriptor) [pid 6491] close(24) = -1 EBADF (Bad file descriptor) [pid 6491] close(25) = -1 EBADF (Bad file descriptor) [pid 6491] close(26) = -1 EBADF (Bad file descriptor) [pid 6491] close(27) = -1 EBADF (Bad file descriptor) [pid 6491] close(28) = -1 EBADF (Bad file descriptor) [pid 6491] close(29) = -1 EBADF (Bad file descriptor) [pid 6491] exit_group(0 [pid 6492] <... futex resumed>) = ? [pid 6491] <... exit_group resumed>) = ? [pid 6493] <... futex resumed>) = ? [pid 6492] +++ exited with 0 +++ [pid 6493] +++ exited with 0 +++ [pid 6491] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1415, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./471", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./471", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./471/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./471/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./471/cgroup.cpu") = 0 [pid 5063] umount2("./471/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./471/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./471/binderfs") = 0 [pid 5063] umount2("./471/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./471/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./471/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./471/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./471/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./471/file0") = 0 [pid 5063] umount2("./471/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./471/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./471/cgroup") = 0 [pid 5063] umount2("./471/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./471/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./471/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./471") = 0 [pid 5063] mkdir("./472", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6494 attached , child_tidptr=0x5555560b8690) = 1418 [pid 6494] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6494] chdir("./472") = 0 [pid 6494] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6494] setpgid(0, 0) = 0 [pid 6494] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6494] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6494] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6494] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6494] write(3, "1000", 4) = 4 [pid 6494] close(3) = 0 [pid 6494] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6494] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6494] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6494] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6494] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6494] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6494] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6494] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6495 attached => {parent_tid=[1419]}, 88) = 1419 [pid 6495] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6494] rt_sigprocmask(SIG_SETMASK, [], [pid 6495] <... rseq resumed>) = 0 [pid 6494] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6495] set_robust_list(0x7eff0a34a9a0, 24 [pid 6494] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6495] <... set_robust_list resumed>) = 0 [pid 6494] <... futex resumed>) = 0 [pid 6495] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6494] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6495] memfd_create("syzkaller", 0) = 3 [pid 6495] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6495] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6495] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6495] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6495] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6495] close(3) = 0 [pid 6495] mkdir("./file0", 0777) = 0 [ 330.147370][ T6495] loop0: detected capacity change from 0 to 4096 [ 330.161410][ T6495] __ntfs_warning: 170 callbacks suppressed [ 330.161417][ T6495] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 330.188103][ T6495] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 330.197450][ T6495] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 330.213324][ T6495] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 330.222018][ T6495] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 330.242016][ T6495] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 330.250864][ T6495] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 330.271041][ T6495] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6495] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6495] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6495] chdir("./file0") = 0 [pid 6495] ioctl(4, LOOP_CLR_FD) = 0 [pid 6495] close(4) = 0 [pid 6495] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6494] <... futex resumed>) = 0 [pid 6495] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6494] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6495] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6494] <... futex resumed>) = 0 [pid 6495] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6494] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6495] <... openat resumed>) = 4 [pid 6495] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6494] <... futex resumed>) = 0 [pid 6495] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6494] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 330.279865][ T6495] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 330.299808][ T6495] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 330.310504][ T6495] ntfs: volume version 3.1. [pid 6494] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6494] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6494] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6494] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6494] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6494] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6496 attached => {parent_tid=[1420]}, 88) = 1420 [pid 6496] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6494] rt_sigprocmask(SIG_SETMASK, [], [pid 6496] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6494] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6496] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6494] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6496] creat("./file1", 000 [pid 6494] <... futex resumed>) = 0 [pid 6494] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6496] <... creat resumed>) = 5 [pid 6496] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6495] <... write resumed>) = 1048064 [pid 6496] <... futex resumed>) = 1 [pid 6494] <... futex resumed>) = 0 [pid 6495] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6494] close(3 [pid 6496] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6495] <... futex resumed>) = 0 [pid 6494] <... close resumed>) = 0 [pid 6495] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6494] close(4) = 0 [pid 6494] close(5) = 0 [pid 6494] close(6) = -1 EBADF (Bad file descriptor) [pid 6494] close(7) = -1 EBADF (Bad file descriptor) [pid 6494] close(8) = -1 EBADF (Bad file descriptor) [pid 6494] close(9) = -1 EBADF (Bad file descriptor) [pid 6494] close(10) = -1 EBADF (Bad file descriptor) [pid 6494] close(11) = -1 EBADF (Bad file descriptor) [pid 6494] close(12) = -1 EBADF (Bad file descriptor) [pid 6494] close(13) = -1 EBADF (Bad file descriptor) [pid 6494] close(14) = -1 EBADF (Bad file descriptor) [pid 6494] close(15) = -1 EBADF (Bad file descriptor) [pid 6494] close(16) = -1 EBADF (Bad file descriptor) [pid 6494] close(17) = -1 EBADF (Bad file descriptor) [pid 6494] close(18) = -1 EBADF (Bad file descriptor) [pid 6494] close(19) = -1 EBADF (Bad file descriptor) [pid 6494] close(20) = -1 EBADF (Bad file descriptor) [pid 6494] close(21) = -1 EBADF (Bad file descriptor) [pid 6494] close(22) = -1 EBADF (Bad file descriptor) [pid 6494] close(23) = -1 EBADF (Bad file descriptor) [pid 6494] close(24) = -1 EBADF (Bad file descriptor) [pid 6494] close(25) = -1 EBADF (Bad file descriptor) [pid 6494] close(26) = -1 EBADF (Bad file descriptor) [pid 6494] close(27) = -1 EBADF (Bad file descriptor) [pid 6494] close(28) = -1 EBADF (Bad file descriptor) [pid 6494] close(29) = -1 EBADF (Bad file descriptor) [pid 6494] exit_group(0) = ? [pid 6495] <... futex resumed>) = ? [pid 6496] <... futex resumed>) = ? [pid 6496] +++ exited with 0 +++ [pid 6495] +++ exited with 0 +++ [pid 6494] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1418, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] umount2("./472", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./472", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./472/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./472/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./472/cgroup.cpu") = 0 [pid 5063] umount2("./472/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./472/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./472/binderfs") = 0 [pid 5063] umount2("./472/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./472/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./472/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./472/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./472/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./472/file0") = 0 [pid 5063] umount2("./472/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./472/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./472/cgroup") = 0 [pid 5063] umount2("./472/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./472/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./472/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./472") = 0 [pid 5063] mkdir("./473", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6497 attached [pid 6497] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1421 [pid 6497] <... set_robust_list resumed>) = 0 [pid 6497] chdir("./473") = 0 [pid 6497] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6497] setpgid(0, 0) = 0 [pid 6497] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6497] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6497] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6497] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6497] write(3, "1000", 4) = 4 [pid 6497] close(3) = 0 [pid 6497] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6497] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6497] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6497] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6497] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6497] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6497] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6497] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6498 attached [pid 6498] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6497] <... clone3 resumed> => {parent_tid=[1422]}, 88) = 1422 [pid 6498] set_robust_list(0x7eff0a34a9a0, 24 [pid 6497] rt_sigprocmask(SIG_SETMASK, [], [pid 6498] <... set_robust_list resumed>) = 0 [pid 6498] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6497] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6498] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6497] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6498] <... futex resumed>) = 0 [pid 6497] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6498] memfd_create("syzkaller", 0) = 3 [pid 6498] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6498] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6498] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6498] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6498] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6498] close(3) = 0 [pid 6498] mkdir("./file0", 0777) = 0 [pid 6498] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6498] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6498] chdir("./file0") = 0 [pid 6498] ioctl(4, LOOP_CLR_FD) = 0 [pid 6498] close(4) = 0 [ 330.857870][ T6498] loop0: detected capacity change from 0 to 4096 [ 330.888690][ T6498] ntfs: volume version 3.1. [pid 6498] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6497] <... futex resumed>) = 0 [pid 6498] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6497] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6498] <... futex resumed>) = 0 [pid 6497] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6498] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6498] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6497] <... futex resumed>) = 0 [pid 6497] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6498] <... futex resumed>) = 1 [pid 6497] <... futex resumed>) = 0 [pid 6498] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6497] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6497] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6497] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6497] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6497] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6497] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6499 attached [pid 6499] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6497] <... clone3 resumed> => {parent_tid=[1423]}, 88) = 1423 [pid 6499] <... rseq resumed>) = 0 [pid 6497] rt_sigprocmask(SIG_SETMASK, [], [pid 6499] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6497] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6499] rt_sigprocmask(SIG_SETMASK, [], [pid 6497] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6499] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6499] creat("./file1", 000 [pid 6497] <... futex resumed>) = 0 [pid 6497] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6499] <... creat resumed>) = 5 [pid 6498] <... write resumed>) = 1048064 [pid 6499] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6498] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6499] <... futex resumed>) = 1 [pid 6498] <... futex resumed>) = 0 [pid 6497] <... futex resumed>) = 0 [pid 6499] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6498] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6497] close(3) = 0 [pid 6497] close(4) = 0 [pid 6497] close(5) = 0 [pid 6497] close(6) = -1 EBADF (Bad file descriptor) [pid 6497] close(7) = -1 EBADF (Bad file descriptor) [pid 6497] close(8) = -1 EBADF (Bad file descriptor) [pid 6497] close(9) = -1 EBADF (Bad file descriptor) [pid 6497] close(10) = -1 EBADF (Bad file descriptor) [pid 6497] close(11) = -1 EBADF (Bad file descriptor) [pid 6497] close(12) = -1 EBADF (Bad file descriptor) [pid 6497] close(13) = -1 EBADF (Bad file descriptor) [pid 6497] close(14) = -1 EBADF (Bad file descriptor) [pid 6497] close(15) = -1 EBADF (Bad file descriptor) [pid 6497] close(16) = -1 EBADF (Bad file descriptor) [pid 6497] close(17) = -1 EBADF (Bad file descriptor) [pid 6497] close(18) = -1 EBADF (Bad file descriptor) [pid 6497] close(19) = -1 EBADF (Bad file descriptor) [pid 6497] close(20) = -1 EBADF (Bad file descriptor) [pid 6497] close(21) = -1 EBADF (Bad file descriptor) [pid 6497] close(22) = -1 EBADF (Bad file descriptor) [pid 6497] close(23) = -1 EBADF (Bad file descriptor) [pid 6497] close(24) = -1 EBADF (Bad file descriptor) [pid 6497] close(25) = -1 EBADF (Bad file descriptor) [pid 6497] close(26) = -1 EBADF (Bad file descriptor) [pid 6497] close(27) = -1 EBADF (Bad file descriptor) [pid 6497] close(28) = -1 EBADF (Bad file descriptor) [pid 6497] close(29) = -1 EBADF (Bad file descriptor) [pid 6497] exit_group(0 [pid 6499] <... futex resumed>) = ? [pid 6498] <... futex resumed>) = ? [pid 6497] <... exit_group resumed>) = ? [pid 6498] +++ exited with 0 +++ [pid 6499] +++ exited with 0 +++ [pid 6497] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1421, si_uid=0, si_status=0, si_utime=0, si_stime=18 /* 0.18 s */} --- [pid 5063] umount2("./473", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./473", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./473/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./473/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./473/cgroup.cpu") = 0 [pid 5063] umount2("./473/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./473/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./473/binderfs") = 0 [pid 5063] umount2("./473/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./473/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./473/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./473/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./473/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./473/file0") = 0 [pid 5063] umount2("./473/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./473/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./473/cgroup") = 0 [pid 5063] umount2("./473/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./473/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./473/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./473") = 0 [pid 5063] mkdir("./474", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6500 attached , child_tidptr=0x5555560b8690) = 1424 [pid 6500] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6500] chdir("./474") = 0 [pid 6500] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6500] setpgid(0, 0) = 0 [pid 6500] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6500] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6500] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6500] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6500] write(3, "1000", 4) = 4 [pid 6500] close(3) = 0 [pid 6500] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6500] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6500] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6500] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6500] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6500] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6500] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6500] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6501 attached => {parent_tid=[1425]}, 88) = 1425 [pid 6501] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6500] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6500] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6500] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6501] <... rseq resumed>) = 0 [pid 6501] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6501] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6501] memfd_create("syzkaller", 0) = 3 [pid 6501] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6501] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6501] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6501] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6501] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6501] close(3) = 0 [pid 6501] mkdir("./file0", 0777) = 0 [pid 6501] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6501] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6501] chdir("./file0") = 0 [pid 6501] ioctl(4, LOOP_CLR_FD) = 0 [pid 6501] close(4) = 0 [pid 6501] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6500] <... futex resumed>) = 0 [pid 6500] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6501] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6500] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6501] <... openat resumed>) = 4 [pid 6501] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6500] <... futex resumed>) = 0 [pid 6501] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6500] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6501] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6500] <... futex resumed>) = 0 [pid 6501] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 331.529947][ T6501] loop0: detected capacity change from 0 to 4096 [ 331.550566][ T6501] ntfs: volume version 3.1. [pid 6500] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6500] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6500] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6500] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6500] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6500] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6502 attached => {parent_tid=[1426]}, 88) = 1426 [pid 6502] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6500] rt_sigprocmask(SIG_SETMASK, [], [pid 6502] set_robust_list(0x7eff0a3299a0, 24 [pid 6500] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6502] <... set_robust_list resumed>) = 0 [pid 6500] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6502] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6500] <... futex resumed>) = 0 [pid 6502] creat("./file1", 000 [pid 6500] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6502] <... creat resumed>) = 5 [pid 6502] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6501] <... write resumed>) = 1048064 [pid 6501] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6501] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6502] <... futex resumed>) = 1 [pid 6502] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6500] <... futex resumed>) = 0 [pid 6500] close(3) = 0 [pid 6500] close(4) = 0 [pid 6500] close(5) = 0 [pid 6500] close(6) = -1 EBADF (Bad file descriptor) [pid 6500] close(7) = -1 EBADF (Bad file descriptor) [pid 6500] close(8) = -1 EBADF (Bad file descriptor) [pid 6500] close(9) = -1 EBADF (Bad file descriptor) [pid 6500] close(10) = -1 EBADF (Bad file descriptor) [pid 6500] close(11) = -1 EBADF (Bad file descriptor) [pid 6500] close(12) = -1 EBADF (Bad file descriptor) [pid 6500] close(13) = -1 EBADF (Bad file descriptor) [pid 6500] close(14) = -1 EBADF (Bad file descriptor) [pid 6500] close(15) = -1 EBADF (Bad file descriptor) [pid 6500] close(16) = -1 EBADF (Bad file descriptor) [pid 6500] close(17) = -1 EBADF (Bad file descriptor) [pid 6500] close(18) = -1 EBADF (Bad file descriptor) [pid 6500] close(19) = -1 EBADF (Bad file descriptor) [pid 6500] close(20) = -1 EBADF (Bad file descriptor) [pid 6500] close(21) = -1 EBADF (Bad file descriptor) [pid 6500] close(22) = -1 EBADF (Bad file descriptor) [pid 6500] close(23) = -1 EBADF (Bad file descriptor) [pid 6500] close(24) = -1 EBADF (Bad file descriptor) [pid 6500] close(25) = -1 EBADF (Bad file descriptor) [pid 6500] close(26) = -1 EBADF (Bad file descriptor) [pid 6500] close(27) = -1 EBADF (Bad file descriptor) [pid 6500] close(28) = -1 EBADF (Bad file descriptor) [pid 6500] close(29) = -1 EBADF (Bad file descriptor) [pid 6500] exit_group(0) = ? [pid 6502] <... futex resumed>) = ? [pid 6501] <... futex resumed>) = ? [pid 6502] +++ exited with 0 +++ [pid 6501] +++ exited with 0 +++ [pid 6500] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1424, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./474", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./474", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./474/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./474/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./474/cgroup.cpu") = 0 [pid 5063] umount2("./474/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./474/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./474/binderfs") = 0 [pid 5063] umount2("./474/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./474/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./474/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./474/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./474/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./474/file0") = 0 [pid 5063] umount2("./474/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./474/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./474/cgroup") = 0 [pid 5063] umount2("./474/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./474/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./474/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./474") = 0 [pid 5063] mkdir("./475", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6503 attached [pid 6503] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1427 [pid 6503] <... set_robust_list resumed>) = 0 [pid 6503] chdir("./475") = 0 [pid 6503] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6503] setpgid(0, 0) = 0 [pid 6503] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6503] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6503] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6503] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6503] write(3, "1000", 4) = 4 [pid 6503] close(3) = 0 [pid 6503] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6503] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6503] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6503] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6503] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6503] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6503] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6503] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6504 attached [pid 6504] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6503] <... clone3 resumed> => {parent_tid=[1428]}, 88) = 1428 [pid 6504] set_robust_list(0x7eff0a34a9a0, 24 [pid 6503] rt_sigprocmask(SIG_SETMASK, [], [pid 6504] <... set_robust_list resumed>) = 0 [pid 6503] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6504] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6503] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6504] memfd_create("syzkaller", 0 [pid 6503] <... futex resumed>) = 0 [pid 6503] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6504] <... memfd_create resumed>) = 3 [pid 6504] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6504] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6504] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6504] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6504] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6504] close(3) = 0 [pid 6504] mkdir("./file0", 0777) = 0 [pid 6504] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6504] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6504] chdir("./file0") = 0 [pid 6504] ioctl(4, LOOP_CLR_FD) = 0 [pid 6504] close(4) = 0 [pid 6504] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6504] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6503] <... futex resumed>) = 0 [pid 6503] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6504] <... futex resumed>) = 0 [pid 6503] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 332.180601][ T6504] loop0: detected capacity change from 0 to 4096 [ 332.212975][ T6504] ntfs: volume version 3.1. [pid 6504] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6504] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6503] <... futex resumed>) = 0 [pid 6504] <... futex resumed>) = 1 [pid 6503] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6504] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6503] <... futex resumed>) = 0 [pid 6503] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6503] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6503] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6503] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6503] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6503] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1429]}, 88) = 1429 ./strace-static-x86_64: Process 6505 attached [pid 6505] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6503] rt_sigprocmask(SIG_SETMASK, [], [pid 6505] <... rseq resumed>) = 0 [pid 6503] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6505] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6505] rt_sigprocmask(SIG_SETMASK, [], [pid 6503] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6505] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6503] <... futex resumed>) = 0 [pid 6505] creat("./file1", 000 [pid 6503] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6505] <... creat resumed>) = 5 [pid 6505] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6503] <... futex resumed>) = 0 [pid 6505] <... futex resumed>) = 1 [pid 6504] <... write resumed>) = 1048064 [pid 6505] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6504] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6503] close(3) = 0 [pid 6504] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6503] close(4) = 0 [pid 6503] close(5) = 0 [pid 6503] close(6) = -1 EBADF (Bad file descriptor) [pid 6503] close(7) = -1 EBADF (Bad file descriptor) [pid 6503] close(8) = -1 EBADF (Bad file descriptor) [pid 6503] close(9) = -1 EBADF (Bad file descriptor) [pid 6503] close(10) = -1 EBADF (Bad file descriptor) [pid 6503] close(11) = -1 EBADF (Bad file descriptor) [pid 6503] close(12) = -1 EBADF (Bad file descriptor) [pid 6503] close(13) = -1 EBADF (Bad file descriptor) [pid 6503] close(14) = -1 EBADF (Bad file descriptor) [pid 6503] close(15) = -1 EBADF (Bad file descriptor) [pid 6503] close(16) = -1 EBADF (Bad file descriptor) [pid 6503] close(17) = -1 EBADF (Bad file descriptor) [pid 6503] close(18) = -1 EBADF (Bad file descriptor) [pid 6503] close(19) = -1 EBADF (Bad file descriptor) [pid 6503] close(20) = -1 EBADF (Bad file descriptor) [pid 6503] close(21) = -1 EBADF (Bad file descriptor) [pid 6503] close(22) = -1 EBADF (Bad file descriptor) [pid 6503] close(23) = -1 EBADF (Bad file descriptor) [pid 6503] close(24) = -1 EBADF (Bad file descriptor) [pid 6503] close(25) = -1 EBADF (Bad file descriptor) [pid 6503] close(26) = -1 EBADF (Bad file descriptor) [pid 6503] close(27) = -1 EBADF (Bad file descriptor) [pid 6503] close(28) = -1 EBADF (Bad file descriptor) [pid 6503] close(29) = -1 EBADF (Bad file descriptor) [pid 6503] exit_group(0) = ? [pid 6504] <... futex resumed>) = ? [pid 6505] <... futex resumed>) = ? [pid 6504] +++ exited with 0 +++ [pid 6505] +++ exited with 0 +++ [pid 6503] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1427, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./475", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./475", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./475/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./475/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./475/cgroup.cpu") = 0 [pid 5063] umount2("./475/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./475/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./475/binderfs") = 0 [pid 5063] umount2("./475/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./475/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./475/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./475/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./475/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./475/file0") = 0 [pid 5063] umount2("./475/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./475/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./475/cgroup") = 0 [pid 5063] umount2("./475/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./475/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./475/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./475") = 0 [pid 5063] mkdir("./476", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6506 attached [pid 6506] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1430 [pid 6506] chdir("./476") = 0 [pid 6506] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6506] setpgid(0, 0) = 0 [pid 6506] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6506] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6506] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6506] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6506] write(3, "1000", 4) = 4 [pid 6506] close(3) = 0 [pid 6506] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6506] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6506] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6506] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6506] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6506] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6506] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6506] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6507 attached => {parent_tid=[1431]}, 88) = 1431 [pid 6507] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6506] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6506] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6506] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6507] <... rseq resumed>) = 0 [pid 6507] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6507] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6507] memfd_create("syzkaller", 0) = 3 [pid 6507] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6507] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6507] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6507] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6507] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6507] close(3) = 0 [pid 6507] mkdir("./file0", 0777) = 0 [pid 6507] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6507] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6507] chdir("./file0") = 0 [pid 6507] ioctl(4, LOOP_CLR_FD) = 0 [pid 6507] close(4) = 0 [pid 6507] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6507] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6506] <... futex resumed>) = 0 [pid 6506] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6507] <... futex resumed>) = 0 [pid 6506] <... futex resumed>) = 1 [pid 6507] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 332.737850][ T6507] loop0: detected capacity change from 0 to 4096 [ 332.752881][ T6507] ntfs: volume version 3.1. [pid 6506] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6507] <... openat resumed>) = 4 [pid 6507] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6506] <... futex resumed>) = 0 [pid 6507] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6506] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6507] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6507] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6506] <... futex resumed>) = 0 [pid 6506] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6506] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6506] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6506] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6506] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6506] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6508 attached [pid 6508] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6506] <... clone3 resumed> => {parent_tid=[1432]}, 88) = 1432 [pid 6508] <... rseq resumed>) = 0 [pid 6506] rt_sigprocmask(SIG_SETMASK, [], [pid 6508] set_robust_list(0x7eff0a3299a0, 24 [pid 6506] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6508] <... set_robust_list resumed>) = 0 [pid 6508] rt_sigprocmask(SIG_SETMASK, [], [pid 6506] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6508] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6508] creat("./file1", 000 [pid 6506] <... futex resumed>) = 0 [pid 6508] <... creat resumed>) = 5 [pid 6506] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6508] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6506] <... futex resumed>) = 0 [pid 6508] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6507] <... write resumed>) = 1048064 [pid 6507] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6506] close(3 [pid 6507] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6506] <... close resumed>) = 0 [pid 6506] close(4) = 0 [pid 6506] close(5) = 0 [pid 6506] close(6) = -1 EBADF (Bad file descriptor) [pid 6506] close(7) = -1 EBADF (Bad file descriptor) [pid 6506] close(8) = -1 EBADF (Bad file descriptor) [pid 6506] close(9) = -1 EBADF (Bad file descriptor) [pid 6506] close(10) = -1 EBADF (Bad file descriptor) [pid 6506] close(11) = -1 EBADF (Bad file descriptor) [pid 6506] close(12) = -1 EBADF (Bad file descriptor) [pid 6506] close(13) = -1 EBADF (Bad file descriptor) [pid 6506] close(14) = -1 EBADF (Bad file descriptor) [pid 6506] close(15) = -1 EBADF (Bad file descriptor) [pid 6506] close(16) = -1 EBADF (Bad file descriptor) [pid 6506] close(17) = -1 EBADF (Bad file descriptor) [pid 6506] close(18) = -1 EBADF (Bad file descriptor) [pid 6506] close(19) = -1 EBADF (Bad file descriptor) [pid 6506] close(20) = -1 EBADF (Bad file descriptor) [pid 6506] close(21) = -1 EBADF (Bad file descriptor) [pid 6506] close(22) = -1 EBADF (Bad file descriptor) [pid 6506] close(23) = -1 EBADF (Bad file descriptor) [pid 6506] close(24) = -1 EBADF (Bad file descriptor) [pid 6506] close(25) = -1 EBADF (Bad file descriptor) [pid 6506] close(26) = -1 EBADF (Bad file descriptor) [pid 6506] close(27) = -1 EBADF (Bad file descriptor) [pid 6506] close(28) = -1 EBADF (Bad file descriptor) [pid 6506] close(29) = -1 EBADF (Bad file descriptor) [pid 6506] exit_group(0) = ? [pid 6508] <... futex resumed>) = ? [pid 6508] +++ exited with 0 +++ [pid 6507] <... futex resumed>) = ? [pid 6507] +++ exited with 0 +++ [pid 6506] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1430, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./476", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./476", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./476/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./476/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./476/cgroup.cpu") = 0 [pid 5063] umount2("./476/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./476/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./476/binderfs") = 0 [pid 5063] umount2("./476/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./476/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./476/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./476/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./476/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./476/file0") = 0 [pid 5063] umount2("./476/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./476/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./476/cgroup") = 0 [pid 5063] umount2("./476/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./476/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./476/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./476") = 0 [pid 5063] mkdir("./477", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6509 attached , child_tidptr=0x5555560b8690) = 1433 [pid 6509] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6509] chdir("./477") = 0 [pid 6509] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6509] setpgid(0, 0) = 0 [pid 6509] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6509] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6509] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6509] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6509] write(3, "1000", 4) = 4 [pid 6509] close(3) = 0 [pid 6509] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6509] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6509] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6509] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6509] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6509] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6509] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6509] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6510 attached => {parent_tid=[1434]}, 88) = 1434 [pid 6510] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6509] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6509] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6509] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6510] <... rseq resumed>) = 0 [pid 6510] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6510] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6510] memfd_create("syzkaller", 0) = 3 [pid 6510] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6510] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6510] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6510] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6510] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6510] close(3) = 0 [pid 6510] mkdir("./file0", 0777) = 0 [pid 6510] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6510] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6510] chdir("./file0") = 0 [pid 6510] ioctl(4, LOOP_CLR_FD) = 0 [pid 6510] close(4) = 0 [ 333.332157][ T6510] loop0: detected capacity change from 0 to 4096 [ 333.352195][ T6510] ntfs: volume version 3.1. [pid 6510] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6509] <... futex resumed>) = 0 [pid 6510] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6509] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6510] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6509] <... futex resumed>) = 0 [pid 6509] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6510] <... openat resumed>) = 4 [pid 6510] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6509] <... futex resumed>) = 0 [pid 6510] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6509] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6510] <... futex resumed>) = 0 [pid 6510] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6509] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6509] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6509] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6509] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6509] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6509] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6511 attached => {parent_tid=[1435]}, 88) = 1435 [pid 6511] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6509] rt_sigprocmask(SIG_SETMASK, [], [pid 6511] <... rseq resumed>) = 0 [pid 6511] set_robust_list(0x7eff0a3299a0, 24 [pid 6509] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6511] <... set_robust_list resumed>) = 0 [pid 6509] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6511] rt_sigprocmask(SIG_SETMASK, [], [pid 6509] <... futex resumed>) = 0 [pid 6511] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6511] creat("./file1", 000 [pid 6509] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6511] <... creat resumed>) = 5 [pid 6511] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6510] <... write resumed>) = 1048064 [pid 6509] <... futex resumed>) = 0 [pid 6511] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6510] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6509] close(3) = 0 [pid 6510] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6509] close(4) = 0 [pid 6509] close(5) = 0 [pid 6509] close(6) = -1 EBADF (Bad file descriptor) [pid 6509] close(7) = -1 EBADF (Bad file descriptor) [pid 6509] close(8) = -1 EBADF (Bad file descriptor) [pid 6509] close(9) = -1 EBADF (Bad file descriptor) [pid 6509] close(10) = -1 EBADF (Bad file descriptor) [pid 6509] close(11) = -1 EBADF (Bad file descriptor) [pid 6509] close(12) = -1 EBADF (Bad file descriptor) [pid 6509] close(13) = -1 EBADF (Bad file descriptor) [pid 6509] close(14) = -1 EBADF (Bad file descriptor) [pid 6509] close(15) = -1 EBADF (Bad file descriptor) [pid 6509] close(16) = -1 EBADF (Bad file descriptor) [pid 6509] close(17) = -1 EBADF (Bad file descriptor) [pid 6509] close(18) = -1 EBADF (Bad file descriptor) [pid 6509] close(19) = -1 EBADF (Bad file descriptor) [pid 6509] close(20) = -1 EBADF (Bad file descriptor) [pid 6509] close(21) = -1 EBADF (Bad file descriptor) [pid 6509] close(22) = -1 EBADF (Bad file descriptor) [pid 6509] close(23) = -1 EBADF (Bad file descriptor) [pid 6509] close(24) = -1 EBADF (Bad file descriptor) [pid 6509] close(25) = -1 EBADF (Bad file descriptor) [pid 6509] close(26) = -1 EBADF (Bad file descriptor) [pid 6509] close(27) = -1 EBADF (Bad file descriptor) [pid 6509] close(28) = -1 EBADF (Bad file descriptor) [pid 6509] close(29) = -1 EBADF (Bad file descriptor) [pid 6509] exit_group(0) = ? [pid 6511] <... futex resumed>) = ? [pid 6510] <... futex resumed>) = ? [pid 6511] +++ exited with 0 +++ [pid 6510] +++ exited with 0 +++ [pid 6509] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1433, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./477", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./477", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./477/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./477/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./477/cgroup.cpu") = 0 [pid 5063] umount2("./477/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./477/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./477/binderfs") = 0 [pid 5063] umount2("./477/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./477/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./477/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./477/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./477/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./477/file0") = 0 [pid 5063] umount2("./477/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./477/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./477/cgroup") = 0 [pid 5063] umount2("./477/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./477/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./477/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./477") = 0 [pid 5063] mkdir("./478", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6512 attached [pid 6512] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1436 [pid 6512] <... set_robust_list resumed>) = 0 [pid 6512] chdir("./478") = 0 [pid 6512] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6512] setpgid(0, 0) = 0 [pid 6512] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6512] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6512] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6512] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6512] write(3, "1000", 4) = 4 [pid 6512] close(3) = 0 [pid 6512] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6512] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6512] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6512] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6512] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6512] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6512] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6512] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6513 attached => {parent_tid=[1437]}, 88) = 1437 [pid 6513] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6513] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6513] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6512] rt_sigprocmask(SIG_SETMASK, [], [pid 6513] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6512] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6512] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6513] <... futex resumed>) = 0 [pid 6512] <... futex resumed>) = 1 [pid 6513] memfd_create("syzkaller", 0 [pid 6512] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6513] <... memfd_create resumed>) = 3 [pid 6513] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6513] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6513] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6513] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6513] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6513] close(3) = 0 [pid 6513] mkdir("./file0", 0777) = 0 [pid 6513] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6513] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6513] chdir("./file0") = 0 [pid 6513] ioctl(4, LOOP_CLR_FD) = 0 [pid 6513] close(4) = 0 [pid 6513] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6512] <... futex resumed>) = 0 [pid 6513] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6512] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6513] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6512] <... futex resumed>) = 0 [pid 6513] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6512] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6513] <... openat resumed>) = 4 [ 333.961573][ T6513] loop0: detected capacity change from 0 to 4096 [ 333.981150][ T6513] ntfs: volume version 3.1. [pid 6513] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6512] <... futex resumed>) = 0 [pid 6513] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6512] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6512] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6512] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6512] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6512] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6512] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6512] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6514 attached [pid 6513] <... write resumed>) = 1048064 [pid 6512] <... clone3 resumed> => {parent_tid=[1438]}, 88) = 1438 [pid 6514] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6512] rt_sigprocmask(SIG_SETMASK, [], [pid 6514] <... rseq resumed>) = 0 [pid 6513] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6512] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6514] set_robust_list(0x7eff0a3299a0, 24 [pid 6513] <... futex resumed>) = 0 [pid 6514] <... set_robust_list resumed>) = 0 [pid 6512] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6514] rt_sigprocmask(SIG_SETMASK, [], [pid 6513] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6514] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6512] <... futex resumed>) = 0 [pid 6514] creat("./file1", 000 [pid 6512] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6514] <... creat resumed>) = 5 [pid 6514] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6512] <... futex resumed>) = 0 [pid 6514] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6512] close(3) = 0 [pid 6512] close(4) = 0 [pid 6512] close(5) = 0 [pid 6512] close(6) = -1 EBADF (Bad file descriptor) [pid 6512] close(7) = -1 EBADF (Bad file descriptor) [pid 6512] close(8) = -1 EBADF (Bad file descriptor) [pid 6512] close(9) = -1 EBADF (Bad file descriptor) [pid 6512] close(10) = -1 EBADF (Bad file descriptor) [pid 6512] close(11) = -1 EBADF (Bad file descriptor) [pid 6512] close(12) = -1 EBADF (Bad file descriptor) [pid 6512] close(13) = -1 EBADF (Bad file descriptor) [pid 6512] close(14) = -1 EBADF (Bad file descriptor) [pid 6512] close(15) = -1 EBADF (Bad file descriptor) [pid 6512] close(16) = -1 EBADF (Bad file descriptor) [pid 6512] close(17) = -1 EBADF (Bad file descriptor) [pid 6512] close(18) = -1 EBADF (Bad file descriptor) [pid 6512] close(19) = -1 EBADF (Bad file descriptor) [pid 6512] close(20) = -1 EBADF (Bad file descriptor) [pid 6512] close(21) = -1 EBADF (Bad file descriptor) [pid 6512] close(22) = -1 EBADF (Bad file descriptor) [pid 6512] close(23) = -1 EBADF (Bad file descriptor) [pid 6512] close(24) = -1 EBADF (Bad file descriptor) [pid 6512] close(25) = -1 EBADF (Bad file descriptor) [pid 6512] close(26) = -1 EBADF (Bad file descriptor) [pid 6512] close(27) = -1 EBADF (Bad file descriptor) [pid 6512] close(28) = -1 EBADF (Bad file descriptor) [pid 6512] close(29) = -1 EBADF (Bad file descriptor) [pid 6512] exit_group(0) = ? [pid 6513] <... futex resumed>) = ? [pid 6514] <... futex resumed>) = ? [pid 6513] +++ exited with 0 +++ [pid 6514] +++ exited with 0 +++ [pid 6512] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1436, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./478", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./478", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./478/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./478/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./478/cgroup.cpu") = 0 [pid 5063] umount2("./478/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./478/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./478/binderfs") = 0 [pid 5063] umount2("./478/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./478/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./478/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./478/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./478/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./478/file0") = 0 [pid 5063] umount2("./478/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./478/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./478/cgroup") = 0 [pid 5063] umount2("./478/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./478/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./478/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./478") = 0 [pid 5063] mkdir("./479", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6515 attached , child_tidptr=0x5555560b8690) = 1439 [pid 6515] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6515] chdir("./479") = 0 [pid 6515] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6515] setpgid(0, 0) = 0 [pid 6515] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6515] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6515] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6515] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6515] write(3, "1000", 4) = 4 [pid 6515] close(3) = 0 [pid 6515] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6515] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6515] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6515] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6515] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6515] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6515] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6515] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6516 attached => {parent_tid=[1440]}, 88) = 1440 [pid 6516] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6515] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6516] <... rseq resumed>) = 0 [pid 6515] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6516] set_robust_list(0x7eff0a34a9a0, 24 [pid 6515] <... futex resumed>) = 0 [pid 6515] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6516] <... set_robust_list resumed>) = 0 [pid 6516] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6516] memfd_create("syzkaller", 0) = 3 [pid 6516] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6516] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6516] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6516] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6516] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6516] close(3) = 0 [pid 6516] mkdir("./file0", 0777) = 0 [pid 6516] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6516] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6516] chdir("./file0") = 0 [pid 6516] ioctl(4, LOOP_CLR_FD) = 0 [pid 6516] close(4) = 0 [pid 6516] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6515] <... futex resumed>) = 0 [pid 6516] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6515] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6516] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6515] <... futex resumed>) = 0 [pid 6515] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 334.523563][ T6516] loop0: detected capacity change from 0 to 4096 [ 334.555649][ T6516] ntfs: volume version 3.1. [pid 6516] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6516] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6516] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6515] <... futex resumed>) = 0 [pid 6515] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6516] <... futex resumed>) = 0 [pid 6516] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6515] <... futex resumed>) = 1 [pid 6515] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6515] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6515] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6515] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6515] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6515] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6517 attached [pid 6517] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6515] <... clone3 resumed> => {parent_tid=[1441]}, 88) = 1441 [pid 6517] <... rseq resumed>) = 0 [pid 6515] rt_sigprocmask(SIG_SETMASK, [], [pid 6517] set_robust_list(0x7eff0a3299a0, 24 [pid 6515] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6517] <... set_robust_list resumed>) = 0 [pid 6515] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6517] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6515] <... futex resumed>) = 0 [pid 6517] creat("./file1", 000 [pid 6515] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6517] <... creat resumed>) = 5 [pid 6516] <... write resumed>) = 1048064 [pid 6517] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6516] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6515] <... futex resumed>) = 0 [pid 6517] <... futex resumed>) = 1 [pid 6515] close(3 [pid 6516] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6515] <... close resumed>) = 0 [pid 6517] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6515] close(4) = 0 [pid 6515] close(5) = 0 [pid 6515] close(6) = -1 EBADF (Bad file descriptor) [pid 6515] close(7) = -1 EBADF (Bad file descriptor) [pid 6515] close(8) = -1 EBADF (Bad file descriptor) [pid 6515] close(9) = -1 EBADF (Bad file descriptor) [pid 6515] close(10) = -1 EBADF (Bad file descriptor) [pid 6515] close(11) = -1 EBADF (Bad file descriptor) [pid 6515] close(12) = -1 EBADF (Bad file descriptor) [pid 6515] close(13) = -1 EBADF (Bad file descriptor) [pid 6515] close(14) = -1 EBADF (Bad file descriptor) [pid 6515] close(15) = -1 EBADF (Bad file descriptor) [pid 6515] close(16) = -1 EBADF (Bad file descriptor) [pid 6515] close(17) = -1 EBADF (Bad file descriptor) [pid 6515] close(18) = -1 EBADF (Bad file descriptor) [pid 6515] close(19) = -1 EBADF (Bad file descriptor) [pid 6515] close(20) = -1 EBADF (Bad file descriptor) [pid 6515] close(21) = -1 EBADF (Bad file descriptor) [pid 6515] close(22) = -1 EBADF (Bad file descriptor) [pid 6515] close(23) = -1 EBADF (Bad file descriptor) [pid 6515] close(24) = -1 EBADF (Bad file descriptor) [pid 6515] close(25) = -1 EBADF (Bad file descriptor) [pid 6515] close(26) = -1 EBADF (Bad file descriptor) [pid 6515] close(27) = -1 EBADF (Bad file descriptor) [pid 6515] close(28) = -1 EBADF (Bad file descriptor) [pid 6515] close(29) = -1 EBADF (Bad file descriptor) [pid 6515] exit_group(0) = ? [pid 6517] <... futex resumed>) = ? [pid 6516] <... futex resumed>) = ? [pid 6517] +++ exited with 0 +++ [pid 6516] +++ exited with 0 +++ [pid 6515] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1439, si_uid=0, si_status=0, si_utime=0, si_stime=17 /* 0.17 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./479", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./479", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./479/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./479/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./479/cgroup.cpu") = 0 [pid 5063] umount2("./479/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./479/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./479/binderfs") = 0 [pid 5063] umount2("./479/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./479/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./479/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./479/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./479/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./479/file0") = 0 [pid 5063] umount2("./479/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./479/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./479/cgroup") = 0 [pid 5063] umount2("./479/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./479/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./479/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./479") = 0 [pid 5063] mkdir("./480", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6518 attached , child_tidptr=0x5555560b8690) = 1442 [pid 6518] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6518] chdir("./480") = 0 [pid 6518] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6518] setpgid(0, 0) = 0 [pid 6518] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6518] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6518] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6518] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6518] write(3, "1000", 4) = 4 [pid 6518] close(3) = 0 [pid 6518] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6518] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6518] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6518] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6518] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6518] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6518] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6518] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6519 attached [pid 6519] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6518] <... clone3 resumed> => {parent_tid=[1443]}, 88) = 1443 [pid 6519] <... rseq resumed>) = 0 [pid 6518] rt_sigprocmask(SIG_SETMASK, [], [pid 6519] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6518] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6519] rt_sigprocmask(SIG_SETMASK, [], [pid 6518] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6519] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6518] <... futex resumed>) = 0 [pid 6518] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6519] memfd_create("syzkaller", 0) = 3 [pid 6519] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6519] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6519] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6519] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6519] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6519] close(3) = 0 [pid 6519] mkdir("./file0", 0777) = 0 [pid 6519] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6519] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6519] chdir("./file0") = 0 [pid 6519] ioctl(4, LOOP_CLR_FD) = 0 [pid 6519] close(4) = 0 [pid 6519] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6519] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6518] <... futex resumed>) = 0 [pid 6518] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6519] <... futex resumed>) = 0 [pid 6518] <... futex resumed>) = 1 [pid 6519] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 335.098790][ T6519] loop0: detected capacity change from 0 to 4096 [ 335.120005][ T6519] ntfs: volume version 3.1. [pid 6518] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6519] <... openat resumed>) = 4 [pid 6519] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6518] <... futex resumed>) = 0 [pid 6519] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6518] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6519] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6518] <... futex resumed>) = 0 [pid 6519] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6518] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6518] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6518] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6518] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6518] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6518] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6520 attached => {parent_tid=[1444]}, 88) = 1444 [pid 6520] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6518] rt_sigprocmask(SIG_SETMASK, [], [pid 6520] <... rseq resumed>) = 0 [pid 6520] set_robust_list(0x7eff0a3299a0, 24 [pid 6518] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6520] <... set_robust_list resumed>) = 0 [pid 6520] rt_sigprocmask(SIG_SETMASK, [], [pid 6518] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6520] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6518] <... futex resumed>) = 0 [pid 6520] creat("./file1", 000 [pid 6518] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6520] <... creat resumed>) = 5 [pid 6519] <... write resumed>) = 1048064 [pid 6520] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6519] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6520] <... futex resumed>) = 1 [pid 6519] <... futex resumed>) = 0 [pid 6518] <... futex resumed>) = 0 [pid 6520] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6518] close(3) = 0 [pid 6518] close(4 [pid 6519] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6518] <... close resumed>) = 0 [pid 6518] close(5) = 0 [pid 6518] close(6) = -1 EBADF (Bad file descriptor) [pid 6518] close(7) = -1 EBADF (Bad file descriptor) [pid 6518] close(8) = -1 EBADF (Bad file descriptor) [pid 6518] close(9) = -1 EBADF (Bad file descriptor) [pid 6518] close(10) = -1 EBADF (Bad file descriptor) [pid 6518] close(11) = -1 EBADF (Bad file descriptor) [pid 6518] close(12) = -1 EBADF (Bad file descriptor) [pid 6518] close(13) = -1 EBADF (Bad file descriptor) [pid 6518] close(14) = -1 EBADF (Bad file descriptor) [pid 6518] close(15) = -1 EBADF (Bad file descriptor) [pid 6518] close(16) = -1 EBADF (Bad file descriptor) [pid 6518] close(17) = -1 EBADF (Bad file descriptor) [pid 6518] close(18) = -1 EBADF (Bad file descriptor) [pid 6518] close(19) = -1 EBADF (Bad file descriptor) [pid 6518] close(20) = -1 EBADF (Bad file descriptor) [pid 6518] close(21) = -1 EBADF (Bad file descriptor) [pid 6518] close(22) = -1 EBADF (Bad file descriptor) [pid 6518] close(23) = -1 EBADF (Bad file descriptor) [pid 6518] close(24) = -1 EBADF (Bad file descriptor) [pid 6518] close(25) = -1 EBADF (Bad file descriptor) [pid 6518] close(26) = -1 EBADF (Bad file descriptor) [pid 6518] close(27) = -1 EBADF (Bad file descriptor) [pid 6518] close(28) = -1 EBADF (Bad file descriptor) [pid 6518] close(29) = -1 EBADF (Bad file descriptor) [pid 6518] exit_group(0) = ? [pid 6519] <... futex resumed>) = ? [pid 6520] <... futex resumed>) = ? [pid 6519] +++ exited with 0 +++ [pid 6520] +++ exited with 0 +++ [pid 6518] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1442, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./480", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./480", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./480/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./480/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./480/cgroup.cpu") = 0 [pid 5063] umount2("./480/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./480/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./480/binderfs") = 0 [pid 5063] umount2("./480/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./480/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./480/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./480/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./480/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./480/file0") = 0 [pid 5063] umount2("./480/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./480/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./480/cgroup") = 0 [pid 5063] umount2("./480/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./480/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./480/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./480") = 0 [pid 5063] mkdir("./481", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6521 attached , child_tidptr=0x5555560b8690) = 1445 [pid 6521] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6521] chdir("./481") = 0 [pid 6521] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6521] setpgid(0, 0) = 0 [pid 6521] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6521] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6521] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6521] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6521] write(3, "1000", 4) = 4 [pid 6521] close(3) = 0 [pid 6521] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6521] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6521] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6521] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6521] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6521] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6521] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6521] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6522 attached => {parent_tid=[1446]}, 88) = 1446 [pid 6522] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6521] rt_sigprocmask(SIG_SETMASK, [], [pid 6522] <... rseq resumed>) = 0 [pid 6521] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6522] set_robust_list(0x7eff0a34a9a0, 24 [pid 6521] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6522] <... set_robust_list resumed>) = 0 [pid 6521] <... futex resumed>) = 0 [pid 6522] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6521] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6522] memfd_create("syzkaller", 0) = 3 [pid 6522] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6522] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6522] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6522] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6522] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6522] close(3) = 0 [pid 6522] mkdir("./file0", 0777) = 0 [ 335.725536][ T6522] loop0: detected capacity change from 0 to 4096 [ 335.741586][ T6522] __ntfs_warning: 170 callbacks suppressed [ 335.741596][ T6522] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 335.768322][ T6522] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 335.777962][ T6522] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 335.793995][ T6522] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 335.802718][ T6522] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 335.822682][ T6522] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 335.831433][ T6522] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 335.851517][ T6522] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6522] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6522] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6522] chdir("./file0") = 0 [pid 6522] ioctl(4, LOOP_CLR_FD) = 0 [pid 6522] close(4) = 0 [pid 6522] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6521] <... futex resumed>) = 0 [pid 6522] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6521] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6522] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6521] <... futex resumed>) = 0 [pid 6522] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6521] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6522] <... openat resumed>) = 4 [ 335.860250][ T6522] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 335.880189][ T6522] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 335.890684][ T6522] ntfs: volume version 3.1. [pid 6522] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6521] <... futex resumed>) = 0 [pid 6522] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6521] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6522] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6521] <... futex resumed>) = 0 [pid 6522] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6521] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6521] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6521] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6521] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6521] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6521] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6523 attached [pid 6523] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6521] <... clone3 resumed> => {parent_tid=[1447]}, 88) = 1447 [pid 6523] set_robust_list(0x7eff0a3299a0, 24 [pid 6521] rt_sigprocmask(SIG_SETMASK, [], [pid 6523] <... set_robust_list resumed>) = 0 [pid 6521] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6523] rt_sigprocmask(SIG_SETMASK, [], [pid 6521] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6523] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6521] <... futex resumed>) = 0 [pid 6523] creat("./file1", 000 [pid 6521] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6523] <... creat resumed>) = 5 [pid 6522] <... write resumed>) = 1048064 [pid 6523] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6522] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6523] <... futex resumed>) = 1 [pid 6521] <... futex resumed>) = 0 [pid 6523] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6522] <... futex resumed>) = 0 [pid 6521] close(3 [pid 6522] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6521] <... close resumed>) = 0 [pid 6521] close(4) = 0 [pid 6521] close(5) = 0 [pid 6521] close(6) = -1 EBADF (Bad file descriptor) [pid 6521] close(7) = -1 EBADF (Bad file descriptor) [pid 6521] close(8) = -1 EBADF (Bad file descriptor) [pid 6521] close(9) = -1 EBADF (Bad file descriptor) [pid 6521] close(10) = -1 EBADF (Bad file descriptor) [pid 6521] close(11) = -1 EBADF (Bad file descriptor) [pid 6521] close(12) = -1 EBADF (Bad file descriptor) [pid 6521] close(13) = -1 EBADF (Bad file descriptor) [pid 6521] close(14) = -1 EBADF (Bad file descriptor) [pid 6521] close(15) = -1 EBADF (Bad file descriptor) [pid 6521] close(16) = -1 EBADF (Bad file descriptor) [pid 6521] close(17) = -1 EBADF (Bad file descriptor) [pid 6521] close(18) = -1 EBADF (Bad file descriptor) [pid 6521] close(19) = -1 EBADF (Bad file descriptor) [pid 6521] close(20) = -1 EBADF (Bad file descriptor) [pid 6521] close(21) = -1 EBADF (Bad file descriptor) [pid 6521] close(22) = -1 EBADF (Bad file descriptor) [pid 6521] close(23) = -1 EBADF (Bad file descriptor) [pid 6521] close(24) = -1 EBADF (Bad file descriptor) [pid 6521] close(25) = -1 EBADF (Bad file descriptor) [pid 6521] close(26) = -1 EBADF (Bad file descriptor) [pid 6521] close(27) = -1 EBADF (Bad file descriptor) [pid 6521] close(28) = -1 EBADF (Bad file descriptor) [pid 6521] close(29) = -1 EBADF (Bad file descriptor) [pid 6521] exit_group(0 [pid 6522] <... futex resumed>) = ? [pid 6521] <... exit_group resumed>) = ? [pid 6523] <... futex resumed>) = ? [pid 6522] +++ exited with 0 +++ [pid 6523] +++ exited with 0 +++ [pid 6521] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1445, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./481", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./481", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./481/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./481/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./481/cgroup.cpu") = 0 [pid 5063] umount2("./481/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./481/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./481/binderfs") = 0 [pid 5063] umount2("./481/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./481/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./481/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./481/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./481/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./481/file0") = 0 [pid 5063] umount2("./481/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./481/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./481/cgroup") = 0 [pid 5063] umount2("./481/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./481/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./481/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./481") = 0 [pid 5063] mkdir("./482", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6524 attached , child_tidptr=0x5555560b8690) = 1448 [pid 6524] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6524] chdir("./482") = 0 [pid 6524] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6524] setpgid(0, 0) = 0 [pid 6524] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6524] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6524] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6524] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6524] write(3, "1000", 4) = 4 [pid 6524] close(3) = 0 [pid 6524] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6524] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6524] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6524] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6524] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6524] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6524] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6524] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6525 attached => {parent_tid=[1449]}, 88) = 1449 [pid 6525] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6524] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6524] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6524] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6525] <... rseq resumed>) = 0 [pid 6525] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6525] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6525] memfd_create("syzkaller", 0) = 3 [pid 6525] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6525] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6525] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6525] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6525] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6525] close(3) = 0 [pid 6525] mkdir("./file0", 0777) = 0 [pid 6525] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6525] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6525] chdir("./file0") = 0 [pid 6525] ioctl(4, LOOP_CLR_FD) = 0 [pid 6525] close(4) = 0 [pid 6525] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 336.430633][ T6525] loop0: detected capacity change from 0 to 4096 [ 336.460814][ T6525] ntfs: volume version 3.1. [pid 6525] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6524] <... futex resumed>) = 0 [pid 6524] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6525] <... futex resumed>) = 0 [pid 6524] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6525] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6525] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6524] <... futex resumed>) = 0 [pid 6525] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6524] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6524] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6524] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=0}) = -1 ETIMEDOUT (Connection timed out) [pid 6524] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6524] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6524] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6524] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6524] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1450]}, 88) = 1450 ./strace-static-x86_64: Process 6526 attached [pid 6526] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6524] rt_sigprocmask(SIG_SETMASK, [], [pid 6526] <... rseq resumed>) = 0 [pid 6524] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6524] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6526] set_robust_list(0x7eff0a3299a0, 24 [pid 6524] <... futex resumed>) = 0 [pid 6524] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6526] <... set_robust_list resumed>) = 0 [pid 6526] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6526] creat("./file1", 000) = 5 [pid 6525] <... write resumed>) = 1048064 [pid 6526] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6524] <... futex resumed>) = 0 [pid 6526] <... futex resumed>) = 1 [pid 6525] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6526] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6524] close(3 [pid 6525] <... futex resumed>) = 0 [pid 6524] <... close resumed>) = 0 [pid 6525] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6524] close(4) = 0 [pid 6524] close(5) = 0 [pid 6524] close(6) = -1 EBADF (Bad file descriptor) [pid 6524] close(7) = -1 EBADF (Bad file descriptor) [pid 6524] close(8) = -1 EBADF (Bad file descriptor) [pid 6524] close(9) = -1 EBADF (Bad file descriptor) [pid 6524] close(10) = -1 EBADF (Bad file descriptor) [pid 6524] close(11) = -1 EBADF (Bad file descriptor) [pid 6524] close(12) = -1 EBADF (Bad file descriptor) [pid 6524] close(13) = -1 EBADF (Bad file descriptor) [pid 6524] close(14) = -1 EBADF (Bad file descriptor) [pid 6524] close(15) = -1 EBADF (Bad file descriptor) [pid 6524] close(16) = -1 EBADF (Bad file descriptor) [pid 6524] close(17) = -1 EBADF (Bad file descriptor) [pid 6524] close(18) = -1 EBADF (Bad file descriptor) [pid 6524] close(19) = -1 EBADF (Bad file descriptor) [pid 6524] close(20) = -1 EBADF (Bad file descriptor) [pid 6524] close(21) = -1 EBADF (Bad file descriptor) [pid 6524] close(22) = -1 EBADF (Bad file descriptor) [pid 6524] close(23) = -1 EBADF (Bad file descriptor) [pid 6524] close(24) = -1 EBADF (Bad file descriptor) [pid 6524] close(25) = -1 EBADF (Bad file descriptor) [pid 6524] close(26) = -1 EBADF (Bad file descriptor) [pid 6524] close(27) = -1 EBADF (Bad file descriptor) [pid 6524] close(28) = -1 EBADF (Bad file descriptor) [pid 6524] close(29) = -1 EBADF (Bad file descriptor) [pid 6524] exit_group(0 [pid 6526] <... futex resumed>) = ? [pid 6524] <... exit_group resumed>) = ? [pid 6526] +++ exited with 0 +++ [pid 6525] <... futex resumed>) = ? [pid 6525] +++ exited with 0 +++ [pid 6524] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1448, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./482", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./482", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./482/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./482/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./482/cgroup.cpu") = 0 [pid 5063] umount2("./482/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./482/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./482/binderfs") = 0 [pid 5063] umount2("./482/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./482/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./482/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./482/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./482/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./482/file0") = 0 [pid 5063] umount2("./482/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./482/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./482/cgroup") = 0 [pid 5063] umount2("./482/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./482/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./482/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./482") = 0 [pid 5063] mkdir("./483", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6527 attached [pid 6527] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1451 [pid 6527] <... set_robust_list resumed>) = 0 [pid 6527] chdir("./483") = 0 [pid 6527] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6527] setpgid(0, 0) = 0 [pid 6527] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6527] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6527] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6527] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6527] write(3, "1000", 4) = 4 [pid 6527] close(3) = 0 [pid 6527] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6527] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6527] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6527] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6527] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6527] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6527] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6527] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6528 attached => {parent_tid=[1452]}, 88) = 1452 [pid 6528] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6527] rt_sigprocmask(SIG_SETMASK, [], [pid 6528] <... rseq resumed>) = 0 [pid 6527] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6528] set_robust_list(0x7eff0a34a9a0, 24 [pid 6527] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6528] <... set_robust_list resumed>) = 0 [pid 6527] <... futex resumed>) = 0 [pid 6527] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6528] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6528] memfd_create("syzkaller", 0) = 3 [pid 6528] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6528] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6528] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6528] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6528] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6528] close(3) = 0 [pid 6528] mkdir("./file0", 0777) = 0 [pid 6528] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6528] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6528] chdir("./file0") = 0 [pid 6528] ioctl(4, LOOP_CLR_FD) = 0 [pid 6528] close(4) = 0 [pid 6528] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6527] <... futex resumed>) = 0 [pid 6528] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6527] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6528] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6527] <... futex resumed>) = 0 [pid 6528] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 337.096428][ T6528] loop0: detected capacity change from 0 to 4096 [ 337.128243][ T6528] ntfs: volume version 3.1. [pid 6527] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6528] <... openat resumed>) = 4 [pid 6528] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6527] <... futex resumed>) = 0 [pid 6528] <... futex resumed>) = 1 [pid 6527] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6528] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6527] <... futex resumed>) = 0 [pid 6527] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6527] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6527] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6527] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6527] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6527] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6529 attached [pid 6529] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6529] set_robust_list(0x7eff0a3299a0, 24 [pid 6527] <... clone3 resumed> => {parent_tid=[1453]}, 88) = 1453 [pid 6529] <... set_robust_list resumed>) = 0 [pid 6527] rt_sigprocmask(SIG_SETMASK, [], [pid 6529] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6529] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6527] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6527] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6529] <... futex resumed>) = 0 [pid 6527] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6529] creat("./file1", 000) = 5 [pid 6529] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6528] <... write resumed>) = 1048064 [pid 6529] <... futex resumed>) = 1 [pid 6528] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6527] <... futex resumed>) = 0 [pid 6529] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6527] close(3) = 0 [pid 6527] close(4 [pid 6528] <... futex resumed>) = 0 [pid 6528] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6527] <... close resumed>) = 0 [pid 6527] close(5) = 0 [pid 6527] close(6) = -1 EBADF (Bad file descriptor) [pid 6527] close(7) = -1 EBADF (Bad file descriptor) [pid 6527] close(8) = -1 EBADF (Bad file descriptor) [pid 6527] close(9) = -1 EBADF (Bad file descriptor) [pid 6527] close(10) = -1 EBADF (Bad file descriptor) [pid 6527] close(11) = -1 EBADF (Bad file descriptor) [pid 6527] close(12) = -1 EBADF (Bad file descriptor) [pid 6527] close(13) = -1 EBADF (Bad file descriptor) [pid 6527] close(14) = -1 EBADF (Bad file descriptor) [pid 6527] close(15) = -1 EBADF (Bad file descriptor) [pid 6527] close(16) = -1 EBADF (Bad file descriptor) [pid 6527] close(17) = -1 EBADF (Bad file descriptor) [pid 6527] close(18) = -1 EBADF (Bad file descriptor) [pid 6527] close(19) = -1 EBADF (Bad file descriptor) [pid 6527] close(20) = -1 EBADF (Bad file descriptor) [pid 6527] close(21) = -1 EBADF (Bad file descriptor) [pid 6527] close(22) = -1 EBADF (Bad file descriptor) [pid 6527] close(23) = -1 EBADF (Bad file descriptor) [pid 6527] close(24) = -1 EBADF (Bad file descriptor) [pid 6527] close(25) = -1 EBADF (Bad file descriptor) [pid 6527] close(26) = -1 EBADF (Bad file descriptor) [pid 6527] close(27) = -1 EBADF (Bad file descriptor) [pid 6527] close(28) = -1 EBADF (Bad file descriptor) [pid 6527] close(29) = -1 EBADF (Bad file descriptor) [pid 6527] exit_group(0 [pid 6529] <... futex resumed>) = ? [pid 6528] <... futex resumed>) = ? [pid 6527] <... exit_group resumed>) = ? [pid 6529] +++ exited with 0 +++ [pid 6528] +++ exited with 0 +++ [pid 6527] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1451, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] umount2("./483", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./483", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./483/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./483/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./483/cgroup.cpu") = 0 [pid 5063] umount2("./483/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./483/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./483/binderfs") = 0 [pid 5063] umount2("./483/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./483/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./483/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./483/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./483/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./483/file0") = 0 [pid 5063] umount2("./483/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./483/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./483/cgroup") = 0 [pid 5063] umount2("./483/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./483/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./483/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./483") = 0 [pid 5063] mkdir("./484", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6530 attached , child_tidptr=0x5555560b8690) = 1454 [pid 6530] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6530] chdir("./484") = 0 [pid 6530] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6530] setpgid(0, 0) = 0 [pid 6530] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6530] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6530] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6530] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6530] write(3, "1000", 4) = 4 [pid 6530] close(3) = 0 [pid 6530] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6530] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6530] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6530] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6530] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6530] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6530] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6530] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6531 attached [pid 6531] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6530] <... clone3 resumed> => {parent_tid=[1455]}, 88) = 1455 [pid 6531] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6530] rt_sigprocmask(SIG_SETMASK, [], [pid 6531] rt_sigprocmask(SIG_SETMASK, [], [pid 6530] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6531] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6530] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6531] memfd_create("syzkaller", 0 [pid 6530] <... futex resumed>) = 0 [pid 6531] <... memfd_create resumed>) = 3 [pid 6531] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 6530] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6531] <... mmap resumed>) = 0x7eff01f2a000 [pid 6531] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6531] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6531] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6531] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6531] close(3) = 0 [pid 6531] mkdir("./file0", 0777) = 0 [pid 6531] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6531] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6531] chdir("./file0") = 0 [pid 6531] ioctl(4, LOOP_CLR_FD) = 0 [pid 6531] close(4) = 0 [pid 6531] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6531] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6530] <... futex resumed>) = 0 [pid 6530] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6531] <... futex resumed>) = 0 [pid 6530] <... futex resumed>) = 1 [pid 6531] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 337.632239][ T6531] loop0: detected capacity change from 0 to 4096 [ 337.663226][ T6531] ntfs: volume version 3.1. [pid 6530] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6531] <... openat resumed>) = 4 [pid 6531] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6530] <... futex resumed>) = 0 [pid 6531] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6530] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6531] <... futex resumed>) = 0 [pid 6530] <... futex resumed>) = 1 [pid 6531] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6530] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6530] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6530] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6530] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6530] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6530] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6532 attached => {parent_tid=[1456]}, 88) = 1456 [pid 6532] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6530] rt_sigprocmask(SIG_SETMASK, [], [pid 6532] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6532] rt_sigprocmask(SIG_SETMASK, [], [pid 6530] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6532] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6530] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6532] creat("./file1", 000 [pid 6530] <... futex resumed>) = 0 [pid 6530] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6532] <... creat resumed>) = 5 [pid 6532] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6530] <... futex resumed>) = 0 [pid 6532] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6531] <... write resumed>) = 1048064 [pid 6531] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6531] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6530] close(3) = 0 [pid 6530] close(4) = 0 [pid 6530] close(5) = 0 [pid 6530] close(6) = -1 EBADF (Bad file descriptor) [pid 6530] close(7) = -1 EBADF (Bad file descriptor) [pid 6530] close(8) = -1 EBADF (Bad file descriptor) [pid 6530] close(9) = -1 EBADF (Bad file descriptor) [pid 6530] close(10) = -1 EBADF (Bad file descriptor) [pid 6530] close(11) = -1 EBADF (Bad file descriptor) [pid 6530] close(12) = -1 EBADF (Bad file descriptor) [pid 6530] close(13) = -1 EBADF (Bad file descriptor) [pid 6530] close(14) = -1 EBADF (Bad file descriptor) [pid 6530] close(15) = -1 EBADF (Bad file descriptor) [pid 6530] close(16) = -1 EBADF (Bad file descriptor) [pid 6530] close(17) = -1 EBADF (Bad file descriptor) [pid 6530] close(18) = -1 EBADF (Bad file descriptor) [pid 6530] close(19) = -1 EBADF (Bad file descriptor) [pid 6530] close(20) = -1 EBADF (Bad file descriptor) [pid 6530] close(21) = -1 EBADF (Bad file descriptor) [pid 6530] close(22) = -1 EBADF (Bad file descriptor) [pid 6530] close(23) = -1 EBADF (Bad file descriptor) [pid 6530] close(24) = -1 EBADF (Bad file descriptor) [pid 6530] close(25) = -1 EBADF (Bad file descriptor) [pid 6530] close(26) = -1 EBADF (Bad file descriptor) [pid 6530] close(27) = -1 EBADF (Bad file descriptor) [pid 6530] close(28) = -1 EBADF (Bad file descriptor) [pid 6530] close(29) = -1 EBADF (Bad file descriptor) [pid 6530] exit_group(0 [pid 6531] <... futex resumed>) = ? [pid 6530] <... exit_group resumed>) = ? [pid 6532] <... futex resumed>) = ? [pid 6531] +++ exited with 0 +++ [pid 6532] +++ exited with 0 +++ [pid 6530] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1454, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./484", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./484", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./484/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./484/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./484/cgroup.cpu") = 0 [pid 5063] umount2("./484/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./484/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./484/binderfs") = 0 [pid 5063] umount2("./484/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./484/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./484/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./484/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./484/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./484/file0") = 0 [pid 5063] umount2("./484/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./484/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./484/cgroup") = 0 [pid 5063] umount2("./484/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./484/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./484/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./484") = 0 [pid 5063] mkdir("./485", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6533 attached [pid 6533] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1457 [pid 6533] <... set_robust_list resumed>) = 0 [pid 6533] chdir("./485") = 0 [pid 6533] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6533] setpgid(0, 0) = 0 [pid 6533] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6533] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6533] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6533] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6533] write(3, "1000", 4) = 4 [pid 6533] close(3) = 0 [pid 6533] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6533] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6533] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6533] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6533] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6533] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6533] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6533] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6534 attached => {parent_tid=[1458]}, 88) = 1458 [pid 6534] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6533] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6533] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6533] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6534] <... rseq resumed>) = 0 [pid 6534] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6534] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6534] memfd_create("syzkaller", 0) = 3 [pid 6534] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6534] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6534] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6534] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6534] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6534] close(3) = 0 [pid 6534] mkdir("./file0", 0777) = 0 [pid 6534] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6534] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6534] chdir("./file0") = 0 [pid 6534] ioctl(4, LOOP_CLR_FD) = 0 [pid 6534] close(4) = 0 [pid 6534] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6534] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6533] <... futex resumed>) = 0 [pid 6533] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6534] <... futex resumed>) = 0 [pid 6534] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 338.238457][ T6534] loop0: detected capacity change from 0 to 4096 [ 338.259135][ T6534] ntfs: volume version 3.1. [pid 6533] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6534] <... openat resumed>) = 4 [pid 6534] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6533] <... futex resumed>) = 0 [pid 6534] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6533] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6534] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6534] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6533] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6533] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6533] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6533] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6533] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6533] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6535 attached => {parent_tid=[1459]}, 88) = 1459 [pid 6535] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6535] set_robust_list(0x7eff0a3299a0, 24 [pid 6533] rt_sigprocmask(SIG_SETMASK, [], [pid 6535] <... set_robust_list resumed>) = 0 [pid 6535] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6535] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6533] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6533] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6535] <... futex resumed>) = 0 [pid 6533] <... futex resumed>) = 1 [pid 6535] creat("./file1", 000 [pid 6533] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6535] <... creat resumed>) = 5 [pid 6534] <... write resumed>) = 1048064 [pid 6535] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6534] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6535] <... futex resumed>) = 1 [pid 6533] <... futex resumed>) = 0 [pid 6535] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6534] <... futex resumed>) = 0 [pid 6533] close(3 [pid 6534] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6533] <... close resumed>) = 0 [pid 6533] close(4) = 0 [pid 6533] close(5) = 0 [pid 6533] close(6) = -1 EBADF (Bad file descriptor) [pid 6533] close(7) = -1 EBADF (Bad file descriptor) [pid 6533] close(8) = -1 EBADF (Bad file descriptor) [pid 6533] close(9) = -1 EBADF (Bad file descriptor) [pid 6533] close(10) = -1 EBADF (Bad file descriptor) [pid 6533] close(11) = -1 EBADF (Bad file descriptor) [pid 6533] close(12) = -1 EBADF (Bad file descriptor) [pid 6533] close(13) = -1 EBADF (Bad file descriptor) [pid 6533] close(14) = -1 EBADF (Bad file descriptor) [pid 6533] close(15) = -1 EBADF (Bad file descriptor) [pid 6533] close(16) = -1 EBADF (Bad file descriptor) [pid 6533] close(17) = -1 EBADF (Bad file descriptor) [pid 6533] close(18) = -1 EBADF (Bad file descriptor) [pid 6533] close(19) = -1 EBADF (Bad file descriptor) [pid 6533] close(20) = -1 EBADF (Bad file descriptor) [pid 6533] close(21) = -1 EBADF (Bad file descriptor) [pid 6533] close(22) = -1 EBADF (Bad file descriptor) [pid 6533] close(23) = -1 EBADF (Bad file descriptor) [pid 6533] close(24) = -1 EBADF (Bad file descriptor) [pid 6533] close(25) = -1 EBADF (Bad file descriptor) [pid 6533] close(26) = -1 EBADF (Bad file descriptor) [pid 6533] close(27) = -1 EBADF (Bad file descriptor) [pid 6533] close(28) = -1 EBADF (Bad file descriptor) [pid 6533] close(29) = -1 EBADF (Bad file descriptor) [pid 6533] exit_group(0) = ? [pid 6535] <... futex resumed>) = ? [pid 6535] +++ exited with 0 +++ [pid 6534] <... futex resumed>) = ? [pid 6534] +++ exited with 0 +++ [pid 6533] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1457, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] umount2("./485", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./485", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./485/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./485/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./485/cgroup.cpu") = 0 [pid 5063] umount2("./485/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./485/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./485/binderfs") = 0 [pid 5063] umount2("./485/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./485/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./485/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./485/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./485/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./485/file0") = 0 [pid 5063] umount2("./485/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./485/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./485/cgroup") = 0 [pid 5063] umount2("./485/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./485/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./485/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./485") = 0 [pid 5063] mkdir("./486", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6536 attached , child_tidptr=0x5555560b8690) = 1460 [pid 6536] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6536] chdir("./486") = 0 [pid 6536] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6536] setpgid(0, 0) = 0 [pid 6536] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6536] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6536] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6536] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6536] write(3, "1000", 4) = 4 [pid 6536] close(3) = 0 [pid 6536] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6536] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6536] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6536] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6536] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6536] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6536] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6536] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6537 attached [pid 6537] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6536] <... clone3 resumed> => {parent_tid=[1461]}, 88) = 1461 [pid 6536] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6536] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6537] <... rseq resumed>) = 0 [pid 6537] set_robust_list(0x7eff0a34a9a0, 24 [pid 6536] <... futex resumed>) = 0 [pid 6537] <... set_robust_list resumed>) = 0 [pid 6536] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6537] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6537] memfd_create("syzkaller", 0) = 3 [pid 6537] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6537] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6537] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6537] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6537] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6537] close(3) = 0 [pid 6537] mkdir("./file0", 0777) = 0 [pid 6537] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6537] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6537] chdir("./file0") = 0 [pid 6537] ioctl(4, LOOP_CLR_FD) = 0 [pid 6537] close(4) = 0 [ 338.920304][ T6537] loop0: detected capacity change from 0 to 4096 [ 338.950376][ T6537] ntfs: volume version 3.1. [pid 6537] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6536] <... futex resumed>) = 0 [pid 6537] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6536] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6537] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6536] <... futex resumed>) = 0 [pid 6536] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6537] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6537] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6536] <... futex resumed>) = 0 [pid 6537] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6536] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6536] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6537] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6536] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6536] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6536] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6536] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6536] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6536] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6538 attached [pid 6538] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6536] <... clone3 resumed> => {parent_tid=[1462]}, 88) = 1462 [pid 6538] <... rseq resumed>) = 0 [pid 6538] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6536] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6536] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6538] rt_sigprocmask(SIG_SETMASK, [], [pid 6537] <... write resumed>) = 1048064 [pid 6536] <... futex resumed>) = 0 [pid 6538] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6536] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6538] creat("./file1", 000 [pid 6537] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6538] <... creat resumed>) = 5 [pid 6538] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6537] <... futex resumed>) = 0 [pid 6537] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6538] <... futex resumed>) = 1 [pid 6538] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6536] <... futex resumed>) = 0 [pid 6536] close(3) = 0 [pid 6536] close(4) = 0 [pid 6536] close(5) = 0 [pid 6536] close(6) = -1 EBADF (Bad file descriptor) [pid 6536] close(7) = -1 EBADF (Bad file descriptor) [pid 6536] close(8) = -1 EBADF (Bad file descriptor) [pid 6536] close(9) = -1 EBADF (Bad file descriptor) [pid 6536] close(10) = -1 EBADF (Bad file descriptor) [pid 6536] close(11) = -1 EBADF (Bad file descriptor) [pid 6536] close(12) = -1 EBADF (Bad file descriptor) [pid 6536] close(13) = -1 EBADF (Bad file descriptor) [pid 6536] close(14) = -1 EBADF (Bad file descriptor) [pid 6536] close(15) = -1 EBADF (Bad file descriptor) [pid 6536] close(16) = -1 EBADF (Bad file descriptor) [pid 6536] close(17) = -1 EBADF (Bad file descriptor) [pid 6536] close(18) = -1 EBADF (Bad file descriptor) [pid 6536] close(19) = -1 EBADF (Bad file descriptor) [pid 6536] close(20) = -1 EBADF (Bad file descriptor) [pid 6536] close(21) = -1 EBADF (Bad file descriptor) [pid 6536] close(22) = -1 EBADF (Bad file descriptor) [pid 6536] close(23) = -1 EBADF (Bad file descriptor) [pid 6536] close(24) = -1 EBADF (Bad file descriptor) [pid 6536] close(25) = -1 EBADF (Bad file descriptor) [pid 6536] close(26) = -1 EBADF (Bad file descriptor) [pid 6536] close(27) = -1 EBADF (Bad file descriptor) [pid 6536] close(28) = -1 EBADF (Bad file descriptor) [pid 6536] close(29) = -1 EBADF (Bad file descriptor) [pid 6536] exit_group(0 [pid 6538] <... futex resumed>) = ? [pid 6537] <... futex resumed>) = ? [pid 6538] +++ exited with 0 +++ [pid 6537] +++ exited with 0 +++ [pid 6536] <... exit_group resumed>) = ? [pid 6536] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1460, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] umount2("./486", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./486", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./486/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./486/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./486/cgroup.cpu") = 0 [pid 5063] umount2("./486/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./486/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./486/binderfs") = 0 [pid 5063] umount2("./486/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./486/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./486/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./486/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./486/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./486/file0") = 0 [pid 5063] umount2("./486/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./486/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./486/cgroup") = 0 [pid 5063] umount2("./486/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./486/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./486/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./486") = 0 [pid 5063] mkdir("./487", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6539 attached , child_tidptr=0x5555560b8690) = 1463 [pid 6539] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6539] chdir("./487") = 0 [pid 6539] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6539] setpgid(0, 0) = 0 [pid 6539] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6539] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6539] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6539] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6539] write(3, "1000", 4) = 4 [pid 6539] close(3) = 0 [pid 6539] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6539] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6539] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6539] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6539] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6539] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6539] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6539] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6540 attached [pid 6540] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6539] <... clone3 resumed> => {parent_tid=[1464]}, 88) = 1464 [pid 6540] set_robust_list(0x7eff0a34a9a0, 24 [pid 6539] rt_sigprocmask(SIG_SETMASK, [], [pid 6540] <... set_robust_list resumed>) = 0 [pid 6540] rt_sigprocmask(SIG_SETMASK, [], [pid 6539] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6540] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6539] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6540] memfd_create("syzkaller", 0 [pid 6539] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6540] <... memfd_create resumed>) = 3 [pid 6540] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6540] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6540] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6540] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6540] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6540] close(3) = 0 [pid 6540] mkdir("./file0", 0777) = 0 [pid 6540] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6540] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6540] chdir("./file0") = 0 [pid 6540] ioctl(4, LOOP_CLR_FD) = 0 [pid 6540] close(4) = 0 [pid 6540] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6540] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6539] <... futex resumed>) = 0 [pid 6539] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6540] <... futex resumed>) = 0 [pid 6539] <... futex resumed>) = 1 [pid 6540] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6539] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6540] <... openat resumed>) = 4 [pid 6540] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6539] <... futex resumed>) = 0 [pid 6539] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6539] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 339.579089][ T6540] loop0: detected capacity change from 0 to 4096 [ 339.611452][ T6540] ntfs: volume version 3.1. [pid 6540] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6539] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6539] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6539] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6539] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6539] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6539] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6541 attached [pid 6541] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6539] <... clone3 resumed> => {parent_tid=[1465]}, 88) = 1465 [pid 6541] <... rseq resumed>) = 0 [pid 6539] rt_sigprocmask(SIG_SETMASK, [], [pid 6541] set_robust_list(0x7eff0a3299a0, 24 [pid 6539] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6541] <... set_robust_list resumed>) = 0 [pid 6539] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6541] rt_sigprocmask(SIG_SETMASK, [], [pid 6539] <... futex resumed>) = 0 [pid 6541] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6541] creat("./file1", 000 [pid 6539] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6541] <... creat resumed>) = 5 [pid 6540] <... write resumed>) = 1048064 [pid 6541] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6540] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6539] <... futex resumed>) = 0 [pid 6540] <... futex resumed>) = 0 [pid 6539] close(3 [pid 6540] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6539] <... close resumed>) = 0 [pid 6539] close(4) = 0 [pid 6539] close(5) = 0 [pid 6539] close(6 [pid 6541] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6539] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 6539] close(7) = -1 EBADF (Bad file descriptor) [pid 6539] close(8) = -1 EBADF (Bad file descriptor) [pid 6539] close(9) = -1 EBADF (Bad file descriptor) [pid 6539] close(10) = -1 EBADF (Bad file descriptor) [pid 6539] close(11) = -1 EBADF (Bad file descriptor) [pid 6539] close(12) = -1 EBADF (Bad file descriptor) [pid 6539] close(13) = -1 EBADF (Bad file descriptor) [pid 6539] close(14) = -1 EBADF (Bad file descriptor) [pid 6539] close(15) = -1 EBADF (Bad file descriptor) [pid 6539] close(16) = -1 EBADF (Bad file descriptor) [pid 6539] close(17) = -1 EBADF (Bad file descriptor) [pid 6539] close(18) = -1 EBADF (Bad file descriptor) [pid 6539] close(19) = -1 EBADF (Bad file descriptor) [pid 6539] close(20) = -1 EBADF (Bad file descriptor) [pid 6539] close(21) = -1 EBADF (Bad file descriptor) [pid 6539] close(22) = -1 EBADF (Bad file descriptor) [pid 6539] close(23) = -1 EBADF (Bad file descriptor) [pid 6539] close(24) = -1 EBADF (Bad file descriptor) [pid 6539] close(25) = -1 EBADF (Bad file descriptor) [pid 6539] close(26) = -1 EBADF (Bad file descriptor) [pid 6539] close(27) = -1 EBADF (Bad file descriptor) [pid 6539] close(28) = -1 EBADF (Bad file descriptor) [pid 6539] close(29) = -1 EBADF (Bad file descriptor) [pid 6539] exit_group(0 [pid 6540] <... futex resumed>) = ? [pid 6541] <... futex resumed>) = ? [pid 6539] <... exit_group resumed>) = ? [pid 6541] +++ exited with 0 +++ [pid 6540] +++ exited with 0 +++ [pid 6539] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1463, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./487", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./487", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./487/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./487/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./487/cgroup.cpu") = 0 [pid 5063] umount2("./487/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./487/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./487/binderfs") = 0 [pid 5063] umount2("./487/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./487/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./487/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./487/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./487/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./487/file0") = 0 [pid 5063] umount2("./487/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./487/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./487/cgroup") = 0 [pid 5063] umount2("./487/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./487/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./487/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./487") = 0 [pid 5063] mkdir("./488", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6542 attached , child_tidptr=0x5555560b8690) = 1466 [pid 6542] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6542] chdir("./488") = 0 [pid 6542] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6542] setpgid(0, 0) = 0 [pid 6542] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6542] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6542] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6542] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6542] write(3, "1000", 4) = 4 [pid 6542] close(3) = 0 [pid 6542] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6542] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6542] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6542] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6542] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6542] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6542] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6542] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6543 attached [pid 6543] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6542] <... clone3 resumed> => {parent_tid=[1467]}, 88) = 1467 [pid 6543] <... rseq resumed>) = 0 [pid 6542] rt_sigprocmask(SIG_SETMASK, [], [pid 6543] set_robust_list(0x7eff0a34a9a0, 24 [pid 6542] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6543] <... set_robust_list resumed>) = 0 [pid 6543] rt_sigprocmask(SIG_SETMASK, [], [pid 6542] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6543] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6542] <... futex resumed>) = 0 [pid 6542] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6543] memfd_create("syzkaller", 0) = 3 [pid 6543] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6543] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6543] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6543] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6543] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6543] close(3) = 0 [pid 6543] mkdir("./file0", 0777) = 0 [pid 6543] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6543] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6543] chdir("./file0") = 0 [pid 6543] ioctl(4, LOOP_CLR_FD) = 0 [pid 6543] close(4) = 0 [pid 6543] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6542] <... futex resumed>) = 0 [pid 6543] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6542] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6543] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6542] <... futex resumed>) = 0 [pid 6542] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6543] <... openat resumed>) = 4 [pid 6543] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6542] <... futex resumed>) = 0 [pid 6542] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6543] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 340.068451][ T6543] loop0: detected capacity change from 0 to 4096 [ 340.088903][ T6543] ntfs: volume version 3.1. [pid 6542] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6542] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6542] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6542] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6542] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6542] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6544 attached => {parent_tid=[1468]}, 88) = 1468 [pid 6544] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6542] rt_sigprocmask(SIG_SETMASK, [], [pid 6544] <... rseq resumed>) = 0 [pid 6542] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6542] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6544] set_robust_list(0x7eff0a3299a0, 24 [pid 6542] <... futex resumed>) = 0 [pid 6544] <... set_robust_list resumed>) = 0 [pid 6542] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6544] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6544] creat("./file1", 000) = 5 [pid 6543] <... write resumed>) = 1048064 [pid 6544] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6543] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6542] <... futex resumed>) = 0 [pid 6543] <... futex resumed>) = 0 [pid 6544] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6542] close(3 [pid 6543] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6542] <... close resumed>) = 0 [pid 6542] close(4) = 0 [pid 6542] close(5) = 0 [pid 6542] close(6) = -1 EBADF (Bad file descriptor) [pid 6542] close(7) = -1 EBADF (Bad file descriptor) [pid 6542] close(8) = -1 EBADF (Bad file descriptor) [pid 6542] close(9) = -1 EBADF (Bad file descriptor) [pid 6542] close(10) = -1 EBADF (Bad file descriptor) [pid 6542] close(11) = -1 EBADF (Bad file descriptor) [pid 6542] close(12) = -1 EBADF (Bad file descriptor) [pid 6542] close(13) = -1 EBADF (Bad file descriptor) [pid 6542] close(14) = -1 EBADF (Bad file descriptor) [pid 6542] close(15) = -1 EBADF (Bad file descriptor) [pid 6542] close(16) = -1 EBADF (Bad file descriptor) [pid 6542] close(17) = -1 EBADF (Bad file descriptor) [pid 6542] close(18) = -1 EBADF (Bad file descriptor) [pid 6542] close(19) = -1 EBADF (Bad file descriptor) [pid 6542] close(20) = -1 EBADF (Bad file descriptor) [pid 6542] close(21) = -1 EBADF (Bad file descriptor) [pid 6542] close(22) = -1 EBADF (Bad file descriptor) [pid 6542] close(23) = -1 EBADF (Bad file descriptor) [pid 6542] close(24) = -1 EBADF (Bad file descriptor) [pid 6542] close(25) = -1 EBADF (Bad file descriptor) [pid 6542] close(26) = -1 EBADF (Bad file descriptor) [pid 6542] close(27) = -1 EBADF (Bad file descriptor) [pid 6542] close(28) = -1 EBADF (Bad file descriptor) [pid 6542] close(29) = -1 EBADF (Bad file descriptor) [pid 6542] exit_group(0) = ? [pid 6544] <... futex resumed>) = ? [pid 6543] <... futex resumed>) = ? [pid 6544] +++ exited with 0 +++ [pid 6543] +++ exited with 0 +++ [pid 6542] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1466, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./488", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./488", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./488/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./488/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./488/cgroup.cpu") = 0 [pid 5063] umount2("./488/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./488/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./488/binderfs") = 0 [pid 5063] umount2("./488/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./488/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./488/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./488/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./488/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./488/file0") = 0 [pid 5063] umount2("./488/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./488/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./488/cgroup") = 0 [pid 5063] umount2("./488/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./488/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./488/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./488") = 0 [pid 5063] mkdir("./489", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6545 attached [pid 6545] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1469 [pid 6545] <... set_robust_list resumed>) = 0 [pid 6545] chdir("./489") = 0 [pid 6545] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6545] setpgid(0, 0) = 0 [pid 6545] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6545] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6545] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6545] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6545] write(3, "1000", 4) = 4 [pid 6545] close(3) = 0 [pid 6545] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6545] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6545] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6545] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6545] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6545] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6545] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6545] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6546 attached => {parent_tid=[1470]}, 88) = 1470 [pid 6546] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6545] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6545] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6545] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6546] <... rseq resumed>) = 0 [pid 6546] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6546] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6546] memfd_create("syzkaller", 0) = 3 [pid 6546] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6546] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6546] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6546] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6546] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6546] close(3) = 0 [pid 6546] mkdir("./file0", 0777) = 0 [pid 6546] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6546] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6546] chdir("./file0") = 0 [pid 6546] ioctl(4, LOOP_CLR_FD) = 0 [pid 6546] close(4) = 0 [pid 6546] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6545] <... futex resumed>) = 0 [pid 6545] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6545] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6546] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6546] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6545] <... futex resumed>) = 0 [pid 6545] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6546] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6545] <... futex resumed>) = 0 [ 340.557533][ T6546] loop0: detected capacity change from 0 to 4096 [ 340.593010][ T6546] ntfs: volume version 3.1. [pid 6545] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6545] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6545] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6545] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6545] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6545] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6547 attached => {parent_tid=[1471]}, 88) = 1471 [pid 6547] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6546] <... write resumed>) = 1048064 [pid 6545] rt_sigprocmask(SIG_SETMASK, [], [pid 6547] set_robust_list(0x7eff0a3299a0, 24 [pid 6546] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6545] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6547] <... set_robust_list resumed>) = 0 [pid 6546] <... futex resumed>) = 0 [pid 6545] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6547] rt_sigprocmask(SIG_SETMASK, [], [pid 6546] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6545] <... futex resumed>) = 0 [pid 6547] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6545] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6547] creat("./file1", 000) = 5 [pid 6547] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6547] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6545] <... futex resumed>) = 0 [pid 6545] close(3) = 0 [pid 6545] close(4) = 0 [pid 6545] close(5) = 0 [pid 6545] close(6) = -1 EBADF (Bad file descriptor) [pid 6545] close(7) = -1 EBADF (Bad file descriptor) [pid 6545] close(8) = -1 EBADF (Bad file descriptor) [pid 6545] close(9) = -1 EBADF (Bad file descriptor) [pid 6545] close(10) = -1 EBADF (Bad file descriptor) [pid 6545] close(11) = -1 EBADF (Bad file descriptor) [pid 6545] close(12) = -1 EBADF (Bad file descriptor) [pid 6545] close(13) = -1 EBADF (Bad file descriptor) [pid 6545] close(14) = -1 EBADF (Bad file descriptor) [pid 6545] close(15) = -1 EBADF (Bad file descriptor) [pid 6545] close(16) = -1 EBADF (Bad file descriptor) [pid 6545] close(17) = -1 EBADF (Bad file descriptor) [pid 6545] close(18) = -1 EBADF (Bad file descriptor) [pid 6545] close(19) = -1 EBADF (Bad file descriptor) [pid 6545] close(20) = -1 EBADF (Bad file descriptor) [pid 6545] close(21) = -1 EBADF (Bad file descriptor) [pid 6545] close(22) = -1 EBADF (Bad file descriptor) [pid 6545] close(23) = -1 EBADF (Bad file descriptor) [pid 6545] close(24) = -1 EBADF (Bad file descriptor) [pid 6545] close(25) = -1 EBADF (Bad file descriptor) [pid 6545] close(26) = -1 EBADF (Bad file descriptor) [pid 6545] close(27) = -1 EBADF (Bad file descriptor) [pid 6545] close(28) = -1 EBADF (Bad file descriptor) [pid 6545] close(29) = -1 EBADF (Bad file descriptor) [pid 6545] exit_group(0) = ? [pid 6547] <... futex resumed>) = ? [pid 6546] <... futex resumed>) = ? [pid 6547] +++ exited with 0 +++ [pid 6546] +++ exited with 0 +++ [pid 6545] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1469, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] umount2("./489", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./489", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./489/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./489/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./489/cgroup.cpu") = 0 [pid 5063] umount2("./489/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./489/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./489/binderfs") = 0 [pid 5063] umount2("./489/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./489/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./489/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./489/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./489/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./489/file0") = 0 [pid 5063] umount2("./489/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./489/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./489/cgroup") = 0 [pid 5063] umount2("./489/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./489/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./489/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./489") = 0 [pid 5063] mkdir("./490", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6548 attached , child_tidptr=0x5555560b8690) = 1472 [pid 6548] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6548] chdir("./490") = 0 [pid 6548] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6548] setpgid(0, 0) = 0 [pid 6548] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6548] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6548] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6548] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6548] write(3, "1000", 4) = 4 [pid 6548] close(3) = 0 [pid 6548] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6548] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6548] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6548] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6548] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6548] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6548] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6548] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6549 attached [pid 6549] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6548] <... clone3 resumed> => {parent_tid=[1473]}, 88) = 1473 [pid 6549] <... rseq resumed>) = 0 [pid 6548] rt_sigprocmask(SIG_SETMASK, [], [pid 6549] set_robust_list(0x7eff0a34a9a0, 24 [pid 6548] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6549] <... set_robust_list resumed>) = 0 [pid 6549] rt_sigprocmask(SIG_SETMASK, [], [pid 6548] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6549] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6548] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6549] memfd_create("syzkaller", 0) = 3 [pid 6549] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6549] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6549] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6549] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6549] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6549] close(3) = 0 [pid 6549] mkdir("./file0", 0777) = 0 [ 341.159982][ T6549] loop0: detected capacity change from 0 to 4096 [ 341.186947][ T6549] __ntfs_warning: 170 callbacks suppressed [ 341.186961][ T6549] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 341.213544][ T6549] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 341.223114][ T6549] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 341.239086][ T6549] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 341.247789][ T6549] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 341.268022][ T6549] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 341.276757][ T6549] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 341.296940][ T6549] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6549] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6549] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6549] chdir("./file0") = 0 [pid 6549] ioctl(4, LOOP_CLR_FD) = 0 [pid 6549] close(4) = 0 [pid 6549] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6548] <... futex resumed>) = 0 [ 341.305697][ T6549] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 341.325764][ T6549] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 341.336137][ T6549] ntfs: volume version 3.1. [pid 6548] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6549] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6548] <... futex resumed>) = 0 [pid 6548] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6549] <... openat resumed>) = 4 [pid 6549] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6549] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6548] <... futex resumed>) = 0 [pid 6548] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6549] <... futex resumed>) = 0 [pid 6548] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6549] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6548] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6548] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6548] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6548] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6548] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6548] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6550 attached [pid 6550] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6550] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6548] <... clone3 resumed> => {parent_tid=[1474]}, 88) = 1474 [pid 6550] rt_sigprocmask(SIG_SETMASK, [], [pid 6548] rt_sigprocmask(SIG_SETMASK, [], [pid 6550] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6548] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6548] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6550] creat("./file1", 000 [pid 6548] <... futex resumed>) = 0 [pid 6550] <... creat resumed>) = 5 [pid 6549] <... write resumed>) = 1048064 [pid 6548] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6550] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6549] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6550] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6549] <... futex resumed>) = 0 [pid 6549] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6548] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6548] close(3) = 0 [pid 6548] close(4) = 0 [pid 6548] close(5) = 0 [pid 6548] close(6) = -1 EBADF (Bad file descriptor) [pid 6548] close(7) = -1 EBADF (Bad file descriptor) [pid 6548] close(8) = -1 EBADF (Bad file descriptor) [pid 6548] close(9) = -1 EBADF (Bad file descriptor) [pid 6548] close(10) = -1 EBADF (Bad file descriptor) [pid 6548] close(11) = -1 EBADF (Bad file descriptor) [pid 6548] close(12) = -1 EBADF (Bad file descriptor) [pid 6548] close(13) = -1 EBADF (Bad file descriptor) [pid 6548] close(14) = -1 EBADF (Bad file descriptor) [pid 6548] close(15) = -1 EBADF (Bad file descriptor) [pid 6548] close(16) = -1 EBADF (Bad file descriptor) [pid 6548] close(17) = -1 EBADF (Bad file descriptor) [pid 6548] close(18) = -1 EBADF (Bad file descriptor) [pid 6548] close(19) = -1 EBADF (Bad file descriptor) [pid 6548] close(20) = -1 EBADF (Bad file descriptor) [pid 6548] close(21) = -1 EBADF (Bad file descriptor) [pid 6548] close(22) = -1 EBADF (Bad file descriptor) [pid 6548] close(23) = -1 EBADF (Bad file descriptor) [pid 6548] close(24) = -1 EBADF (Bad file descriptor) [pid 6548] close(25) = -1 EBADF (Bad file descriptor) [pid 6548] close(26) = -1 EBADF (Bad file descriptor) [pid 6548] close(27) = -1 EBADF (Bad file descriptor) [pid 6548] close(28) = -1 EBADF (Bad file descriptor) [pid 6548] close(29) = -1 EBADF (Bad file descriptor) [pid 6548] exit_group(0 [pid 6549] <... futex resumed>) = ? [pid 6548] <... exit_group resumed>) = ? [pid 6550] <... futex resumed>) = ? [pid 6549] +++ exited with 0 +++ [pid 6550] +++ exited with 0 +++ [pid 6548] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1472, si_uid=0, si_status=0, si_utime=0, si_stime=23 /* 0.23 s */} --- [pid 5063] umount2("./490", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./490", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./490/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./490/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./490/cgroup.cpu") = 0 [pid 5063] umount2("./490/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./490/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./490/binderfs") = 0 [pid 5063] umount2("./490/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./490/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./490/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./490/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./490/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./490/file0") = 0 [pid 5063] umount2("./490/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./490/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./490/cgroup") = 0 [pid 5063] umount2("./490/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./490/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./490/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./490") = 0 [pid 5063] mkdir("./491", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6551 attached [pid 6551] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1475 [pid 6551] <... set_robust_list resumed>) = 0 [pid 6551] chdir("./491") = 0 [pid 6551] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6551] setpgid(0, 0) = 0 [pid 6551] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6551] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6551] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6551] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6551] write(3, "1000", 4) = 4 [pid 6551] close(3) = 0 [pid 6551] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6551] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6551] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6551] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6551] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6551] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6551] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6551] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6552 attached => {parent_tid=[1476]}, 88) = 1476 [pid 6552] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6551] rt_sigprocmask(SIG_SETMASK, [], [pid 6552] set_robust_list(0x7eff0a34a9a0, 24 [pid 6551] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6552] <... set_robust_list resumed>) = 0 [pid 6551] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6552] rt_sigprocmask(SIG_SETMASK, [], [pid 6551] <... futex resumed>) = 0 [pid 6552] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6551] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6552] memfd_create("syzkaller", 0) = 3 [pid 6552] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6552] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6552] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6552] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6552] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6552] close(3) = 0 [pid 6552] mkdir("./file0", 0777) = 0 [pid 6552] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6552] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6552] chdir("./file0") = 0 [pid 6552] ioctl(4, LOOP_CLR_FD) = 0 [pid 6552] close(4) = 0 [pid 6552] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6551] <... futex resumed>) = 0 [pid 6552] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6551] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6552] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6551] <... futex resumed>) = 0 [pid 6552] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6551] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6552] <... openat resumed>) = 4 [pid 6552] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6552] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6551] <... futex resumed>) = 0 [pid 6551] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6552] <... futex resumed>) = 0 [pid 6551] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 341.878362][ T6552] loop0: detected capacity change from 0 to 4096 [ 341.909959][ T6552] ntfs: volume version 3.1. [pid 6552] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6551] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6551] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6551] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6551] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6551] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6551] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6553 attached [pid 6553] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6551] <... clone3 resumed> => {parent_tid=[1477]}, 88) = 1477 [pid 6553] <... rseq resumed>) = 0 [pid 6553] set_robust_list(0x7eff0a3299a0, 24 [pid 6551] rt_sigprocmask(SIG_SETMASK, [], [pid 6553] <... set_robust_list resumed>) = 0 [pid 6551] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6553] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6553] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6551] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6553] <... futex resumed>) = 0 [pid 6551] <... futex resumed>) = 1 [pid 6553] creat("./file1", 000) = 5 [pid 6552] <... write resumed>) = 1048064 [pid 6551] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6553] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6552] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6551] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6553] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6552] <... futex resumed>) = 0 [pid 6552] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6551] close(3) = 0 [pid 6551] close(4) = 0 [pid 6551] close(5) = 0 [pid 6551] close(6) = -1 EBADF (Bad file descriptor) [pid 6551] close(7) = -1 EBADF (Bad file descriptor) [pid 6551] close(8) = -1 EBADF (Bad file descriptor) [pid 6551] close(9) = -1 EBADF (Bad file descriptor) [pid 6551] close(10) = -1 EBADF (Bad file descriptor) [pid 6551] close(11) = -1 EBADF (Bad file descriptor) [pid 6551] close(12) = -1 EBADF (Bad file descriptor) [pid 6551] close(13) = -1 EBADF (Bad file descriptor) [pid 6551] close(14) = -1 EBADF (Bad file descriptor) [pid 6551] close(15) = -1 EBADF (Bad file descriptor) [pid 6551] close(16) = -1 EBADF (Bad file descriptor) [pid 6551] close(17) = -1 EBADF (Bad file descriptor) [pid 6551] close(18) = -1 EBADF (Bad file descriptor) [pid 6551] close(19) = -1 EBADF (Bad file descriptor) [pid 6551] close(20) = -1 EBADF (Bad file descriptor) [pid 6551] close(21) = -1 EBADF (Bad file descriptor) [pid 6551] close(22) = -1 EBADF (Bad file descriptor) [pid 6551] close(23) = -1 EBADF (Bad file descriptor) [pid 6551] close(24) = -1 EBADF (Bad file descriptor) [pid 6551] close(25) = -1 EBADF (Bad file descriptor) [pid 6551] close(26) = -1 EBADF (Bad file descriptor) [pid 6551] close(27) = -1 EBADF (Bad file descriptor) [pid 6551] close(28) = -1 EBADF (Bad file descriptor) [pid 6551] close(29) = -1 EBADF (Bad file descriptor) [pid 6551] exit_group(0 [pid 6552] <... futex resumed>) = ? [pid 6551] <... exit_group resumed>) = ? [pid 6553] <... futex resumed>) = ? [pid 6552] +++ exited with 0 +++ [pid 6553] +++ exited with 0 +++ [pid 6551] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1475, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] umount2("./491", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./491", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./491/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./491/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./491/cgroup.cpu") = 0 [pid 5063] umount2("./491/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./491/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./491/binderfs") = 0 [pid 5063] umount2("./491/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./491/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./491/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./491/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./491/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./491/file0") = 0 [pid 5063] umount2("./491/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./491/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./491/cgroup") = 0 [pid 5063] umount2("./491/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./491/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./491/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./491") = 0 [pid 5063] mkdir("./492", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6554 attached , child_tidptr=0x5555560b8690) = 1478 [pid 6554] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6554] chdir("./492") = 0 [pid 6554] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6554] setpgid(0, 0) = 0 [pid 6554] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6554] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6554] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6554] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6554] write(3, "1000", 4) = 4 [pid 6554] close(3) = 0 [pid 6554] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6554] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6554] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6554] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6554] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6554] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6554] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6554] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6555 attached => {parent_tid=[1479]}, 88) = 1479 [pid 6555] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6554] rt_sigprocmask(SIG_SETMASK, [], [pid 6555] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6554] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6555] rt_sigprocmask(SIG_SETMASK, [], [pid 6554] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6555] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6554] <... futex resumed>) = 0 [pid 6555] memfd_create("syzkaller", 0 [pid 6554] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6555] <... memfd_create resumed>) = 3 [pid 6555] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6555] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6555] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6555] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6555] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6555] close(3) = 0 [pid 6555] mkdir("./file0", 0777) = 0 [pid 6555] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6555] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6555] chdir("./file0") = 0 [pid 6555] ioctl(4, LOOP_CLR_FD) = 0 [pid 6555] close(4) = 0 [pid 6555] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6554] <... futex resumed>) = 0 [pid 6555] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 342.332243][ T6555] loop0: detected capacity change from 0 to 4096 [ 342.356046][ T6555] ntfs: volume version 3.1. [pid 6554] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6555] <... openat resumed>) = 4 [pid 6555] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6554] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6555] <... futex resumed>) = 0 [pid 6554] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6554] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6555] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6554] <... futex resumed>) = 0 [pid 6554] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6554] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6554] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6554] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6554] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6554] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6556 attached [pid 6556] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6556] set_robust_list(0x7eff0a3299a0, 24 [pid 6554] <... clone3 resumed> => {parent_tid=[1480]}, 88) = 1480 [pid 6554] rt_sigprocmask(SIG_SETMASK, [], [pid 6556] <... set_robust_list resumed>) = 0 [pid 6556] rt_sigprocmask(SIG_SETMASK, [], [pid 6554] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6556] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6554] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6556] creat("./file1", 000 [pid 6554] <... futex resumed>) = 0 [pid 6554] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6556] <... creat resumed>) = 5 [pid 6555] <... write resumed>) = 1048064 [pid 6556] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6555] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6556] <... futex resumed>) = 1 [pid 6555] <... futex resumed>) = 0 [pid 6554] <... futex resumed>) = 0 [pid 6556] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6555] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6554] close(3) = 0 [pid 6554] close(4) = 0 [pid 6554] close(5) = 0 [pid 6554] close(6) = -1 EBADF (Bad file descriptor) [pid 6554] close(7) = -1 EBADF (Bad file descriptor) [pid 6554] close(8) = -1 EBADF (Bad file descriptor) [pid 6554] close(9) = -1 EBADF (Bad file descriptor) [pid 6554] close(10) = -1 EBADF (Bad file descriptor) [pid 6554] close(11) = -1 EBADF (Bad file descriptor) [pid 6554] close(12) = -1 EBADF (Bad file descriptor) [pid 6554] close(13) = -1 EBADF (Bad file descriptor) [pid 6554] close(14) = -1 EBADF (Bad file descriptor) [pid 6554] close(15) = -1 EBADF (Bad file descriptor) [pid 6554] close(16) = -1 EBADF (Bad file descriptor) [pid 6554] close(17) = -1 EBADF (Bad file descriptor) [pid 6554] close(18) = -1 EBADF (Bad file descriptor) [pid 6554] close(19) = -1 EBADF (Bad file descriptor) [pid 6554] close(20) = -1 EBADF (Bad file descriptor) [pid 6554] close(21) = -1 EBADF (Bad file descriptor) [pid 6554] close(22) = -1 EBADF (Bad file descriptor) [pid 6554] close(23) = -1 EBADF (Bad file descriptor) [pid 6554] close(24) = -1 EBADF (Bad file descriptor) [pid 6554] close(25) = -1 EBADF (Bad file descriptor) [pid 6554] close(26) = -1 EBADF (Bad file descriptor) [pid 6554] close(27) = -1 EBADF (Bad file descriptor) [pid 6554] close(28) = -1 EBADF (Bad file descriptor) [pid 6554] close(29) = -1 EBADF (Bad file descriptor) [pid 6554] exit_group(0) = ? [pid 6556] <... futex resumed>) = ? [pid 6555] <... futex resumed>) = ? [pid 6555] +++ exited with 0 +++ [pid 6556] +++ exited with 0 +++ [pid 6554] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1478, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./492", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./492", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./492/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./492/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./492/cgroup.cpu") = 0 [pid 5063] umount2("./492/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./492/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./492/binderfs") = 0 [pid 5063] umount2("./492/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./492/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./492/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./492/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./492/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./492/file0") = 0 [pid 5063] umount2("./492/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./492/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./492/cgroup") = 0 [pid 5063] umount2("./492/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./492/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./492/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./492") = 0 [pid 5063] mkdir("./493", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6557 attached [pid 6557] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1481 [pid 6557] <... set_robust_list resumed>) = 0 [pid 6557] chdir("./493") = 0 [pid 6557] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6557] setpgid(0, 0) = 0 [pid 6557] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6557] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6557] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6557] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6557] write(3, "1000", 4) = 4 [pid 6557] close(3) = 0 [pid 6557] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6557] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6557] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6557] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6557] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6557] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6557] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6557] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6558 attached => {parent_tid=[1482]}, 88) = 1482 [pid 6558] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6557] rt_sigprocmask(SIG_SETMASK, [], [pid 6558] <... rseq resumed>) = 0 [pid 6557] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6558] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6557] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6558] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6557] <... futex resumed>) = 0 [pid 6557] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6558] memfd_create("syzkaller", 0) = 3 [pid 6558] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6558] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6558] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6558] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6558] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6558] close(3) = 0 [pid 6558] mkdir("./file0", 0777) = 0 [pid 6558] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6558] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6558] chdir("./file0") = 0 [pid 6558] ioctl(4, LOOP_CLR_FD) = 0 [pid 6558] close(4) = 0 [ 342.872777][ T6558] loop0: detected capacity change from 0 to 4096 [ 342.887819][ T6558] ntfs: volume version 3.1. [pid 6558] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6557] <... futex resumed>) = 0 [pid 6558] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6557] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6558] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6557] <... futex resumed>) = 0 [pid 6557] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6558] <... openat resumed>) = 4 [pid 6558] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6558] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6557] <... futex resumed>) = 0 [pid 6557] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6558] <... futex resumed>) = 0 [pid 6557] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6558] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6557] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6557] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6557] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6557] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6557] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6557] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6559 attached => {parent_tid=[1483]}, 88) = 1483 [pid 6559] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6557] rt_sigprocmask(SIG_SETMASK, [], [pid 6559] <... rseq resumed>) = 0 [pid 6557] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6559] set_robust_list(0x7eff0a3299a0, 24 [pid 6557] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6559] <... set_robust_list resumed>) = 0 [pid 6557] <... futex resumed>) = 0 [pid 6559] rt_sigprocmask(SIG_SETMASK, [], [pid 6557] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6559] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6559] creat("./file1", 000) = 5 [pid 6559] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6558] <... write resumed>) = 1048064 [pid 6558] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6559] <... futex resumed>) = 1 [pid 6557] <... futex resumed>) = 0 [pid 6558] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6557] close(3 [pid 6559] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6557] <... close resumed>) = 0 [pid 6557] close(4) = 0 [pid 6557] close(5) = 0 [pid 6557] close(6) = -1 EBADF (Bad file descriptor) [pid 6557] close(7) = -1 EBADF (Bad file descriptor) [pid 6557] close(8) = -1 EBADF (Bad file descriptor) [pid 6557] close(9) = -1 EBADF (Bad file descriptor) [pid 6557] close(10) = -1 EBADF (Bad file descriptor) [pid 6557] close(11) = -1 EBADF (Bad file descriptor) [pid 6557] close(12) = -1 EBADF (Bad file descriptor) [pid 6557] close(13) = -1 EBADF (Bad file descriptor) [pid 6557] close(14) = -1 EBADF (Bad file descriptor) [pid 6557] close(15) = -1 EBADF (Bad file descriptor) [pid 6557] close(16) = -1 EBADF (Bad file descriptor) [pid 6557] close(17) = -1 EBADF (Bad file descriptor) [pid 6557] close(18) = -1 EBADF (Bad file descriptor) [pid 6557] close(19) = -1 EBADF (Bad file descriptor) [pid 6557] close(20) = -1 EBADF (Bad file descriptor) [pid 6557] close(21) = -1 EBADF (Bad file descriptor) [pid 6557] close(22) = -1 EBADF (Bad file descriptor) [pid 6557] close(23) = -1 EBADF (Bad file descriptor) [pid 6557] close(24) = -1 EBADF (Bad file descriptor) [pid 6557] close(25) = -1 EBADF (Bad file descriptor) [pid 6557] close(26) = -1 EBADF (Bad file descriptor) [pid 6557] close(27) = -1 EBADF (Bad file descriptor) [pid 6557] close(28) = -1 EBADF (Bad file descriptor) [pid 6557] close(29) = -1 EBADF (Bad file descriptor) [pid 6557] exit_group(0) = ? [pid 6559] <... futex resumed>) = ? [pid 6558] <... futex resumed>) = ? [pid 6558] +++ exited with 0 +++ [pid 6559] +++ exited with 0 +++ [pid 6557] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1481, si_uid=0, si_status=0, si_utime=0, si_stime=19 /* 0.19 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./493", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./493", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./493/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./493/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./493/cgroup.cpu") = 0 [pid 5063] umount2("./493/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./493/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./493/binderfs") = 0 [pid 5063] umount2("./493/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./493/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./493/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./493/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./493/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./493/file0") = 0 [pid 5063] umount2("./493/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./493/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./493/cgroup") = 0 [pid 5063] umount2("./493/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./493/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./493/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./493") = 0 [pid 5063] mkdir("./494", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6560 attached [pid 6560] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1484 [pid 6560] chdir("./494") = 0 [pid 6560] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6560] setpgid(0, 0) = 0 [pid 6560] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6560] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6560] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6560] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6560] write(3, "1000", 4) = 4 [pid 6560] close(3) = 0 [pid 6560] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6560] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6560] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6560] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6560] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6560] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6560] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6560] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6561 attached [pid 6561] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6560] <... clone3 resumed> => {parent_tid=[1485]}, 88) = 1485 [pid 6561] set_robust_list(0x7eff0a34a9a0, 24 [pid 6560] rt_sigprocmask(SIG_SETMASK, [], [pid 6561] <... set_robust_list resumed>) = 0 [pid 6561] rt_sigprocmask(SIG_SETMASK, [], [pid 6560] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6561] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6560] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6561] memfd_create("syzkaller", 0 [pid 6560] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6561] <... memfd_create resumed>) = 3 [pid 6561] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6561] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6561] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6561] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6561] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6561] close(3) = 0 [pid 6561] mkdir("./file0", 0777) = 0 [pid 6561] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6561] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6561] chdir("./file0") = 0 [pid 6561] ioctl(4, LOOP_CLR_FD) = 0 [pid 6561] close(4) = 0 [pid 6561] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6561] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6560] <... futex resumed>) = 0 [pid 6560] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6561] <... futex resumed>) = 0 [pid 6560] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6561] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [ 343.387292][ T6561] loop0: detected capacity change from 0 to 4096 [ 343.416450][ T6561] ntfs: volume version 3.1. [pid 6561] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6560] <... futex resumed>) = 0 [pid 6561] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6560] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6561] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6560] <... futex resumed>) = 0 [pid 6561] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6560] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6560] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6560] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6560] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6560] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6560] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6562 attached [pid 6562] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6560] <... clone3 resumed> => {parent_tid=[1486]}, 88) = 1486 [pid 6562] <... rseq resumed>) = 0 [pid 6560] rt_sigprocmask(SIG_SETMASK, [], [pid 6562] set_robust_list(0x7eff0a3299a0, 24 [pid 6560] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6562] <... set_robust_list resumed>) = 0 [pid 6560] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6562] rt_sigprocmask(SIG_SETMASK, [], [pid 6560] <... futex resumed>) = 0 [pid 6562] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6560] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6562] creat("./file1", 000) = 5 [pid 6561] <... write resumed>) = 1048064 [pid 6561] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6561] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6562] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6560] <... futex resumed>) = 0 [pid 6560] close(3) = 0 [pid 6562] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6560] close(4) = 0 [pid 6560] close(5) = 0 [pid 6560] close(6) = -1 EBADF (Bad file descriptor) [pid 6560] close(7) = -1 EBADF (Bad file descriptor) [pid 6560] close(8) = -1 EBADF (Bad file descriptor) [pid 6560] close(9) = -1 EBADF (Bad file descriptor) [pid 6560] close(10) = -1 EBADF (Bad file descriptor) [pid 6560] close(11) = -1 EBADF (Bad file descriptor) [pid 6560] close(12) = -1 EBADF (Bad file descriptor) [pid 6560] close(13) = -1 EBADF (Bad file descriptor) [pid 6560] close(14) = -1 EBADF (Bad file descriptor) [pid 6560] close(15) = -1 EBADF (Bad file descriptor) [pid 6560] close(16) = -1 EBADF (Bad file descriptor) [pid 6560] close(17) = -1 EBADF (Bad file descriptor) [pid 6560] close(18) = -1 EBADF (Bad file descriptor) [pid 6560] close(19) = -1 EBADF (Bad file descriptor) [pid 6560] close(20) = -1 EBADF (Bad file descriptor) [pid 6560] close(21) = -1 EBADF (Bad file descriptor) [pid 6560] close(22) = -1 EBADF (Bad file descriptor) [pid 6560] close(23) = -1 EBADF (Bad file descriptor) [pid 6560] close(24) = -1 EBADF (Bad file descriptor) [pid 6560] close(25) = -1 EBADF (Bad file descriptor) [pid 6560] close(26) = -1 EBADF (Bad file descriptor) [pid 6560] close(27) = -1 EBADF (Bad file descriptor) [pid 6560] close(28) = -1 EBADF (Bad file descriptor) [pid 6560] close(29) = -1 EBADF (Bad file descriptor) [pid 6560] exit_group(0 [pid 6562] <... futex resumed>) = ? [pid 6561] <... futex resumed>) = ? [pid 6560] <... exit_group resumed>) = ? [pid 6562] +++ exited with 0 +++ [pid 6561] +++ exited with 0 +++ [pid 6560] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1484, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./494", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./494", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./494/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./494/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./494/cgroup.cpu") = 0 [pid 5063] umount2("./494/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./494/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./494/binderfs") = 0 [pid 5063] umount2("./494/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./494/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./494/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./494/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./494/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./494/file0") = 0 [pid 5063] umount2("./494/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./494/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./494/cgroup") = 0 [pid 5063] umount2("./494/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./494/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./494/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./494") = 0 [pid 5063] mkdir("./495", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6563 attached [pid 6563] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1487 [pid 6563] <... set_robust_list resumed>) = 0 [pid 6563] chdir("./495") = 0 [pid 6563] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6563] setpgid(0, 0) = 0 [pid 6563] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6563] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6563] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6563] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6563] write(3, "1000", 4) = 4 [pid 6563] close(3) = 0 [pid 6563] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6563] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6563] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6563] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6563] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6563] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6563] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6563] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6564 attached => {parent_tid=[1488]}, 88) = 1488 [pid 6564] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6563] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6563] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6564] <... rseq resumed>) = 0 [pid 6564] set_robust_list(0x7eff0a34a9a0, 24 [pid 6563] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6564] <... set_robust_list resumed>) = 0 [pid 6564] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6564] memfd_create("syzkaller", 0) = 3 [pid 6564] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6564] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6564] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6564] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6564] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6564] close(3) = 0 [pid 6564] mkdir("./file0", 0777) = 0 [pid 6564] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6564] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6564] chdir("./file0") = 0 [pid 6564] ioctl(4, LOOP_CLR_FD) = 0 [pid 6564] close(4) = 0 [pid 6564] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6563] <... futex resumed>) = 0 [pid 6564] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6563] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6564] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6563] <... futex resumed>) = 0 [pid 6563] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6564] <... openat resumed>) = 4 [pid 6564] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6563] <... futex resumed>) = 0 [pid 6564] <... futex resumed>) = 1 [pid 6563] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6564] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6563] <... futex resumed>) = 0 [ 344.035490][ T6564] loop0: detected capacity change from 0 to 4096 [ 344.064770][ T6564] ntfs: volume version 3.1. [pid 6563] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6563] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6563] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6563] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6563] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6563] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6565 attached => {parent_tid=[1489]}, 88) = 1489 [pid 6565] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6563] rt_sigprocmask(SIG_SETMASK, [], [pid 6565] <... rseq resumed>) = 0 [pid 6563] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6565] set_robust_list(0x7eff0a3299a0, 24 [pid 6563] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6565] <... set_robust_list resumed>) = 0 [pid 6563] <... futex resumed>) = 0 [pid 6565] rt_sigprocmask(SIG_SETMASK, [], [pid 6563] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6565] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6565] creat("./file1", 000) = 5 [pid 6565] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6564] <... write resumed>) = 1048064 [pid 6564] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6565] <... futex resumed>) = 1 [pid 6563] <... futex resumed>) = 0 [pid 6564] <... futex resumed>) = 0 [pid 6563] close(3 [pid 6565] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6564] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6563] <... close resumed>) = 0 [pid 6563] close(4) = 0 [pid 6563] close(5) = 0 [pid 6563] close(6) = -1 EBADF (Bad file descriptor) [pid 6563] close(7) = -1 EBADF (Bad file descriptor) [pid 6563] close(8) = -1 EBADF (Bad file descriptor) [pid 6563] close(9) = -1 EBADF (Bad file descriptor) [pid 6563] close(10) = -1 EBADF (Bad file descriptor) [pid 6563] close(11) = -1 EBADF (Bad file descriptor) [pid 6563] close(12) = -1 EBADF (Bad file descriptor) [pid 6563] close(13) = -1 EBADF (Bad file descriptor) [pid 6563] close(14) = -1 EBADF (Bad file descriptor) [pid 6563] close(15) = -1 EBADF (Bad file descriptor) [pid 6563] close(16) = -1 EBADF (Bad file descriptor) [pid 6563] close(17) = -1 EBADF (Bad file descriptor) [pid 6563] close(18) = -1 EBADF (Bad file descriptor) [pid 6563] close(19) = -1 EBADF (Bad file descriptor) [pid 6563] close(20) = -1 EBADF (Bad file descriptor) [pid 6563] close(21) = -1 EBADF (Bad file descriptor) [pid 6563] close(22) = -1 EBADF (Bad file descriptor) [pid 6563] close(23) = -1 EBADF (Bad file descriptor) [pid 6563] close(24) = -1 EBADF (Bad file descriptor) [pid 6563] close(25) = -1 EBADF (Bad file descriptor) [pid 6563] close(26) = -1 EBADF (Bad file descriptor) [pid 6563] close(27) = -1 EBADF (Bad file descriptor) [pid 6563] close(28) = -1 EBADF (Bad file descriptor) [pid 6563] close(29) = -1 EBADF (Bad file descriptor) [pid 6563] exit_group(0) = ? [pid 6564] <... futex resumed>) = ? [pid 6564] +++ exited with 0 +++ [pid 6565] <... futex resumed>) = ? [pid 6565] +++ exited with 0 +++ [pid 6563] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1487, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./495", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./495", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./495/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./495/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./495/cgroup.cpu") = 0 [pid 5063] umount2("./495/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./495/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./495/binderfs") = 0 [pid 5063] umount2("./495/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./495/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./495/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./495/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./495/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./495/file0") = 0 [pid 5063] umount2("./495/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./495/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./495/cgroup") = 0 [pid 5063] umount2("./495/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./495/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./495/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./495") = 0 [pid 5063] mkdir("./496", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6566 attached , child_tidptr=0x5555560b8690) = 1490 [pid 6566] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6566] chdir("./496") = 0 [pid 6566] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6566] setpgid(0, 0) = 0 [pid 6566] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6566] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6566] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6566] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6566] write(3, "1000", 4) = 4 [pid 6566] close(3) = 0 [pid 6566] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6566] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6566] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6566] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6566] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6566] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6566] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6566] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6567 attached => {parent_tid=[1491]}, 88) = 1491 [pid 6567] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6566] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6566] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6566] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6567] <... rseq resumed>) = 0 [pid 6567] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6567] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6567] memfd_create("syzkaller", 0) = 3 [pid 6567] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6567] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6567] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6567] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6567] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6567] close(3) = 0 [pid 6567] mkdir("./file0", 0777) = 0 [pid 6567] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6567] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6567] chdir("./file0") = 0 [pid 6567] ioctl(4, LOOP_CLR_FD) = 0 [ 344.630968][ T6567] loop0: detected capacity change from 0 to 4096 [ 344.658928][ T6567] ntfs: volume version 3.1. [pid 6567] close(4) = 0 [pid 6567] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6567] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6566] <... futex resumed>) = 0 [pid 6566] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6567] <... futex resumed>) = 0 [pid 6566] <... futex resumed>) = 1 [pid 6567] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6566] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6567] <... openat resumed>) = 4 [pid 6567] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6567] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6566] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6566] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6567] <... futex resumed>) = 0 [pid 6567] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6566] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6566] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6566] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6566] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6566] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6566] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6568 attached => {parent_tid=[1492]}, 88) = 1492 [pid 6566] rt_sigprocmask(SIG_SETMASK, [], [pid 6568] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6566] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6568] <... rseq resumed>) = 0 [pid 6566] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6568] set_robust_list(0x7eff0a3299a0, 24 [pid 6566] <... futex resumed>) = 0 [pid 6568] <... set_robust_list resumed>) = 0 [pid 6568] rt_sigprocmask(SIG_SETMASK, [], [pid 6566] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6568] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6568] creat("./file1", 000) = 5 [pid 6567] <... write resumed>) = 1048064 [pid 6567] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6567] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6568] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6566] <... futex resumed>) = 0 [pid 6568] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6566] close(3) = 0 [pid 6566] close(4) = 0 [pid 6566] close(5) = 0 [pid 6566] close(6) = -1 EBADF (Bad file descriptor) [pid 6566] close(7) = -1 EBADF (Bad file descriptor) [pid 6566] close(8) = -1 EBADF (Bad file descriptor) [pid 6566] close(9) = -1 EBADF (Bad file descriptor) [pid 6566] close(10) = -1 EBADF (Bad file descriptor) [pid 6566] close(11) = -1 EBADF (Bad file descriptor) [pid 6566] close(12) = -1 EBADF (Bad file descriptor) [pid 6566] close(13) = -1 EBADF (Bad file descriptor) [pid 6566] close(14) = -1 EBADF (Bad file descriptor) [pid 6566] close(15) = -1 EBADF (Bad file descriptor) [pid 6566] close(16) = -1 EBADF (Bad file descriptor) [pid 6566] close(17) = -1 EBADF (Bad file descriptor) [pid 6566] close(18) = -1 EBADF (Bad file descriptor) [pid 6566] close(19) = -1 EBADF (Bad file descriptor) [pid 6566] close(20) = -1 EBADF (Bad file descriptor) [pid 6566] close(21) = -1 EBADF (Bad file descriptor) [pid 6566] close(22) = -1 EBADF (Bad file descriptor) [pid 6566] close(23) = -1 EBADF (Bad file descriptor) [pid 6566] close(24) = -1 EBADF (Bad file descriptor) [pid 6566] close(25) = -1 EBADF (Bad file descriptor) [pid 6566] close(26) = -1 EBADF (Bad file descriptor) [pid 6566] close(27) = -1 EBADF (Bad file descriptor) [pid 6566] close(28) = -1 EBADF (Bad file descriptor) [pid 6566] close(29) = -1 EBADF (Bad file descriptor) [pid 6566] exit_group(0) = ? [pid 6568] <... futex resumed>) = ? [pid 6567] <... futex resumed>) = ? [pid 6568] +++ exited with 0 +++ [pid 6567] +++ exited with 0 +++ [pid 6566] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1490, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./496", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./496", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./496/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./496/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./496/cgroup.cpu") = 0 [pid 5063] umount2("./496/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./496/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./496/binderfs") = 0 [pid 5063] umount2("./496/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./496/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./496/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./496/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./496/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./496/file0") = 0 [pid 5063] umount2("./496/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./496/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./496/cgroup") = 0 [pid 5063] umount2("./496/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./496/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./496/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./496") = 0 [pid 5063] mkdir("./497", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6569 attached [pid 6569] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1493 [pid 6569] <... set_robust_list resumed>) = 0 [pid 6569] chdir("./497") = 0 [pid 6569] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6569] setpgid(0, 0) = 0 [pid 6569] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6569] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6569] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6569] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6569] write(3, "1000", 4) = 4 [pid 6569] close(3) = 0 [pid 6569] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6569] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6569] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6569] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6569] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6569] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6569] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6569] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6570 attached [pid 6570] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6569] <... clone3 resumed> => {parent_tid=[1494]}, 88) = 1494 [pid 6570] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6569] rt_sigprocmask(SIG_SETMASK, [], [pid 6570] rt_sigprocmask(SIG_SETMASK, [], [pid 6569] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6570] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6569] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6570] memfd_create("syzkaller", 0 [pid 6569] <... futex resumed>) = 0 [pid 6569] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6570] <... memfd_create resumed>) = 3 [pid 6570] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6570] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6570] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6570] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6570] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6570] close(3) = 0 [pid 6570] mkdir("./file0", 0777) = 0 [pid 6570] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6570] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6570] chdir("./file0") = 0 [pid 6570] ioctl(4, LOOP_CLR_FD) = 0 [pid 6570] close(4) = 0 [pid 6570] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6569] <... futex resumed>) = 0 [pid 6570] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6569] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6570] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6569] <... futex resumed>) = 0 [pid 6570] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6569] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6570] <... openat resumed>) = 4 [ 345.210840][ T6570] loop0: detected capacity change from 0 to 4096 [ 345.241692][ T6570] ntfs: volume version 3.1. [pid 6570] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6569] <... futex resumed>) = 0 [pid 6569] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6570] <... futex resumed>) = 1 [pid 6569] <... futex resumed>) = 0 [pid 6569] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6570] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6569] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6569] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6569] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6569] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6569] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6569] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6571 attached [pid 6571] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6569] <... clone3 resumed> => {parent_tid=[1495]}, 88) = 1495 [pid 6571] <... rseq resumed>) = 0 [pid 6569] rt_sigprocmask(SIG_SETMASK, [], [pid 6571] set_robust_list(0x7eff0a3299a0, 24 [pid 6570] <... write resumed>) = 1048064 [pid 6570] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6569] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6570] <... futex resumed>) = 0 [pid 6569] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6570] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6569] <... futex resumed>) = 0 [pid 6569] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6571] <... set_robust_list resumed>) = 0 [pid 6571] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6571] creat("./file1", 000) = 5 [pid 6571] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6569] <... futex resumed>) = 0 [pid 6571] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6569] close(3) = 0 [pid 6569] close(4) = 0 [pid 6569] close(5) = 0 [pid 6569] close(6) = -1 EBADF (Bad file descriptor) [pid 6569] close(7) = -1 EBADF (Bad file descriptor) [pid 6569] close(8) = -1 EBADF (Bad file descriptor) [pid 6569] close(9) = -1 EBADF (Bad file descriptor) [pid 6569] close(10) = -1 EBADF (Bad file descriptor) [pid 6569] close(11) = -1 EBADF (Bad file descriptor) [pid 6569] close(12) = -1 EBADF (Bad file descriptor) [pid 6569] close(13) = -1 EBADF (Bad file descriptor) [pid 6569] close(14) = -1 EBADF (Bad file descriptor) [pid 6569] close(15) = -1 EBADF (Bad file descriptor) [pid 6569] close(16) = -1 EBADF (Bad file descriptor) [pid 6569] close(17) = -1 EBADF (Bad file descriptor) [pid 6569] close(18) = -1 EBADF (Bad file descriptor) [pid 6569] close(19) = -1 EBADF (Bad file descriptor) [pid 6569] close(20) = -1 EBADF (Bad file descriptor) [pid 6569] close(21) = -1 EBADF (Bad file descriptor) [pid 6569] close(22) = -1 EBADF (Bad file descriptor) [pid 6569] close(23) = -1 EBADF (Bad file descriptor) [pid 6569] close(24) = -1 EBADF (Bad file descriptor) [pid 6569] close(25) = -1 EBADF (Bad file descriptor) [pid 6569] close(26) = -1 EBADF (Bad file descriptor) [pid 6569] close(27) = -1 EBADF (Bad file descriptor) [pid 6569] close(28) = -1 EBADF (Bad file descriptor) [pid 6569] close(29) = -1 EBADF (Bad file descriptor) [pid 6569] exit_group(0) = ? [pid 6571] <... futex resumed>) = ? [pid 6570] <... futex resumed>) = ? [pid 6571] +++ exited with 0 +++ [pid 6570] +++ exited with 0 +++ [pid 6569] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1493, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] umount2("./497", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./497", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./497/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./497/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./497/cgroup.cpu") = 0 [pid 5063] umount2("./497/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./497/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./497/binderfs") = 0 [pid 5063] umount2("./497/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./497/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./497/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./497/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./497/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./497/file0") = 0 [pid 5063] umount2("./497/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./497/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./497/cgroup") = 0 [pid 5063] umount2("./497/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./497/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./497/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./497") = 0 [pid 5063] mkdir("./498", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6572 attached , child_tidptr=0x5555560b8690) = 1496 [pid 6572] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6572] chdir("./498") = 0 [pid 6572] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6572] setpgid(0, 0) = 0 [pid 6572] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6572] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6572] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6572] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6572] write(3, "1000", 4) = 4 [pid 6572] close(3) = 0 [pid 6572] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6572] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6572] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6572] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6572] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6572] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6572] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6572] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6573 attached => {parent_tid=[1497]}, 88) = 1497 [pid 6573] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6572] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6572] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6572] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6573] <... rseq resumed>) = 0 [pid 6573] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6573] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6573] memfd_create("syzkaller", 0) = 3 [pid 6573] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6573] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6573] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6573] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6573] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6573] close(3) = 0 [pid 6573] mkdir("./file0", 0777) = 0 [pid 6573] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6573] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6573] chdir("./file0") = 0 [pid 6573] ioctl(4, LOOP_CLR_FD) = 0 [pid 6573] close(4) = 0 [ 345.810006][ T6573] loop0: detected capacity change from 0 to 4096 [ 345.841716][ T6573] ntfs: volume version 3.1. [pid 6573] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6573] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6572] <... futex resumed>) = 0 [pid 6573] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6572] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6573] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6572] <... futex resumed>) = 0 [pid 6572] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6573] <... openat resumed>) = 4 [pid 6573] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6572] <... futex resumed>) = 0 [pid 6573] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6572] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6572] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6572] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6572] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6572] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6572] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6572] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6575 attached [pid 6575] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6572] <... clone3 resumed> => {parent_tid=[1498]}, 88) = 1498 [pid 6575] <... rseq resumed>) = 0 [pid 6572] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6572] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6572] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6575] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6575] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6575] creat("./file1", 000) = 5 [pid 6573] <... write resumed>) = 1048064 [pid 6575] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6573] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6575] <... futex resumed>) = 1 [pid 6573] <... futex resumed>) = 0 [pid 6572] <... futex resumed>) = 0 [pid 6575] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6572] close(3 [pid 6573] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6572] <... close resumed>) = 0 [pid 6572] close(4) = 0 [pid 6572] close(5) = 0 [pid 6572] close(6) = -1 EBADF (Bad file descriptor) [pid 6572] close(7) = -1 EBADF (Bad file descriptor) [pid 6572] close(8) = -1 EBADF (Bad file descriptor) [pid 6572] close(9) = -1 EBADF (Bad file descriptor) [pid 6572] close(10) = -1 EBADF (Bad file descriptor) [pid 6572] close(11) = -1 EBADF (Bad file descriptor) [pid 6572] close(12) = -1 EBADF (Bad file descriptor) [pid 6572] close(13) = -1 EBADF (Bad file descriptor) [pid 6572] close(14) = -1 EBADF (Bad file descriptor) [pid 6572] close(15) = -1 EBADF (Bad file descriptor) [pid 6572] close(16) = -1 EBADF (Bad file descriptor) [pid 6572] close(17) = -1 EBADF (Bad file descriptor) [pid 6572] close(18) = -1 EBADF (Bad file descriptor) [pid 6572] close(19) = -1 EBADF (Bad file descriptor) [pid 6572] close(20) = -1 EBADF (Bad file descriptor) [pid 6572] close(21) = -1 EBADF (Bad file descriptor) [pid 6572] close(22) = -1 EBADF (Bad file descriptor) [pid 6572] close(23) = -1 EBADF (Bad file descriptor) [pid 6572] close(24) = -1 EBADF (Bad file descriptor) [pid 6572] close(25) = -1 EBADF (Bad file descriptor) [pid 6572] close(26) = -1 EBADF (Bad file descriptor) [pid 6572] close(27) = -1 EBADF (Bad file descriptor) [pid 6572] close(28) = -1 EBADF (Bad file descriptor) [pid 6572] close(29) = -1 EBADF (Bad file descriptor) [pid 6572] exit_group(0) = ? [pid 6575] <... futex resumed>) = ? [pid 6573] <... futex resumed>) = ? [pid 6575] +++ exited with 0 +++ [pid 6573] +++ exited with 0 +++ [pid 6572] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1496, si_uid=0, si_status=0, si_utime=0, si_stime=21 /* 0.21 s */} --- [pid 5063] umount2("./498", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./498", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./498/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./498/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./498/cgroup.cpu") = 0 [pid 5063] umount2("./498/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./498/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./498/binderfs") = 0 [pid 5063] umount2("./498/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./498/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./498/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./498/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./498/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./498/file0") = 0 [pid 5063] umount2("./498/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./498/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./498/cgroup") = 0 [pid 5063] umount2("./498/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./498/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./498/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./498") = 0 [pid 5063] mkdir("./499", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6576 attached , child_tidptr=0x5555560b8690) = 1499 [pid 6576] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6576] chdir("./499") = 0 [pid 6576] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6576] setpgid(0, 0) = 0 [pid 6576] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6576] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6576] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6576] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6576] write(3, "1000", 4) = 4 [pid 6576] close(3) = 0 [pid 6576] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6576] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6576] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6576] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6576] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6576] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6576] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6576] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6577 attached => {parent_tid=[1500]}, 88) = 1500 [pid 6577] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6576] rt_sigprocmask(SIG_SETMASK, [], [pid 6577] <... rseq resumed>) = 0 [pid 6576] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6577] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6576] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6577] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6576] <... futex resumed>) = 0 [pid 6576] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6577] memfd_create("syzkaller", 0) = 3 [pid 6577] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6577] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6577] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6577] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6577] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6577] close(3) = 0 [pid 6577] mkdir("./file0", 0777) = 0 [ 346.438499][ T6577] loop0: detected capacity change from 0 to 4096 [ 346.453442][ T6577] __ntfs_warning: 170 callbacks suppressed [ 346.453450][ T6577] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 346.480046][ T6577] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 346.489585][ T6577] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 346.505441][ T6577] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 346.514212][ T6577] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 346.534184][ T6577] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 346.542959][ T6577] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 346.563113][ T6577] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6577] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6577] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6577] chdir("./file0") = 0 [pid 6577] ioctl(4, LOOP_CLR_FD) = 0 [pid 6577] close(4) = 0 [ 346.571871][ T6577] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 346.591806][ T6577] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 346.602539][ T6577] ntfs: volume version 3.1. [pid 6577] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6576] <... futex resumed>) = 0 [pid 6576] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6576] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6577] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6577] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6577] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6576] <... futex resumed>) = 0 [pid 6576] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6577] <... futex resumed>) = 0 [pid 6577] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6576] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6576] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6576] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6576] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6576] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6576] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6578 attached => {parent_tid=[1501]}, 88) = 1501 [pid 6578] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6576] rt_sigprocmask(SIG_SETMASK, [], [pid 6578] set_robust_list(0x7eff0a3299a0, 24 [pid 6576] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6578] <... set_robust_list resumed>) = 0 [pid 6576] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6578] rt_sigprocmask(SIG_SETMASK, [], [pid 6576] <... futex resumed>) = 0 [pid 6578] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6576] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6578] creat("./file1", 000) = 5 [pid 6577] <... write resumed>) = 1048064 [pid 6578] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6577] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6578] <... futex resumed>) = 1 [pid 6576] <... futex resumed>) = 0 [pid 6578] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6577] <... futex resumed>) = 0 [pid 6576] close(3 [pid 6577] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6576] <... close resumed>) = 0 [pid 6576] close(4) = 0 [pid 6576] close(5) = 0 [pid 6576] close(6) = -1 EBADF (Bad file descriptor) [pid 6576] close(7) = -1 EBADF (Bad file descriptor) [pid 6576] close(8) = -1 EBADF (Bad file descriptor) [pid 6576] close(9) = -1 EBADF (Bad file descriptor) [pid 6576] close(10) = -1 EBADF (Bad file descriptor) [pid 6576] close(11) = -1 EBADF (Bad file descriptor) [pid 6576] close(12) = -1 EBADF (Bad file descriptor) [pid 6576] close(13) = -1 EBADF (Bad file descriptor) [pid 6576] close(14) = -1 EBADF (Bad file descriptor) [pid 6576] close(15) = -1 EBADF (Bad file descriptor) [pid 6576] close(16) = -1 EBADF (Bad file descriptor) [pid 6576] close(17) = -1 EBADF (Bad file descriptor) [pid 6576] close(18) = -1 EBADF (Bad file descriptor) [pid 6576] close(19) = -1 EBADF (Bad file descriptor) [pid 6576] close(20) = -1 EBADF (Bad file descriptor) [pid 6576] close(21) = -1 EBADF (Bad file descriptor) [pid 6576] close(22) = -1 EBADF (Bad file descriptor) [pid 6576] close(23) = -1 EBADF (Bad file descriptor) [pid 6576] close(24) = -1 EBADF (Bad file descriptor) [pid 6576] close(25) = -1 EBADF (Bad file descriptor) [pid 6576] close(26) = -1 EBADF (Bad file descriptor) [pid 6576] close(27) = -1 EBADF (Bad file descriptor) [pid 6576] close(28) = -1 EBADF (Bad file descriptor) [pid 6576] close(29) = -1 EBADF (Bad file descriptor) [pid 6576] exit_group(0) = ? [pid 6578] <... futex resumed>) = ? [pid 6577] <... futex resumed>) = ? [pid 6578] +++ exited with 0 +++ [pid 6577] +++ exited with 0 +++ [pid 6576] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1499, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5063] umount2("./499", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./499", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./499/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./499/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./499/cgroup.cpu") = 0 [pid 5063] umount2("./499/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./499/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./499/binderfs") = 0 [pid 5063] umount2("./499/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./499/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./499/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./499/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./499/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./499/file0") = 0 [pid 5063] umount2("./499/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./499/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./499/cgroup") = 0 [pid 5063] umount2("./499/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./499/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./499/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./499") = 0 [pid 5063] mkdir("./500", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6579 attached , child_tidptr=0x5555560b8690) = 1502 [pid 6579] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6579] chdir("./500") = 0 [pid 6579] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6579] setpgid(0, 0) = 0 [pid 6579] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6579] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6579] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6579] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6579] write(3, "1000", 4) = 4 [pid 6579] close(3) = 0 [pid 6579] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6579] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6579] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6579] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6579] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6579] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6579] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6579] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6580 attached => {parent_tid=[1503]}, 88) = 1503 [pid 6580] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6579] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6579] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6579] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6580] <... rseq resumed>) = 0 [pid 6580] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6580] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6580] memfd_create("syzkaller", 0) = 3 [pid 6580] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6580] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6580] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6580] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6580] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6580] close(3) = 0 [pid 6580] mkdir("./file0", 0777) = 0 [pid 6580] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6580] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6580] chdir("./file0") = 0 [pid 6580] ioctl(4, LOOP_CLR_FD) = 0 [pid 6580] close(4) = 0 [pid 6580] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6579] <... futex resumed>) = 0 [pid 6580] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6579] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6579] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6580] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 347.188402][ T6580] loop0: detected capacity change from 0 to 4096 [ 347.217825][ T6580] ntfs: volume version 3.1. [pid 6580] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6580] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6579] <... futex resumed>) = 0 [pid 6580] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6579] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6580] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6579] <... futex resumed>) = 0 [pid 6580] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6579] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6579] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6579] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6579] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6579] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6579] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0} => {parent_tid=[1504]}, 88) = 1504 ./strace-static-x86_64: Process 6582 attached [pid 6582] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6579] rt_sigprocmask(SIG_SETMASK, [], [pid 6582] set_robust_list(0x7eff0a3299a0, 24 [pid 6579] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6582] <... set_robust_list resumed>) = 0 [pid 6579] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6582] rt_sigprocmask(SIG_SETMASK, [], [pid 6579] <... futex resumed>) = 0 [pid 6582] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6579] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6582] creat("./file1", 000) = 5 [pid 6580] <... write resumed>) = 1048064 [pid 6582] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6580] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6579] <... futex resumed>) = 0 [pid 6582] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6580] <... futex resumed>) = 0 [pid 6579] close(3) = 0 [pid 6579] close(4 [pid 6580] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6579] <... close resumed>) = 0 [pid 6579] close(5) = 0 [pid 6579] close(6) = -1 EBADF (Bad file descriptor) [pid 6579] close(7) = -1 EBADF (Bad file descriptor) [pid 6579] close(8) = -1 EBADF (Bad file descriptor) [pid 6579] close(9) = -1 EBADF (Bad file descriptor) [pid 6579] close(10) = -1 EBADF (Bad file descriptor) [pid 6579] close(11) = -1 EBADF (Bad file descriptor) [pid 6579] close(12) = -1 EBADF (Bad file descriptor) [pid 6579] close(13) = -1 EBADF (Bad file descriptor) [pid 6579] close(14) = -1 EBADF (Bad file descriptor) [pid 6579] close(15) = -1 EBADF (Bad file descriptor) [pid 6579] close(16) = -1 EBADF (Bad file descriptor) [pid 6579] close(17) = -1 EBADF (Bad file descriptor) [pid 6579] close(18) = -1 EBADF (Bad file descriptor) [pid 6579] close(19) = -1 EBADF (Bad file descriptor) [pid 6579] close(20) = -1 EBADF (Bad file descriptor) [pid 6579] close(21) = -1 EBADF (Bad file descriptor) [pid 6579] close(22) = -1 EBADF (Bad file descriptor) [pid 6579] close(23) = -1 EBADF (Bad file descriptor) [pid 6579] close(24) = -1 EBADF (Bad file descriptor) [pid 6579] close(25) = -1 EBADF (Bad file descriptor) [pid 6579] close(26) = -1 EBADF (Bad file descriptor) [pid 6579] close(27) = -1 EBADF (Bad file descriptor) [pid 6579] close(28) = -1 EBADF (Bad file descriptor) [pid 6579] close(29) = -1 EBADF (Bad file descriptor) [pid 6579] exit_group(0) = ? [pid 6582] <... futex resumed>) = ? [pid 6580] <... futex resumed>) = ? [pid 6582] +++ exited with 0 +++ [pid 6580] +++ exited with 0 +++ [pid 6579] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1502, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5063] umount2("./500", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./500", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./500/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./500/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./500/cgroup.cpu") = 0 [pid 5063] umount2("./500/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./500/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./500/binderfs") = 0 [pid 5063] umount2("./500/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./500/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./500/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./500/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./500/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./500/file0") = 0 [pid 5063] umount2("./500/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./500/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./500/cgroup") = 0 [pid 5063] umount2("./500/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./500/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./500/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./500") = 0 [pid 5063] mkdir("./501", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6584 attached [pid 6584] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1505 [pid 6584] <... set_robust_list resumed>) = 0 [pid 6584] chdir("./501") = 0 [pid 6584] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6584] setpgid(0, 0) = 0 [pid 6584] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6584] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6584] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6584] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6584] write(3, "1000", 4) = 4 [pid 6584] close(3) = 0 [pid 6584] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6584] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6584] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6584] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6584] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6584] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6584] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6584] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6585 attached => {parent_tid=[1506]}, 88) = 1506 [pid 6585] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6584] rt_sigprocmask(SIG_SETMASK, [], [pid 6585] <... rseq resumed>) = 0 [pid 6584] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6585] set_robust_list(0x7eff0a34a9a0, 24 [pid 6584] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6585] <... set_robust_list resumed>) = 0 [pid 6584] <... futex resumed>) = 0 [pid 6585] rt_sigprocmask(SIG_SETMASK, [], [pid 6584] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6585] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6585] memfd_create("syzkaller", 0) = 3 [pid 6585] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6585] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6585] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6585] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6585] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6585] close(3) = 0 [pid 6585] mkdir("./file0", 0777) = 0 [pid 6585] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6585] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6585] chdir("./file0") = 0 [pid 6585] ioctl(4, LOOP_CLR_FD) = 0 [pid 6585] close(4) = 0 [pid 6585] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6584] <... futex resumed>) = 0 [pid 6585] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6584] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6585] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6585] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6584] <... futex resumed>) = 0 [pid 6585] <... openat resumed>) = 4 [pid 6584] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6585] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6584] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6585] <... futex resumed>) = 0 [pid 6584] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6585] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6584] <... futex resumed>) = 0 [ 347.788897][ T6585] loop0: detected capacity change from 0 to 4096 [ 347.815290][ T6585] ntfs: volume version 3.1. [pid 6584] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6584] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6584] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6584] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6584] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6584] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6587 attached [pid 6587] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6584] <... clone3 resumed> => {parent_tid=[1507]}, 88) = 1507 [pid 6584] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6584] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6587] <... rseq resumed>) = 0 [pid 6584] <... futex resumed>) = 0 [pid 6584] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6587] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6587] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6587] creat("./file1", 000) = 5 [pid 6587] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6585] <... write resumed>) = 1048064 [pid 6587] <... futex resumed>) = 1 [pid 6587] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6585] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6584] <... futex resumed>) = 0 [pid 6584] close(3) = 0 [pid 6584] close(4) = 0 [pid 6585] <... futex resumed>) = 0 [pid 6584] close(5) = 0 [pid 6584] close(6) = -1 EBADF (Bad file descriptor) [pid 6584] close(7 [pid 6585] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6584] <... close resumed>) = -1 EBADF (Bad file descriptor) [pid 6584] close(8) = -1 EBADF (Bad file descriptor) [pid 6584] close(9) = -1 EBADF (Bad file descriptor) [pid 6584] close(10) = -1 EBADF (Bad file descriptor) [pid 6584] close(11) = -1 EBADF (Bad file descriptor) [pid 6584] close(12) = -1 EBADF (Bad file descriptor) [pid 6584] close(13) = -1 EBADF (Bad file descriptor) [pid 6584] close(14) = -1 EBADF (Bad file descriptor) [pid 6584] close(15) = -1 EBADF (Bad file descriptor) [pid 6584] close(16) = -1 EBADF (Bad file descriptor) [pid 6584] close(17) = -1 EBADF (Bad file descriptor) [pid 6584] close(18) = -1 EBADF (Bad file descriptor) [pid 6584] close(19) = -1 EBADF (Bad file descriptor) [pid 6584] close(20) = -1 EBADF (Bad file descriptor) [pid 6584] close(21) = -1 EBADF (Bad file descriptor) [pid 6584] close(22) = -1 EBADF (Bad file descriptor) [pid 6584] close(23) = -1 EBADF (Bad file descriptor) [pid 6584] close(24) = -1 EBADF (Bad file descriptor) [pid 6584] close(25) = -1 EBADF (Bad file descriptor) [pid 6584] close(26) = -1 EBADF (Bad file descriptor) [pid 6584] close(27) = -1 EBADF (Bad file descriptor) [pid 6584] close(28) = -1 EBADF (Bad file descriptor) [pid 6584] close(29) = -1 EBADF (Bad file descriptor) [pid 6584] exit_group(0 [pid 6587] <... futex resumed>) = ? [pid 6585] <... futex resumed>) = ? [pid 6584] <... exit_group resumed>) = ? [pid 6587] +++ exited with 0 +++ [pid 6585] +++ exited with 0 +++ [pid 6584] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1505, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./501", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./501", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./501/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./501/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./501/cgroup.cpu") = 0 [pid 5063] umount2("./501/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./501/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./501/binderfs") = 0 [pid 5063] umount2("./501/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./501/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./501/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./501/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./501/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./501/file0") = 0 [pid 5063] umount2("./501/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./501/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./501/cgroup") = 0 [pid 5063] umount2("./501/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./501/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./501/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./501") = 0 [pid 5063] mkdir("./502", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6588 attached , child_tidptr=0x5555560b8690) = 1508 [pid 6588] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6588] chdir("./502") = 0 [pid 6588] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6588] setpgid(0, 0) = 0 [pid 6588] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6588] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6588] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6588] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6588] write(3, "1000", 4) = 4 [pid 6588] close(3) = 0 [pid 6588] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6588] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6588] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6588] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6588] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6588] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6588] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6588] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6589 attached [pid 6589] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6588] <... clone3 resumed> => {parent_tid=[1509]}, 88) = 1509 [pid 6588] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6588] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6589] <... rseq resumed>) = 0 [pid 6589] set_robust_list(0x7eff0a34a9a0, 24 [pid 6588] <... futex resumed>) = 0 [pid 6589] <... set_robust_list resumed>) = 0 [pid 6588] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6589] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6589] memfd_create("syzkaller", 0) = 3 [pid 6589] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6589] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6589] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6589] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6589] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6589] close(3) = 0 [pid 6589] mkdir("./file0", 0777) = 0 [pid 6589] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6589] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6589] chdir("./file0") = 0 [pid 6589] ioctl(4, LOOP_CLR_FD) = 0 [pid 6589] close(4) = 0 [pid 6589] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6589] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6588] <... futex resumed>) = 0 [pid 6588] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6588] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6589] <... futex resumed>) = 0 [pid 6589] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6589] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6588] <... futex resumed>) = 0 [pid 6588] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [ 348.373420][ T6589] loop0: detected capacity change from 0 to 4096 [ 348.405492][ T6589] ntfs: volume version 3.1. [pid 6589] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6588] <... futex resumed>) = 0 [pid 6588] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6588] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6588] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6588] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6588] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6588] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6590 attached => {parent_tid=[1510]}, 88) = 1510 [pid 6590] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6588] rt_sigprocmask(SIG_SETMASK, [], [pid 6590] set_robust_list(0x7eff0a3299a0, 24 [pid 6588] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6590] <... set_robust_list resumed>) = 0 [pid 6588] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6590] rt_sigprocmask(SIG_SETMASK, [], [pid 6588] <... futex resumed>) = 0 [pid 6590] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6588] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6590] creat("./file1", 000 [pid 6588] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6590] <... creat resumed>) = 5 [pid 6589] <... write resumed>) = 1048064 [pid 6590] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6589] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6589] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6588] close(3 [pid 6590] <... futex resumed>) = 0 [pid 6590] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6588] <... close resumed>) = 0 [pid 6588] close(4) = 0 [pid 6588] close(5) = 0 [pid 6588] close(6) = -1 EBADF (Bad file descriptor) [pid 6588] close(7) = -1 EBADF (Bad file descriptor) [pid 6588] close(8) = -1 EBADF (Bad file descriptor) [pid 6588] close(9) = -1 EBADF (Bad file descriptor) [pid 6588] close(10) = -1 EBADF (Bad file descriptor) [pid 6588] close(11) = -1 EBADF (Bad file descriptor) [pid 6588] close(12) = -1 EBADF (Bad file descriptor) [pid 6588] close(13) = -1 EBADF (Bad file descriptor) [pid 6588] close(14) = -1 EBADF (Bad file descriptor) [pid 6588] close(15) = -1 EBADF (Bad file descriptor) [pid 6588] close(16) = -1 EBADF (Bad file descriptor) [pid 6588] close(17) = -1 EBADF (Bad file descriptor) [pid 6588] close(18) = -1 EBADF (Bad file descriptor) [pid 6588] close(19) = -1 EBADF (Bad file descriptor) [pid 6588] close(20) = -1 EBADF (Bad file descriptor) [pid 6588] close(21) = -1 EBADF (Bad file descriptor) [pid 6588] close(22) = -1 EBADF (Bad file descriptor) [pid 6588] close(23) = -1 EBADF (Bad file descriptor) [pid 6588] close(24) = -1 EBADF (Bad file descriptor) [pid 6588] close(25) = -1 EBADF (Bad file descriptor) [pid 6588] close(26) = -1 EBADF (Bad file descriptor) [pid 6588] close(27) = -1 EBADF (Bad file descriptor) [pid 6588] close(28) = -1 EBADF (Bad file descriptor) [pid 6588] close(29) = -1 EBADF (Bad file descriptor) [pid 6588] exit_group(0 [pid 6590] <... futex resumed>) = ? [pid 6589] <... futex resumed>) = ? [pid 6588] <... exit_group resumed>) = ? [pid 6590] +++ exited with 0 +++ [pid 6589] +++ exited with 0 +++ [pid 6588] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1508, si_uid=0, si_status=0, si_utime=0, si_stime=78 /* 0.78 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./502", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./502", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./502/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./502/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./502/cgroup.cpu") = 0 [pid 5063] umount2("./502/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./502/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./502/binderfs") = 0 [ 349.285710][ T12] [ 349.288171][ T12] ====================================================== [ 349.295339][ T12] WARNING: possible circular locking dependency detected [ 349.302336][ T12] 6.7.0-rc7-syzkaller-00003-gfbafc3e621c3 #0 Not tainted [ 349.309335][ T12] ------------------------------------------------------ [ 349.316326][ T12] kworker/u4:1/12 is trying to acquire lock: [ 349.322284][ T12] ffff88807504aa40 (&rl->lock){++++}-{3:3}, at: ntfs_read_folio+0x1a98/0x2430 [ 349.331157][ T12] [ 349.331157][ T12] but task is already holding lock: [ 349.338500][ T12] ffff888074be0190 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4a/0x730 [ 349.347433][ T12] [ 349.347433][ T12] which lock already depends on the new lock. [ 349.347433][ T12] [ 349.357813][ T12] [ 349.357813][ T12] the existing dependency chain (in reverse order) is: [ 349.366803][ T12] [ 349.366803][ T12] -> #1 (&ni->mrec_lock){+.+.}-{3:3}: [ 349.374330][ T12] __mutex_lock+0x175/0x9d0 [ 349.379339][ T12] map_mft_record+0x4a/0x730 [ 349.384427][ T12] ntfs_attr_extend_allocation+0x268/0x3840 [ 349.390827][ T12] ntfs_file_write_iter+0xaa0/0x2070 [ 349.396610][ T12] vfs_write+0x64f/0xdf0 [ 349.401356][ T12] ksys_write+0x12f/0x250 [ 349.406185][ T12] do_syscall_64+0x40/0x110 [ 349.411189][ T12] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 349.417594][ T12] [ 349.417594][ T12] -> #0 (&rl->lock){++++}-{3:3}: [ 349.424691][ T12] __lock_acquire+0x2433/0x3b20 [ 349.430045][ T12] lock_acquire+0x1ae/0x520 [ 349.435053][ T12] down_read+0x9a/0x330 [ 349.439710][ T12] ntfs_read_folio+0x1a98/0x2430 [ 349.445153][ T12] filemap_read_folio+0xe9/0x2c0 [ 349.450593][ T12] do_read_cache_folio+0x205/0x540 [ 349.456204][ T12] read_cache_page+0x5b/0x160 [ 349.461378][ T12] ntfs_sync_mft_mirror+0x242/0x1ed0 [ 349.467159][ T12] write_mft_record_nolock+0x1977/0x1da0 [ 349.473289][ T12] write_mft_record+0x14b/0x380 [ 349.478639][ T12] __ntfs_write_inode+0x91b/0xc30 [ 349.484161][ T12] __writeback_single_inode+0xa91/0xe90 [ 349.490209][ T12] writeback_sb_inodes+0x599/0x1080 [ 349.495909][ T12] wb_writeback+0x2a5/0xaa0 [ 349.500916][ T12] wb_workfn+0x29c/0xfe0 [ 349.505659][ T12] process_one_work+0x886/0x15d0 [ 349.511105][ T12] worker_thread+0x8b9/0x1290 [ 349.516285][ T12] kthread+0x2c6/0x3a0 [ 349.520855][ T12] ret_from_fork+0x45/0x80 [ 349.525773][ T12] ret_from_fork_asm+0x11/0x20 [ 349.531041][ T12] [ 349.531041][ T12] other info that might help us debug this: [ 349.531041][ T12] [ 349.541249][ T12] Possible unsafe locking scenario: [ 349.541249][ T12] [ 349.548673][ T12] CPU0 CPU1 [ 349.554015][ T12] ---- ---- [ 349.559355][ T12] lock(&ni->mrec_lock); [ 349.563659][ T12] lock(&rl->lock); [ 349.570047][ T12] lock(&ni->mrec_lock); [ 349.576867][ T12] rlock(&rl->lock); [ 349.580827][ T12] [ 349.580827][ T12] *** DEADLOCK *** [ 349.580827][ T12] [ 349.588947][ T12] 3 locks held by kworker/u4:1/12: [ 349.594033][ T12] #0: ffff88801567c938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x789/0x15d0 [ 349.604628][ T12] #1: ffffc90000117d80 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x7eb/0x15d0 [ 349.616432][ T12] #2: ffff888074be0190 (&ni->mrec_lock){+.+.}-{3:3}, at: map_mft_record+0x4a/0x730 [ 349.625802][ T12] [ 349.625802][ T12] stack backtrace: [ 349.631668][ T12] CPU: 1 PID: 12 Comm: kworker/u4:1 Not tainted 6.7.0-rc7-syzkaller-00003-gfbafc3e621c3 #0 [ 349.641643][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023 [ 349.651722][ T12] Workqueue: writeback wb_workfn (flush-7:0) [ 349.657755][ T12] Call Trace: [ 349.661053][ T12] [ 349.663985][ T12] dump_stack_lvl+0xd9/0x1b0 [ 349.668629][ T12] check_noncircular+0x317/0x400 [ 349.673608][ T12] ? print_circular_bug+0x5c0/0x5c0 [ 349.678824][ T12] ? lockdep_lock+0xc6/0x200 [ 349.683419][ T12] ? hlock_class+0x130/0x130 [ 349.688002][ T12] __lock_acquire+0x2433/0x3b20 [ 349.692848][ T12] ? lockdep_hardirqs_on_prepare+0x420/0x420 [ 349.698819][ T12] lock_acquire+0x1ae/0x520 [ 349.703311][ T12] ? ntfs_read_folio+0x1a98/0x2430 [ 349.708418][ T12] ? lock_sync+0x190/0x190 [ 349.712830][ T12] ? find_held_lock+0x2d/0x110 [ 349.717591][ T12] ? preempt_count_sub+0x160/0x160 [ 349.722711][ T12] down_read+0x9a/0x330 [ 349.726850][ T12] ? ntfs_read_folio+0x1a98/0x2430 [ 349.731969][ T12] ? rwsem_down_read_slowpath+0xb20/0xb20 [ 349.737724][ T12] ? mark_held_locks+0x9f/0xe0 [ 349.742557][ T12] ? _raw_read_unlock_irqrestore+0x4e/0x70 [ 349.748371][ T12] ntfs_read_folio+0x1a98/0x2430 [ 349.753299][ T12] ? __print_lock_name+0x1f0/0x260 [ 349.758398][ T12] ? ntfs_end_buffer_async_read+0x18e0/0x18e0 [ 349.764459][ T12] ? folio_add_lru+0x451/0x7f0 [ 349.769212][ T12] ? ntfs_end_buffer_async_read+0x18e0/0x18e0 [ 349.775272][ T12] filemap_read_folio+0xe9/0x2c0 [ 349.780196][ T12] ? __folio_lock_killable+0x20/0x20 [ 349.785465][ T12] ? __filemap_get_folio+0x2b0/0xaa0 [ 349.790734][ T12] ? find_held_lock+0x2d/0x110 [ 349.795496][ T12] do_read_cache_folio+0x205/0x540 [ 349.800638][ T12] ? ntfs_end_buffer_async_read+0x18e0/0x18e0 [ 349.806728][ T12] read_cache_page+0x5b/0x160 [ 349.811425][ T12] ntfs_sync_mft_mirror+0x242/0x1ed0 [ 349.816726][ T12] ? should_fail_request+0x80/0x80 [ 349.821825][ T12] ? percpu_counter_add_batch+0x112/0x1f0 [ 349.827544][ T12] ? lockdep_hardirqs_on+0x7d/0x110 [ 349.832745][ T12] ? ntfs_mft_bitmap_extend_allocation_nolock+0x1f10/0x1f10 [ 349.840019][ T12] write_mft_record_nolock+0x1977/0x1da0 [ 349.845641][ T12] ? mark_held_locks+0x9f/0xe0 [ 349.850391][ T12] ? ntfs_sync_mft_mirror+0x1ed0/0x1ed0 [ 349.855921][ T12] ? preempt_count_sub+0x160/0x160 [ 349.861015][ T12] write_mft_record+0x14b/0x380 [ 349.865848][ T12] __ntfs_write_inode+0x91b/0xc30 [ 349.870856][ T12] __writeback_single_inode+0xa91/0xe90 [ 349.876383][ T12] ? __mark_inode_dirty+0xd60/0xd60 [ 349.881562][ T12] ? _raw_spin_unlock+0x28/0x40 [ 349.886396][ T12] ? wbc_attach_and_unlock_inode+0x561/0x910 [ 349.892362][ T12] writeback_sb_inodes+0x599/0x1080 [ 349.897559][ T12] ? sync_inode_metadata+0xe0/0xe0 [ 349.902673][ T12] ? rcu_is_watching+0x12/0xb0 [ 349.907424][ T12] ? queue_io+0x3ed/0x4e0 [ 349.911739][ T12] wb_writeback+0x2a5/0xaa0 [ 349.916242][ T12] ? __writeback_inodes_wb+0x2d0/0x2d0 [ 349.921716][ T12] ? reacquire_held_locks+0x4c0/0x4c0 [ 349.927111][ T12] ? mark_held_locks+0x9f/0xe0 [ 349.931880][ T12] wb_workfn+0x29c/0xfe0 [ 349.936105][ T12] ? lockdep_hardirqs_on_prepare+0x331/0x420 [ 349.942078][ T12] ? inode_wait_for_writeback+0x30/0x30 [ 349.947620][ T12] ? lock_sync+0x190/0x190 [ 349.952026][ T12] ? lock_sync+0x190/0x190 [ 349.956425][ T12] ? reacquire_held_locks+0x4c0/0x4c0 [ 349.961792][ T12] process_one_work+0x886/0x15d0 [ 349.966721][ T12] ? lock_sync+0x190/0x190 [ 349.971138][ T12] ? workqueue_congested+0x300/0x300 [ 349.976433][ T12] ? assign_work+0x1a0/0x250 [ 349.981033][ T12] worker_thread+0x8b9/0x1290 [pid 5063] umount2("./502/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./502/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./502/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 349.985723][ T12] ? process_one_work+0x15d0/0x15d0 [ 349.990926][ T12] kthread+0x2c6/0x3a0 [ 349.994981][ T12] ? _raw_spin_unlock_irq+0x23/0x50 [ 350.000162][ T12] ? kthread_complete_and_exit+0x40/0x40 [ 350.005780][ T12] ret_from_fork+0x45/0x80 [ 350.010180][ T12] ? kthread_complete_and_exit+0x40/0x40 [ 350.015801][ T12] ret_from_fork_asm+0x11/0x20 [ 350.020563][ T12] [pid 5063] umount2("./502/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./502/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./502/file0") = 0 [pid 5063] umount2("./502/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./502/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./502/cgroup") = 0 [pid 5063] umount2("./502/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./502/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./502/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./502") = 0 [pid 5063] mkdir("./503", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6593 attached , child_tidptr=0x5555560b8690) = 1511 [pid 6593] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6593] chdir("./503") = 0 [pid 6593] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6593] setpgid(0, 0) = 0 [pid 6593] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6593] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6593] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6593] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6593] write(3, "1000", 4) = 4 [pid 6593] close(3) = 0 [pid 6593] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6593] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6593] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6593] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6593] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6593] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6593] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6593] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6594 attached => {parent_tid=[1512]}, 88) = 1512 [pid 6594] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6593] rt_sigprocmask(SIG_SETMASK, [], [pid 6594] set_robust_list(0x7eff0a34a9a0, 24 [pid 6593] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6594] <... set_robust_list resumed>) = 0 [pid 6593] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6594] rt_sigprocmask(SIG_SETMASK, [], [pid 6593] <... futex resumed>) = 0 [pid 6594] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6593] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6594] memfd_create("syzkaller", 0) = 3 [pid 6594] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6594] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6594] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6594] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6594] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6594] close(3) = 0 [pid 6594] mkdir("./file0", 0777) = 0 [pid 6594] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6594] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6594] chdir("./file0") = 0 [pid 6594] ioctl(4, LOOP_CLR_FD) = 0 [pid 6594] close(4) = 0 [pid 6594] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6593] <... futex resumed>) = 0 [pid 6593] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6593] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6594] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6594] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6593] <... futex resumed>) = 0 [pid 6594] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6593] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6594] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6594] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6593] <... futex resumed>) = 0 [ 350.299752][ T6594] loop0: detected capacity change from 0 to 4096 [ 350.313984][ T6594] ntfs: volume version 3.1. [pid 6593] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6593] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6593] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6593] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE [pid 6594] <... write resumed>) = 1048064 [pid 6593] <... mprotect resumed>) = 0 [pid 6594] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6593] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6594] <... futex resumed>) = 0 [pid 6594] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6593] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6593] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6595 attached => {parent_tid=[1513]}, 88) = 1513 [pid 6595] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6593] rt_sigprocmask(SIG_SETMASK, [], [pid 6595] <... rseq resumed>) = 0 [pid 6593] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6595] set_robust_list(0x7eff0a3299a0, 24 [pid 6593] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6595] <... set_robust_list resumed>) = 0 [pid 6593] <... futex resumed>) = 0 [pid 6595] rt_sigprocmask(SIG_SETMASK, [], [pid 6593] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6595] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6595] creat("./file1", 000) = 5 [pid 6595] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6593] <... futex resumed>) = 0 [pid 6595] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6593] close(3) = 0 [pid 6593] close(4) = 0 [pid 6593] close(5) = 0 [pid 6593] close(6) = -1 EBADF (Bad file descriptor) [pid 6593] close(7) = -1 EBADF (Bad file descriptor) [pid 6593] close(8) = -1 EBADF (Bad file descriptor) [pid 6593] close(9) = -1 EBADF (Bad file descriptor) [pid 6593] close(10) = -1 EBADF (Bad file descriptor) [pid 6593] close(11) = -1 EBADF (Bad file descriptor) [pid 6593] close(12) = -1 EBADF (Bad file descriptor) [pid 6593] close(13) = -1 EBADF (Bad file descriptor) [pid 6593] close(14) = -1 EBADF (Bad file descriptor) [pid 6593] close(15) = -1 EBADF (Bad file descriptor) [pid 6593] close(16) = -1 EBADF (Bad file descriptor) [pid 6593] close(17) = -1 EBADF (Bad file descriptor) [pid 6593] close(18) = -1 EBADF (Bad file descriptor) [pid 6593] close(19) = -1 EBADF (Bad file descriptor) [pid 6593] close(20) = -1 EBADF (Bad file descriptor) [pid 6593] close(21) = -1 EBADF (Bad file descriptor) [pid 6593] close(22) = -1 EBADF (Bad file descriptor) [pid 6593] close(23) = -1 EBADF (Bad file descriptor) [pid 6593] close(24) = -1 EBADF (Bad file descriptor) [pid 6593] close(25) = -1 EBADF (Bad file descriptor) [pid 6593] close(26) = -1 EBADF (Bad file descriptor) [pid 6593] close(27) = -1 EBADF (Bad file descriptor) [pid 6593] close(28) = -1 EBADF (Bad file descriptor) [pid 6593] close(29) = -1 EBADF (Bad file descriptor) [pid 6593] exit_group(0) = ? [pid 6595] <... futex resumed>) = ? [pid 6595] +++ exited with 0 +++ [pid 6594] <... futex resumed>) = ? [pid 6594] +++ exited with 0 +++ [pid 6593] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1511, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./503", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./503", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./503/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./503/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./503/cgroup.cpu") = 0 [pid 5063] umount2("./503/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./503/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./503/binderfs") = 0 [pid 5063] umount2("./503/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./503/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./503/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./503/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./503/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./503/file0") = 0 [pid 5063] umount2("./503/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./503/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./503/cgroup") = 0 [pid 5063] umount2("./503/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./503/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./503/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./503") = 0 [pid 5063] mkdir("./504", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6596 attached , child_tidptr=0x5555560b8690) = 1514 [pid 6596] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6596] chdir("./504") = 0 [pid 6596] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6596] setpgid(0, 0) = 0 [pid 6596] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6596] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6596] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6596] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6596] write(3, "1000", 4) = 4 [pid 6596] close(3) = 0 [pid 6596] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6596] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6596] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6596] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6596] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6596] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6596] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6596] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6597 attached => {parent_tid=[1515]}, 88) = 1515 [pid 6597] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6596] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6596] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6596] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6597] <... rseq resumed>) = 0 [pid 6597] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6597] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6597] memfd_create("syzkaller", 0) = 3 [pid 6597] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6597] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6597] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6597] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6597] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6597] close(3) = 0 [pid 6597] mkdir("./file0", 0777) = 0 [pid 6597] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6597] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6597] chdir("./file0") = 0 [pid 6597] ioctl(4, LOOP_CLR_FD) = 0 [pid 6597] close(4) = 0 [pid 6597] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6597] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6596] <... futex resumed>) = 0 [pid 6596] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6597] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6596] <... futex resumed>) = 0 [pid 6597] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6596] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6597] <... openat resumed>) = 4 [pid 6597] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6596] <... futex resumed>) = 0 [pid 6596] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6596] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 350.827444][ T6597] loop0: detected capacity change from 0 to 4096 [ 350.856793][ T6597] ntfs: volume version 3.1. [pid 6597] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6596] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6596] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6596] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6596] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6596] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6596] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6598 attached [pid 6598] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6596] <... clone3 resumed> => {parent_tid=[1516]}, 88) = 1516 [pid 6598] <... rseq resumed>) = 0 [pid 6598] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6598] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6596] rt_sigprocmask(SIG_SETMASK, [], [pid 6598] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6596] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6597] <... write resumed>) = 1048064 [pid 6597] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6596] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6596] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6598] <... futex resumed>) = 0 [pid 6597] <... futex resumed>) = 0 [pid 6598] creat("./file1", 000 [pid 6597] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6598] <... creat resumed>) = 5 [pid 6598] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6596] <... futex resumed>) = 0 [pid 6598] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6596] close(3) = 0 [pid 6596] close(4) = 0 [pid 6596] close(5) = 0 [pid 6596] close(6) = -1 EBADF (Bad file descriptor) [pid 6596] close(7) = -1 EBADF (Bad file descriptor) [pid 6596] close(8) = -1 EBADF (Bad file descriptor) [pid 6596] close(9) = -1 EBADF (Bad file descriptor) [pid 6596] close(10) = -1 EBADF (Bad file descriptor) [pid 6596] close(11) = -1 EBADF (Bad file descriptor) [pid 6596] close(12) = -1 EBADF (Bad file descriptor) [pid 6596] close(13) = -1 EBADF (Bad file descriptor) [pid 6596] close(14) = -1 EBADF (Bad file descriptor) [pid 6596] close(15) = -1 EBADF (Bad file descriptor) [pid 6596] close(16) = -1 EBADF (Bad file descriptor) [pid 6596] close(17) = -1 EBADF (Bad file descriptor) [pid 6596] close(18) = -1 EBADF (Bad file descriptor) [pid 6596] close(19) = -1 EBADF (Bad file descriptor) [pid 6596] close(20) = -1 EBADF (Bad file descriptor) [pid 6596] close(21) = -1 EBADF (Bad file descriptor) [pid 6596] close(22) = -1 EBADF (Bad file descriptor) [pid 6596] close(23) = -1 EBADF (Bad file descriptor) [pid 6596] close(24) = -1 EBADF (Bad file descriptor) [pid 6596] close(25) = -1 EBADF (Bad file descriptor) [pid 6596] close(26) = -1 EBADF (Bad file descriptor) [pid 6596] close(27) = -1 EBADF (Bad file descriptor) [pid 6596] close(28) = -1 EBADF (Bad file descriptor) [pid 6596] close(29) = -1 EBADF (Bad file descriptor) [pid 6596] exit_group(0) = ? [pid 6598] <... futex resumed>) = ? [pid 6597] <... futex resumed>) = ? [pid 6598] +++ exited with 0 +++ [pid 6597] +++ exited with 0 +++ [pid 6596] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1514, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] umount2("./504", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./504", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./504/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./504/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./504/cgroup.cpu") = 0 [pid 5063] umount2("./504/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./504/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./504/binderfs") = 0 [pid 5063] umount2("./504/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./504/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./504/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./504/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./504/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./504/file0") = 0 [pid 5063] umount2("./504/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./504/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./504/cgroup") = 0 [pid 5063] umount2("./504/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./504/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./504/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./504") = 0 [pid 5063] mkdir("./505", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6599 attached , child_tidptr=0x5555560b8690) = 1517 [pid 6599] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6599] chdir("./505") = 0 [pid 6599] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6599] setpgid(0, 0) = 0 [pid 6599] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6599] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6599] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6599] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6599] write(3, "1000", 4) = 4 [pid 6599] close(3) = 0 [pid 6599] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6599] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6599] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6599] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6599] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6599] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6599] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6599] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6600 attached [pid 6600] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6599] <... clone3 resumed> => {parent_tid=[1518]}, 88) = 1518 [pid 6600] <... rseq resumed>) = 0 [pid 6599] rt_sigprocmask(SIG_SETMASK, [], [pid 6600] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6599] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6600] rt_sigprocmask(SIG_SETMASK, [], [pid 6599] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6600] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6599] <... futex resumed>) = 0 [pid 6599] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6600] memfd_create("syzkaller", 0) = 3 [pid 6600] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6600] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6600] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6600] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6600] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6600] close(3) = 0 [pid 6600] mkdir("./file0", 0777) = 0 [pid 6600] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6600] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6600] chdir("./file0") = 0 [pid 6600] ioctl(4, LOOP_CLR_FD) = 0 [pid 6600] close(4) = 0 [pid 6600] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6600] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6599] <... futex resumed>) = 0 [pid 6599] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6600] <... futex resumed>) = 0 [pid 6599] <... futex resumed>) = 1 [ 351.337306][ T6600] loop0: detected capacity change from 0 to 4096 [ 351.366386][ T6600] ntfs: volume version 3.1. [pid 6600] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6599] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6600] <... openat resumed>) = 4 [pid 6600] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6600] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6599] <... futex resumed>) = 0 [pid 6599] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6600] <... futex resumed>) = 0 [pid 6599] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6600] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6599] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6599] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6599] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6599] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6599] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6599] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6601 attached [pid 6601] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6599] <... clone3 resumed> => {parent_tid=[1519]}, 88) = 1519 [pid 6601] <... rseq resumed>) = 0 [pid 6599] rt_sigprocmask(SIG_SETMASK, [], [pid 6601] set_robust_list(0x7eff0a3299a0, 24 [pid 6599] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6601] <... set_robust_list resumed>) = 0 [pid 6599] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6601] rt_sigprocmask(SIG_SETMASK, [], [pid 6599] <... futex resumed>) = 0 [pid 6599] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6601] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6601] creat("./file1", 000) = 5 [pid 6601] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6600] <... write resumed>) = 1048064 [pid 6600] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6599] <... futex resumed>) = 0 [pid 6601] <... futex resumed>) = 1 [pid 6600] <... futex resumed>) = 0 [pid 6599] close(3 [pid 6601] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6600] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6599] <... close resumed>) = 0 [pid 6599] close(4) = 0 [pid 6599] close(5) = 0 [pid 6599] close(6) = -1 EBADF (Bad file descriptor) [pid 6599] close(7) = -1 EBADF (Bad file descriptor) [pid 6599] close(8) = -1 EBADF (Bad file descriptor) [pid 6599] close(9) = -1 EBADF (Bad file descriptor) [pid 6599] close(10) = -1 EBADF (Bad file descriptor) [pid 6599] close(11) = -1 EBADF (Bad file descriptor) [pid 6599] close(12) = -1 EBADF (Bad file descriptor) [pid 6599] close(13) = -1 EBADF (Bad file descriptor) [pid 6599] close(14) = -1 EBADF (Bad file descriptor) [pid 6599] close(15) = -1 EBADF (Bad file descriptor) [pid 6599] close(16) = -1 EBADF (Bad file descriptor) [pid 6599] close(17) = -1 EBADF (Bad file descriptor) [pid 6599] close(18) = -1 EBADF (Bad file descriptor) [pid 6599] close(19) = -1 EBADF (Bad file descriptor) [pid 6599] close(20) = -1 EBADF (Bad file descriptor) [pid 6599] close(21) = -1 EBADF (Bad file descriptor) [pid 6599] close(22) = -1 EBADF (Bad file descriptor) [pid 6599] close(23) = -1 EBADF (Bad file descriptor) [pid 6599] close(24) = -1 EBADF (Bad file descriptor) [pid 6599] close(25) = -1 EBADF (Bad file descriptor) [pid 6599] close(26) = -1 EBADF (Bad file descriptor) [pid 6599] close(27) = -1 EBADF (Bad file descriptor) [pid 6599] close(28) = -1 EBADF (Bad file descriptor) [pid 6599] close(29) = -1 EBADF (Bad file descriptor) [pid 6599] exit_group(0) = ? [pid 6601] <... futex resumed>) = ? [pid 6600] <... futex resumed>) = ? [pid 6601] +++ exited with 0 +++ [pid 6600] +++ exited with 0 +++ [pid 6599] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1517, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] umount2("./505", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./505", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./505/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./505/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./505/cgroup.cpu") = 0 [pid 5063] umount2("./505/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./505/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./505/binderfs") = 0 [pid 5063] umount2("./505/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./505/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./505/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./505/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./505/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./505/file0") = 0 [pid 5063] umount2("./505/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./505/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./505/cgroup") = 0 [pid 5063] umount2("./505/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./505/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./505/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./505") = 0 [pid 5063] mkdir("./506", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6602 attached [pid 6602] set_robust_list(0x5555560b86a0, 24) = 0 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1520 [pid 6602] chdir("./506") = 0 [pid 6602] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6602] setpgid(0, 0) = 0 [pid 6602] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6602] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6602] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6602] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6602] write(3, "1000", 4) = 4 [pid 6602] close(3) = 0 [pid 6602] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6602] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6602] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6602] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6602] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6602] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6602] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6602] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6603 attached => {parent_tid=[1521]}, 88) = 1521 [pid 6603] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6602] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6602] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6602] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6603] <... rseq resumed>) = 0 [pid 6603] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6603] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6603] memfd_create("syzkaller", 0) = 3 [pid 6603] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6603] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6603] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6603] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6603] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6603] close(3) = 0 [pid 6603] mkdir("./file0", 0777) = 0 [ 351.828844][ T6603] loop0: detected capacity change from 0 to 4096 [ 351.841842][ T6603] __ntfs_warning: 130 callbacks suppressed [ 351.841850][ T6603] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 351.868423][ T6603] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 351.878030][ T6603] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 351.893495][ T6603] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 351.902227][ T6603] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 351.922179][ T6603] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 351.930923][ T6603] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 351.951054][ T6603] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 351.959807][ T6603] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [pid 6603] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6603] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6603] chdir("./file0") = 0 [pid 6603] ioctl(4, LOOP_CLR_FD) = 0 [pid 6603] close(4) = 0 [pid 6603] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6602] <... futex resumed>) = 0 [pid 6603] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6602] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6603] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6602] <... futex resumed>) = 0 [ 351.979767][ T6603] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 351.990039][ T6603] ntfs: volume version 3.1. [pid 6603] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6602] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6603] <... openat resumed>) = 4 [pid 6603] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6602] <... futex resumed>) = 0 [pid 6602] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6603] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6602] <... futex resumed>) = 0 [pid 6602] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6602] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6602] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6602] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6603] <... write resumed>) = 1048064 [pid 6602] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6603] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6602] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6603] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6602] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6604 attached [pid 6604] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6602] <... clone3 resumed> => {parent_tid=[1522]}, 88) = 1522 [pid 6604] <... rseq resumed>) = 0 [pid 6602] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6604] set_robust_list(0x7eff0a3299a0, 24 [pid 6602] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6604] <... set_robust_list resumed>) = 0 [pid 6602] <... futex resumed>) = 0 [pid 6602] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6604] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6604] creat("./file1", 000) = 5 [pid 6604] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6602] <... futex resumed>) = 0 [pid 6602] close(3) = 0 [pid 6602] close(4) = 0 [pid 6604] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6602] close(5) = 0 [pid 6602] close(6) = -1 EBADF (Bad file descriptor) [pid 6602] close(7) = -1 EBADF (Bad file descriptor) [pid 6602] close(8) = -1 EBADF (Bad file descriptor) [pid 6602] close(9) = -1 EBADF (Bad file descriptor) [pid 6602] close(10) = -1 EBADF (Bad file descriptor) [pid 6602] close(11) = -1 EBADF (Bad file descriptor) [pid 6602] close(12) = -1 EBADF (Bad file descriptor) [pid 6602] close(13) = -1 EBADF (Bad file descriptor) [pid 6602] close(14) = -1 EBADF (Bad file descriptor) [pid 6602] close(15) = -1 EBADF (Bad file descriptor) [pid 6602] close(16) = -1 EBADF (Bad file descriptor) [pid 6602] close(17) = -1 EBADF (Bad file descriptor) [pid 6602] close(18) = -1 EBADF (Bad file descriptor) [pid 6602] close(19) = -1 EBADF (Bad file descriptor) [pid 6602] close(20) = -1 EBADF (Bad file descriptor) [pid 6602] close(21) = -1 EBADF (Bad file descriptor) [pid 6602] close(22) = -1 EBADF (Bad file descriptor) [pid 6602] close(23) = -1 EBADF (Bad file descriptor) [pid 6602] close(24) = -1 EBADF (Bad file descriptor) [pid 6602] close(25) = -1 EBADF (Bad file descriptor) [pid 6602] close(26) = -1 EBADF (Bad file descriptor) [pid 6602] close(27) = -1 EBADF (Bad file descriptor) [pid 6602] close(28) = -1 EBADF (Bad file descriptor) [pid 6602] close(29) = -1 EBADF (Bad file descriptor) [pid 6602] exit_group(0) = ? [pid 6603] <... futex resumed>) = ? [pid 6604] <... futex resumed>) = ? [pid 6603] +++ exited with 0 +++ [pid 6604] +++ exited with 0 +++ [pid 6602] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1520, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5063] umount2("./506", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./506", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./506/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./506/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./506/cgroup.cpu") = 0 [pid 5063] umount2("./506/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./506/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./506/binderfs") = 0 [pid 5063] umount2("./506/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./506/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./506/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./506/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./506/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./506/file0") = 0 [pid 5063] umount2("./506/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./506/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./506/cgroup") = 0 [pid 5063] umount2("./506/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./506/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./506/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./506") = 0 [pid 5063] mkdir("./507", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6605 attached , child_tidptr=0x5555560b8690) = 1523 [pid 6605] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6605] chdir("./507") = 0 [pid 6605] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6605] setpgid(0, 0) = 0 [pid 6605] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6605] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6605] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6605] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6605] write(3, "1000", 4) = 4 [pid 6605] close(3) = 0 [pid 6605] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6605] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6605] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6605] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6605] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6605] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6605] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6605] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6606 attached => {parent_tid=[1524]}, 88) = 1524 [pid 6606] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6605] rt_sigprocmask(SIG_SETMASK, [], [pid 6606] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6606] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6606] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6605] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6605] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6606] <... futex resumed>) = 0 [pid 6605] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6606] memfd_create("syzkaller", 0) = 3 [pid 6606] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6606] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6606] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6606] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6606] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6606] close(3) = 0 [pid 6606] mkdir("./file0", 0777) = 0 [pid 6606] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6606] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6606] chdir("./file0") = 0 [pid 6606] ioctl(4, LOOP_CLR_FD) = 0 [pid 6606] close(4) = 0 [pid 6606] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6606] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6605] <... futex resumed>) = 0 [pid 6605] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6606] <... futex resumed>) = 0 [pid 6605] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [ 352.461267][ T6606] loop0: detected capacity change from 0 to 4096 [ 352.475639][ T6606] ntfs: volume version 3.1. [pid 6606] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6606] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6606] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6605] <... futex resumed>) = 0 [pid 6605] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6606] <... futex resumed>) = 0 [pid 6605] <... futex resumed>) = 1 [pid 6606] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6605] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6605] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6605] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6605] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6605] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6605] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6607 attached [pid 6607] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6605] <... clone3 resumed> => {parent_tid=[1525]}, 88) = 1525 [pid 6607] <... rseq resumed>) = 0 [pid 6606] <... write resumed>) = 1048064 [pid 6605] rt_sigprocmask(SIG_SETMASK, [], [pid 6606] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6607] set_robust_list(0x7eff0a3299a0, 24 [pid 6606] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6605] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6607] <... set_robust_list resumed>) = 0 [pid 6605] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6607] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6605] <... futex resumed>) = 0 [pid 6607] creat("./file1", 000 [pid 6605] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6607] <... creat resumed>) = 5 [pid 6607] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6605] <... futex resumed>) = 0 [pid 6607] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6605] close(3) = 0 [pid 6605] close(4) = 0 [pid 6605] close(5) = 0 [pid 6605] close(6) = -1 EBADF (Bad file descriptor) [pid 6605] close(7) = -1 EBADF (Bad file descriptor) [pid 6605] close(8) = -1 EBADF (Bad file descriptor) [pid 6605] close(9) = -1 EBADF (Bad file descriptor) [pid 6605] close(10) = -1 EBADF (Bad file descriptor) [pid 6605] close(11) = -1 EBADF (Bad file descriptor) [pid 6605] close(12) = -1 EBADF (Bad file descriptor) [pid 6605] close(13) = -1 EBADF (Bad file descriptor) [pid 6605] close(14) = -1 EBADF (Bad file descriptor) [pid 6605] close(15) = -1 EBADF (Bad file descriptor) [pid 6605] close(16) = -1 EBADF (Bad file descriptor) [pid 6605] close(17) = -1 EBADF (Bad file descriptor) [pid 6605] close(18) = -1 EBADF (Bad file descriptor) [pid 6605] close(19) = -1 EBADF (Bad file descriptor) [pid 6605] close(20) = -1 EBADF (Bad file descriptor) [pid 6605] close(21) = -1 EBADF (Bad file descriptor) [pid 6605] close(22) = -1 EBADF (Bad file descriptor) [pid 6605] close(23) = -1 EBADF (Bad file descriptor) [pid 6605] close(24) = -1 EBADF (Bad file descriptor) [pid 6605] close(25) = -1 EBADF (Bad file descriptor) [pid 6605] close(26) = -1 EBADF (Bad file descriptor) [pid 6605] close(27) = -1 EBADF (Bad file descriptor) [pid 6605] close(28) = -1 EBADF (Bad file descriptor) [pid 6605] close(29) = -1 EBADF (Bad file descriptor) [pid 6605] exit_group(0) = ? [pid 6607] <... futex resumed>) = ? [pid 6606] <... futex resumed>) = ? [pid 6606] +++ exited with 0 +++ [pid 6607] +++ exited with 0 +++ [pid 6605] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1523, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5063] umount2("./507", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./507", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./507/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./507/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./507/cgroup.cpu") = 0 [pid 5063] umount2("./507/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./507/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./507/binderfs") = 0 [pid 5063] umount2("./507/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./507/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./507/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./507/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./507/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./507/file0") = 0 [pid 5063] umount2("./507/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./507/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./507/cgroup") = 0 [pid 5063] umount2("./507/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./507/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./507/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./507") = 0 [pid 5063] mkdir("./508", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6608 attached [pid 6608] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1526 [pid 6608] <... set_robust_list resumed>) = 0 [pid 6608] chdir("./508") = 0 [pid 6608] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6608] setpgid(0, 0) = 0 [pid 6608] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6608] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6608] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6608] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6608] write(3, "1000", 4) = 4 [pid 6608] close(3) = 0 [pid 6608] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6608] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6608] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6608] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6608] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6608] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6608] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6608] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6609 attached => {parent_tid=[1527]}, 88) = 1527 [pid 6609] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6608] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6608] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6608] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6609] <... rseq resumed>) = 0 [pid 6609] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6609] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6609] memfd_create("syzkaller", 0) = 3 [pid 6609] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6609] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6609] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6609] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6609] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6609] close(3) = 0 [pid 6609] mkdir("./file0", 0777) = 0 [pid 6609] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6609] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6609] chdir("./file0") = 0 [pid 6609] ioctl(4, LOOP_CLR_FD) = 0 [pid 6609] close(4) = 0 [ 352.934331][ T6609] loop0: detected capacity change from 0 to 4096 [ 352.958963][ T6609] ntfs: volume version 3.1. [pid 6609] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6608] <... futex resumed>) = 0 [pid 6609] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6608] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6609] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6609] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6608] <... futex resumed>) = 0 [pid 6608] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6609] <... openat resumed>) = 4 [pid 6609] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6609] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6608] <... futex resumed>) = 0 [pid 6608] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6609] <... futex resumed>) = 0 [pid 6608] <... futex resumed>) = 1 [pid 6609] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6608] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6608] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6608] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6608] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6608] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6608] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6610 attached => {parent_tid=[1528]}, 88) = 1528 [pid 6610] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6608] rt_sigprocmask(SIG_SETMASK, [], [pid 6610] <... rseq resumed>) = 0 [pid 6608] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6610] set_robust_list(0x7eff0a3299a0, 24 [pid 6608] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6610] <... set_robust_list resumed>) = 0 [pid 6610] rt_sigprocmask(SIG_SETMASK, [], [pid 6608] <... futex resumed>) = 0 [pid 6610] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6608] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6610] creat("./file1", 000) = 5 [pid 6610] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6610] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6608] <... futex resumed>) = 0 [pid 6609] <... write resumed>) = 1048064 [pid 6609] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6609] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6608] close(3) = 0 [pid 6608] close(4) = 0 [pid 6608] close(5) = 0 [pid 6608] close(6) = -1 EBADF (Bad file descriptor) [pid 6608] close(7) = -1 EBADF (Bad file descriptor) [pid 6608] close(8) = -1 EBADF (Bad file descriptor) [pid 6608] close(9) = -1 EBADF (Bad file descriptor) [pid 6608] close(10) = -1 EBADF (Bad file descriptor) [pid 6608] close(11) = -1 EBADF (Bad file descriptor) [pid 6608] close(12) = -1 EBADF (Bad file descriptor) [pid 6608] close(13) = -1 EBADF (Bad file descriptor) [pid 6608] close(14) = -1 EBADF (Bad file descriptor) [pid 6608] close(15) = -1 EBADF (Bad file descriptor) [pid 6608] close(16) = -1 EBADF (Bad file descriptor) [pid 6608] close(17) = -1 EBADF (Bad file descriptor) [pid 6608] close(18) = -1 EBADF (Bad file descriptor) [pid 6608] close(19) = -1 EBADF (Bad file descriptor) [pid 6608] close(20) = -1 EBADF (Bad file descriptor) [pid 6608] close(21) = -1 EBADF (Bad file descriptor) [pid 6608] close(22) = -1 EBADF (Bad file descriptor) [pid 6608] close(23) = -1 EBADF (Bad file descriptor) [pid 6608] close(24) = -1 EBADF (Bad file descriptor) [pid 6608] close(25) = -1 EBADF (Bad file descriptor) [pid 6608] close(26) = -1 EBADF (Bad file descriptor) [pid 6608] close(27) = -1 EBADF (Bad file descriptor) [pid 6608] close(28) = -1 EBADF (Bad file descriptor) [pid 6608] close(29) = -1 EBADF (Bad file descriptor) [pid 6608] exit_group(0) = ? [pid 6610] <... futex resumed>) = ? [pid 6609] <... futex resumed>) = ? [pid 6609] +++ exited with 0 +++ [pid 6610] +++ exited with 0 +++ [pid 6608] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1526, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5063] umount2("./508", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./508", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./508/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./508/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./508/cgroup.cpu") = 0 [pid 5063] umount2("./508/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./508/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./508/binderfs") = 0 [pid 5063] umount2("./508/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./508/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./508/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./508/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./508/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./508/file0") = 0 [pid 5063] umount2("./508/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./508/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./508/cgroup") = 0 [pid 5063] umount2("./508/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./508/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./508/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./508") = 0 [pid 5063] mkdir("./509", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6611 attached , child_tidptr=0x5555560b8690) = 1529 [pid 6611] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6611] chdir("./509") = 0 [pid 6611] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6611] setpgid(0, 0) = 0 [pid 6611] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6611] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6611] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6611] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6611] write(3, "1000", 4) = 4 [pid 6611] close(3) = 0 [pid 6611] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6611] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6611] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6611] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6611] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6611] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6611] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6612 attached [pid 6612] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6611] <... clone3 resumed> => {parent_tid=[1530]}, 88) = 1530 [pid 6612] <... rseq resumed>) = 0 [pid 6611] rt_sigprocmask(SIG_SETMASK, [], [pid 6612] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6611] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6612] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6611] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6612] memfd_create("syzkaller", 0 [pid 6611] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6612] <... memfd_create resumed>) = 3 [pid 6612] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6612] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6612] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6612] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6612] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6612] close(3) = 0 [pid 6612] mkdir("./file0", 0777) = 0 [pid 6612] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6612] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6612] chdir("./file0") = 0 [pid 6612] ioctl(4, LOOP_CLR_FD) = 0 [pid 6612] close(4) = 0 [pid 6612] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6611] <... futex resumed>) = 0 [pid 6612] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6611] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6612] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6611] <... futex resumed>) = 0 [pid 6612] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [ 353.451454][ T6612] loop0: detected capacity change from 0 to 4096 [ 353.470602][ T6612] ntfs: volume version 3.1. [pid 6611] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6612] <... openat resumed>) = 4 [pid 6612] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6611] <... futex resumed>) = 0 [pid 6612] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL) = -1 EAGAIN (Resource temporarily unavailable) [pid 6611] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6612] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6611] <... futex resumed>) = 0 [pid 6611] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6611] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6611] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6611] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6612] <... write resumed>) = 1048064 [pid 6611] rt_sigprocmask(SIG_BLOCK, ~[], [pid 6612] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6611] <... rt_sigprocmask resumed>[], 8) = 0 [pid 6612] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6611] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6613 attached [pid 6613] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6611] <... clone3 resumed> => {parent_tid=[1531]}, 88) = 1531 [pid 6613] <... rseq resumed>) = 0 [pid 6611] rt_sigprocmask(SIG_SETMASK, [], [pid 6613] set_robust_list(0x7eff0a3299a0, 24 [pid 6611] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6613] <... set_robust_list resumed>) = 0 [pid 6611] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6613] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6611] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6613] creat("./file1", 000) = 5 [pid 6613] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6611] <... futex resumed>) = 0 [pid 6613] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6611] close(3) = 0 [pid 6611] close(4) = 0 [pid 6611] close(5) = 0 [pid 6611] close(6) = -1 EBADF (Bad file descriptor) [pid 6611] close(7) = -1 EBADF (Bad file descriptor) [pid 6611] close(8) = -1 EBADF (Bad file descriptor) [pid 6611] close(9) = -1 EBADF (Bad file descriptor) [pid 6611] close(10) = -1 EBADF (Bad file descriptor) [pid 6611] close(11) = -1 EBADF (Bad file descriptor) [pid 6611] close(12) = -1 EBADF (Bad file descriptor) [pid 6611] close(13) = -1 EBADF (Bad file descriptor) [pid 6611] close(14) = -1 EBADF (Bad file descriptor) [pid 6611] close(15) = -1 EBADF (Bad file descriptor) [pid 6611] close(16) = -1 EBADF (Bad file descriptor) [pid 6611] close(17) = -1 EBADF (Bad file descriptor) [pid 6611] close(18) = -1 EBADF (Bad file descriptor) [pid 6611] close(19) = -1 EBADF (Bad file descriptor) [pid 6611] close(20) = -1 EBADF (Bad file descriptor) [pid 6611] close(21) = -1 EBADF (Bad file descriptor) [pid 6611] close(22) = -1 EBADF (Bad file descriptor) [pid 6611] close(23) = -1 EBADF (Bad file descriptor) [pid 6611] close(24) = -1 EBADF (Bad file descriptor) [pid 6611] close(25) = -1 EBADF (Bad file descriptor) [pid 6611] close(26) = -1 EBADF (Bad file descriptor) [pid 6611] close(27) = -1 EBADF (Bad file descriptor) [pid 6611] close(28) = -1 EBADF (Bad file descriptor) [pid 6611] close(29) = -1 EBADF (Bad file descriptor) [pid 6611] exit_group(0 [pid 6613] <... futex resumed>) = ? [pid 6612] <... futex resumed>) = ? [pid 6611] <... exit_group resumed>) = ? [pid 6613] +++ exited with 0 +++ [pid 6612] +++ exited with 0 +++ [pid 6611] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1529, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5063] umount2("./509", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./509", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./509/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./509/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./509/cgroup.cpu") = 0 [pid 5063] umount2("./509/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./509/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./509/binderfs") = 0 [pid 5063] umount2("./509/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./509/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./509/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./509/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./509/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./509/file0") = 0 [pid 5063] umount2("./509/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./509/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./509/cgroup") = 0 [pid 5063] umount2("./509/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./509/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./509/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./509") = 0 [pid 5063] mkdir("./510", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6614 attached , child_tidptr=0x5555560b8690) = 1532 [pid 6614] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6614] chdir("./510") = 0 [pid 6614] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6614] setpgid(0, 0) = 0 [pid 6614] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6614] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6614] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6614] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6614] write(3, "1000", 4) = 4 [pid 6614] close(3) = 0 [pid 6614] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6614] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6614] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6614] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6614] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6614] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6614] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6614] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6615 attached => {parent_tid=[1533]}, 88) = 1533 [pid 6615] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6614] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6614] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6614] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6615] <... rseq resumed>) = 0 [pid 6615] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6615] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6615] memfd_create("syzkaller", 0) = 3 [pid 6615] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6615] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6615] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6615] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6615] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6615] close(3) = 0 [pid 6615] mkdir("./file0", 0777) = 0 [pid 6615] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6615] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6615] chdir("./file0") = 0 [pid 6615] ioctl(4, LOOP_CLR_FD) = 0 [pid 6615] close(4) = 0 [pid 6615] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6614] <... futex resumed>) = 0 [pid 6615] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6614] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6615] <... futex resumed>) = 0 [pid 6614] <... futex resumed>) = 1 [pid 6615] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6614] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6615] <... openat resumed>) = 4 [pid 6615] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6615] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6614] <... futex resumed>) = 0 [pid 6614] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6615] <... futex resumed>) = 0 [pid 6614] <... futex resumed>) = 1 [pid 6615] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 354.028697][ T6615] loop0: detected capacity change from 0 to 4096 [ 354.058429][ T6615] ntfs: volume version 3.1. [pid 6614] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6614] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6614] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6614] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6614] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6614] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6616 attached => {parent_tid=[1534]}, 88) = 1534 [pid 6616] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6614] rt_sigprocmask(SIG_SETMASK, [], [pid 6616] <... rseq resumed>) = 0 [pid 6614] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6616] set_robust_list(0x7eff0a3299a0, 24 [pid 6614] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6616] <... set_robust_list resumed>) = 0 [pid 6614] <... futex resumed>) = 0 [pid 6616] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6614] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6616] creat("./file1", 000) = 5 [pid 6616] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6614] <... futex resumed>) = 0 [pid 6616] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6615] <... write resumed>) = 1048064 [pid 6615] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6615] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6614] close(3) = 0 [pid 6614] close(4) = 0 [pid 6614] close(5) = 0 [pid 6614] close(6) = -1 EBADF (Bad file descriptor) [pid 6614] close(7) = -1 EBADF (Bad file descriptor) [pid 6614] close(8) = -1 EBADF (Bad file descriptor) [pid 6614] close(9) = -1 EBADF (Bad file descriptor) [pid 6614] close(10) = -1 EBADF (Bad file descriptor) [pid 6614] close(11) = -1 EBADF (Bad file descriptor) [pid 6614] close(12) = -1 EBADF (Bad file descriptor) [pid 6614] close(13) = -1 EBADF (Bad file descriptor) [pid 6614] close(14) = -1 EBADF (Bad file descriptor) [pid 6614] close(15) = -1 EBADF (Bad file descriptor) [pid 6614] close(16) = -1 EBADF (Bad file descriptor) [pid 6614] close(17) = -1 EBADF (Bad file descriptor) [pid 6614] close(18) = -1 EBADF (Bad file descriptor) [pid 6614] close(19) = -1 EBADF (Bad file descriptor) [pid 6614] close(20) = -1 EBADF (Bad file descriptor) [pid 6614] close(21) = -1 EBADF (Bad file descriptor) [pid 6614] close(22) = -1 EBADF (Bad file descriptor) [pid 6614] close(23) = -1 EBADF (Bad file descriptor) [pid 6614] close(24) = -1 EBADF (Bad file descriptor) [pid 6614] close(25) = -1 EBADF (Bad file descriptor) [pid 6614] close(26) = -1 EBADF (Bad file descriptor) [pid 6614] close(27) = -1 EBADF (Bad file descriptor) [pid 6614] close(28) = -1 EBADF (Bad file descriptor) [pid 6614] close(29) = -1 EBADF (Bad file descriptor) [pid 6614] exit_group(0) = ? [pid 6615] <... futex resumed>) = ? [pid 6616] <... futex resumed>) = ? [pid 6615] +++ exited with 0 +++ [pid 6616] +++ exited with 0 +++ [pid 6614] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1532, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./510", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./510", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./510/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./510/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./510/cgroup.cpu") = 0 [pid 5063] umount2("./510/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./510/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./510/binderfs") = 0 [pid 5063] umount2("./510/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./510/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./510/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./510/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./510/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./510/file0") = 0 [pid 5063] umount2("./510/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./510/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./510/cgroup") = 0 [pid 5063] umount2("./510/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./510/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./510/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./510") = 0 [pid 5063] mkdir("./511", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6617 attached , child_tidptr=0x5555560b8690) = 1535 [pid 6617] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6617] chdir("./511") = 0 [pid 6617] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6617] setpgid(0, 0) = 0 [pid 6617] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6617] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6617] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6617] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6617] write(3, "1000", 4) = 4 [pid 6617] close(3) = 0 [pid 6617] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6617] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6617] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6617] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6617] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6617] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6617] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6617] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6618 attached => {parent_tid=[1536]}, 88) = 1536 [pid 6618] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6617] rt_sigprocmask(SIG_SETMASK, [], [pid 6618] <... rseq resumed>) = 0 [pid 6617] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6618] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6617] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6618] rt_sigprocmask(SIG_SETMASK, [], [pid 6617] <... futex resumed>) = 0 [pid 6618] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6617] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6618] memfd_create("syzkaller", 0) = 3 [pid 6618] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6618] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6618] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6618] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6618] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6618] close(3) = 0 [pid 6618] mkdir("./file0", 0777) = 0 [pid 6618] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6618] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6618] chdir("./file0") = 0 [pid 6618] ioctl(4, LOOP_CLR_FD) = 0 [ 354.592402][ T6618] loop0: detected capacity change from 0 to 4096 [ 354.610708][ T6618] ntfs: volume version 3.1. [pid 6618] close(4) = 0 [pid 6618] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6617] <... futex resumed>) = 0 [pid 6618] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6617] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6618] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6617] <... futex resumed>) = 0 [pid 6618] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6617] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6618] <... openat resumed>) = 4 [pid 6618] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6617] <... futex resumed>) = 0 [pid 6618] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6617] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6618] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6617] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6618] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6617] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6617] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6617] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6617] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6617] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6617] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6619 attached [pid 6619] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6619] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6618] <... write resumed>) = 1048064 [pid 6617] <... clone3 resumed> => {parent_tid=[1537]}, 88) = 1537 [pid 6619] rt_sigprocmask(SIG_SETMASK, [], [pid 6618] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6619] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6619] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6618] <... futex resumed>) = 0 [pid 6618] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6617] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6617] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6619] <... futex resumed>) = 0 [pid 6619] creat("./file1", 000 [pid 6617] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6619] <... creat resumed>) = 5 [pid 6619] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6619] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6617] <... futex resumed>) = 0 [pid 6617] close(3) = 0 [pid 6617] close(4) = 0 [pid 6617] close(5) = 0 [pid 6617] close(6) = -1 EBADF (Bad file descriptor) [pid 6617] close(7) = -1 EBADF (Bad file descriptor) [pid 6617] close(8) = -1 EBADF (Bad file descriptor) [pid 6617] close(9) = -1 EBADF (Bad file descriptor) [pid 6617] close(10) = -1 EBADF (Bad file descriptor) [pid 6617] close(11) = -1 EBADF (Bad file descriptor) [pid 6617] close(12) = -1 EBADF (Bad file descriptor) [pid 6617] close(13) = -1 EBADF (Bad file descriptor) [pid 6617] close(14) = -1 EBADF (Bad file descriptor) [pid 6617] close(15) = -1 EBADF (Bad file descriptor) [pid 6617] close(16) = -1 EBADF (Bad file descriptor) [pid 6617] close(17) = -1 EBADF (Bad file descriptor) [pid 6617] close(18) = -1 EBADF (Bad file descriptor) [pid 6617] close(19) = -1 EBADF (Bad file descriptor) [pid 6617] close(20) = -1 EBADF (Bad file descriptor) [pid 6617] close(21) = -1 EBADF (Bad file descriptor) [pid 6617] close(22) = -1 EBADF (Bad file descriptor) [pid 6617] close(23) = -1 EBADF (Bad file descriptor) [pid 6617] close(24) = -1 EBADF (Bad file descriptor) [pid 6617] close(25) = -1 EBADF (Bad file descriptor) [pid 6617] close(26) = -1 EBADF (Bad file descriptor) [pid 6617] close(27) = -1 EBADF (Bad file descriptor) [pid 6617] close(28) = -1 EBADF (Bad file descriptor) [pid 6617] close(29) = -1 EBADF (Bad file descriptor) [pid 6617] exit_group(0) = ? [pid 6619] <... futex resumed>) = ? [pid 6618] <... futex resumed>) = ? [pid 6619] +++ exited with 0 +++ [pid 6618] +++ exited with 0 +++ [pid 6617] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1535, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5063] umount2("./511", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./511", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./511/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./511/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./511/cgroup.cpu") = 0 [pid 5063] umount2("./511/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./511/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./511/binderfs") = 0 [pid 5063] umount2("./511/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./511/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./511/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./511/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./511/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./511/file0") = 0 [pid 5063] umount2("./511/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./511/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./511/cgroup") = 0 [pid 5063] umount2("./511/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./511/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./511/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./511") = 0 [pid 5063] mkdir("./512", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6620 attached , child_tidptr=0x5555560b8690) = 1538 [pid 6620] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6620] chdir("./512") = 0 [pid 6620] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6620] setpgid(0, 0) = 0 [pid 6620] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6620] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6620] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6620] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6620] write(3, "1000", 4) = 4 [pid 6620] close(3) = 0 [pid 6620] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6620] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6620] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6620] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6620] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6620] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6620] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6620] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6621 attached => {parent_tid=[1539]}, 88) = 1539 [pid 6621] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6620] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6620] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6620] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6621] <... rseq resumed>) = 0 [pid 6621] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6621] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6621] memfd_create("syzkaller", 0) = 3 [pid 6621] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6621] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6621] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6621] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6621] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6621] close(3) = 0 [pid 6621] mkdir("./file0", 0777) = 0 [pid 6621] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6621] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6621] chdir("./file0") = 0 [pid 6621] ioctl(4, LOOP_CLR_FD) = 0 [pid 6621] close(4) = 0 [ 355.139174][ T6621] loop0: detected capacity change from 0 to 4096 [ 355.159010][ T6621] ntfs: volume version 3.1. [pid 6621] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6620] <... futex resumed>) = 0 [pid 6621] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6620] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6621] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6621] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6620] <... futex resumed>) = 0 [pid 6620] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6621] <... openat resumed>) = 4 [pid 6621] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6621] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6620] <... futex resumed>) = 0 [pid 6620] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6621] <... futex resumed>) = 0 [pid 6620] <... futex resumed>) = 1 [pid 6621] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6620] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6620] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6620] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6620] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6620] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6620] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6622 attached [pid 6622] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053) = 0 [pid 6621] <... write resumed>) = 1048064 [pid 6620] <... clone3 resumed> => {parent_tid=[1540]}, 88) = 1540 [pid 6622] set_robust_list(0x7eff0a3299a0, 24 [pid 6621] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6620] rt_sigprocmask(SIG_SETMASK, [], [pid 6622] <... set_robust_list resumed>) = 0 [pid 6621] <... futex resumed>) = 0 [pid 6622] rt_sigprocmask(SIG_SETMASK, [], [pid 6620] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6621] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6622] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6620] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6622] creat("./file1", 000 [pid 6620] <... futex resumed>) = 0 [pid 6620] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6622] <... creat resumed>) = 5 [pid 6622] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6620] <... futex resumed>) = 0 [pid 6622] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6620] close(3) = 0 [pid 6620] close(4) = 0 [pid 6620] close(5) = 0 [pid 6620] close(6) = -1 EBADF (Bad file descriptor) [pid 6620] close(7) = -1 EBADF (Bad file descriptor) [pid 6620] close(8) = -1 EBADF (Bad file descriptor) [pid 6620] close(9) = -1 EBADF (Bad file descriptor) [pid 6620] close(10) = -1 EBADF (Bad file descriptor) [pid 6620] close(11) = -1 EBADF (Bad file descriptor) [pid 6620] close(12) = -1 EBADF (Bad file descriptor) [pid 6620] close(13) = -1 EBADF (Bad file descriptor) [pid 6620] close(14) = -1 EBADF (Bad file descriptor) [pid 6620] close(15) = -1 EBADF (Bad file descriptor) [pid 6620] close(16) = -1 EBADF (Bad file descriptor) [pid 6620] close(17) = -1 EBADF (Bad file descriptor) [pid 6620] close(18) = -1 EBADF (Bad file descriptor) [pid 6620] close(19) = -1 EBADF (Bad file descriptor) [pid 6620] close(20) = -1 EBADF (Bad file descriptor) [pid 6620] close(21) = -1 EBADF (Bad file descriptor) [pid 6620] close(22) = -1 EBADF (Bad file descriptor) [pid 6620] close(23) = -1 EBADF (Bad file descriptor) [pid 6620] close(24) = -1 EBADF (Bad file descriptor) [pid 6620] close(25) = -1 EBADF (Bad file descriptor) [pid 6620] close(26) = -1 EBADF (Bad file descriptor) [pid 6620] close(27) = -1 EBADF (Bad file descriptor) [pid 6620] close(28) = -1 EBADF (Bad file descriptor) [pid 6620] close(29) = -1 EBADF (Bad file descriptor) [pid 6620] exit_group(0) = ? [pid 6622] <... futex resumed>) = ? [pid 6621] <... futex resumed>) = ? [pid 6622] +++ exited with 0 +++ [pid 6621] +++ exited with 0 +++ [pid 6620] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1538, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] umount2("./512", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./512", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./512/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./512/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./512/cgroup.cpu") = 0 [pid 5063] umount2("./512/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./512/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./512/binderfs") = 0 [pid 5063] umount2("./512/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./512/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./512/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./512/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./512/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./512/file0") = 0 [pid 5063] umount2("./512/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./512/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./512/cgroup") = 0 [pid 5063] umount2("./512/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./512/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./512/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./512") = 0 [pid 5063] mkdir("./513", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6623 attached [pid 6623] set_robust_list(0x5555560b86a0, 24 [pid 5063] <... clone resumed>, child_tidptr=0x5555560b8690) = 1541 [pid 6623] <... set_robust_list resumed>) = 0 [pid 6623] chdir("./513") = 0 [pid 6623] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6623] setpgid(0, 0) = 0 [pid 6623] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6623] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6623] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6623] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6623] write(3, "1000", 4) = 4 [pid 6623] close(3) = 0 [pid 6623] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6623] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6623] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6623] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6623] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6623] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6623] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6623] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6624 attached => {parent_tid=[1542]}, 88) = 1542 [pid 6624] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6623] rt_sigprocmask(SIG_SETMASK, [], [pid 6624] set_robust_list(0x7eff0a34a9a0, 24 [pid 6623] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6624] <... set_robust_list resumed>) = 0 [pid 6623] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6624] rt_sigprocmask(SIG_SETMASK, [], [pid 6623] <... futex resumed>) = 0 [pid 6624] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6623] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6624] memfd_create("syzkaller", 0) = 3 [pid 6624] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6624] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6624] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6624] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6624] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6624] close(3) = 0 [pid 6624] mkdir("./file0", 0777) = 0 [pid 6624] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6624] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6624] chdir("./file0") = 0 [pid 6624] ioctl(4, LOOP_CLR_FD) = 0 [pid 6624] close(4) = 0 [pid 6624] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [ 355.640214][ T6624] loop0: detected capacity change from 0 to 4096 [ 355.660689][ T6624] ntfs: volume version 3.1. [pid 6624] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6623] <... futex resumed>) = 0 [pid 6623] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6624] <... futex resumed>) = 0 [pid 6624] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6623] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6624] <... openat resumed>) = 4 [pid 6624] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6624] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6623] <... futex resumed>) = 0 [pid 6623] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6624] <... futex resumed>) = 0 [pid 6624] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6623] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6623] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6623] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6623] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6623] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6623] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6625 attached => {parent_tid=[1543]}, 88) = 1543 [pid 6625] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6623] rt_sigprocmask(SIG_SETMASK, [], [pid 6625] <... rseq resumed>) = 0 [pid 6625] set_robust_list(0x7eff0a3299a0, 24 [pid 6623] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6625] <... set_robust_list resumed>) = 0 [pid 6625] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6625] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6623] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6625] <... futex resumed>) = 0 [pid 6623] <... futex resumed>) = 1 [pid 6623] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6625] creat("./file1", 000) = 5 [pid 6624] <... write resumed>) = 1048064 [pid 6625] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6624] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6625] <... futex resumed>) = 1 [pid 6623] <... futex resumed>) = 0 [pid 6625] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6624] <... futex resumed>) = 0 [pid 6623] close(3 [pid 6624] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6623] <... close resumed>) = 0 [pid 6623] close(4) = 0 [pid 6623] close(5) = 0 [pid 6623] close(6) = -1 EBADF (Bad file descriptor) [pid 6623] close(7) = -1 EBADF (Bad file descriptor) [pid 6623] close(8) = -1 EBADF (Bad file descriptor) [pid 6623] close(9) = -1 EBADF (Bad file descriptor) [pid 6623] close(10) = -1 EBADF (Bad file descriptor) [pid 6623] close(11) = -1 EBADF (Bad file descriptor) [pid 6623] close(12) = -1 EBADF (Bad file descriptor) [pid 6623] close(13) = -1 EBADF (Bad file descriptor) [pid 6623] close(14) = -1 EBADF (Bad file descriptor) [pid 6623] close(15) = -1 EBADF (Bad file descriptor) [pid 6623] close(16) = -1 EBADF (Bad file descriptor) [pid 6623] close(17) = -1 EBADF (Bad file descriptor) [pid 6623] close(18) = -1 EBADF (Bad file descriptor) [pid 6623] close(19) = -1 EBADF (Bad file descriptor) [pid 6623] close(20) = -1 EBADF (Bad file descriptor) [pid 6623] close(21) = -1 EBADF (Bad file descriptor) [pid 6623] close(22) = -1 EBADF (Bad file descriptor) [pid 6623] close(23) = -1 EBADF (Bad file descriptor) [pid 6623] close(24) = -1 EBADF (Bad file descriptor) [pid 6623] close(25) = -1 EBADF (Bad file descriptor) [pid 6623] close(26) = -1 EBADF (Bad file descriptor) [pid 6623] close(27) = -1 EBADF (Bad file descriptor) [pid 6623] close(28) = -1 EBADF (Bad file descriptor) [pid 6623] close(29) = -1 EBADF (Bad file descriptor) [pid 6623] exit_group(0) = ? [pid 6624] <... futex resumed>) = ? [pid 6625] <... futex resumed>) = ? [pid 6624] +++ exited with 0 +++ [pid 6625] +++ exited with 0 +++ [pid 6623] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1541, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./513", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./513", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./513/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./513/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./513/cgroup.cpu") = 0 [pid 5063] umount2("./513/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./513/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./513/binderfs") = 0 [pid 5063] umount2("./513/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./513/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./513/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./513/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./513/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./513/file0") = 0 [pid 5063] umount2("./513/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./513/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./513/cgroup") = 0 [pid 5063] umount2("./513/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./513/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./513/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./513") = 0 [pid 5063] mkdir("./514", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6626 attached , child_tidptr=0x5555560b8690) = 1544 [pid 6626] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6626] chdir("./514") = 0 [pid 6626] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6626] setpgid(0, 0) = 0 [pid 6626] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6626] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6626] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6626] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6626] write(3, "1000", 4) = 4 [pid 6626] close(3) = 0 [pid 6626] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6626] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6626] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6626] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6626] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6626] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6626] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6626] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6627 attached [pid 6627] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6626] <... clone3 resumed> => {parent_tid=[1545]}, 88) = 1545 [pid 6627] set_robust_list(0x7eff0a34a9a0, 24 [pid 6626] rt_sigprocmask(SIG_SETMASK, [], [pid 6627] <... set_robust_list resumed>) = 0 [pid 6626] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6627] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6626] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6626] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6627] memfd_create("syzkaller", 0) = 3 [pid 6627] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6627] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6627] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6627] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6627] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6627] close(3) = 0 [pid 6627] mkdir("./file0", 0777) = 0 [pid 6627] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6627] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6627] chdir("./file0") = 0 [pid 6627] ioctl(4, LOOP_CLR_FD) = 0 [pid 6627] close(4) = 0 [pid 6627] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6626] <... futex resumed>) = 0 [pid 6627] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6626] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6627] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6626] <... futex resumed>) = 0 [pid 6626] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6627] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000) = 4 [pid 6627] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6626] <... futex resumed>) = 0 [pid 6627] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6626] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6626] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6627] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [ 356.136894][ T6627] loop0: detected capacity change from 0 to 4096 [ 356.158059][ T6627] ntfs: volume version 3.1. [pid 6627] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6626] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6626] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6626] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6626] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6626] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6626] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6628 attached => {parent_tid=[1546]}, 88) = 1546 [pid 6628] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6627] <... write resumed>) = 1048064 [pid 6626] rt_sigprocmask(SIG_SETMASK, [], [pid 6628] <... rseq resumed>) = 0 [pid 6627] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6626] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6626] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6626] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6628] set_robust_list(0x7eff0a3299a0, 24 [pid 6627] <... futex resumed>) = 0 [pid 6628] <... set_robust_list resumed>) = 0 [pid 6627] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6628] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6628] creat("./file1", 000) = 5 [pid 6628] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6626] <... futex resumed>) = 0 [pid 6628] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6626] close(3) = 0 [pid 6626] close(4) = 0 [pid 6626] close(5) = 0 [pid 6626] close(6) = -1 EBADF (Bad file descriptor) [pid 6626] close(7) = -1 EBADF (Bad file descriptor) [pid 6626] close(8) = -1 EBADF (Bad file descriptor) [pid 6626] close(9) = -1 EBADF (Bad file descriptor) [pid 6626] close(10) = -1 EBADF (Bad file descriptor) [pid 6626] close(11) = -1 EBADF (Bad file descriptor) [pid 6626] close(12) = -1 EBADF (Bad file descriptor) [pid 6626] close(13) = -1 EBADF (Bad file descriptor) [pid 6626] close(14) = -1 EBADF (Bad file descriptor) [pid 6626] close(15) = -1 EBADF (Bad file descriptor) [pid 6626] close(16) = -1 EBADF (Bad file descriptor) [pid 6626] close(17) = -1 EBADF (Bad file descriptor) [pid 6626] close(18) = -1 EBADF (Bad file descriptor) [pid 6626] close(19) = -1 EBADF (Bad file descriptor) [pid 6626] close(20) = -1 EBADF (Bad file descriptor) [pid 6626] close(21) = -1 EBADF (Bad file descriptor) [pid 6626] close(22) = -1 EBADF (Bad file descriptor) [pid 6626] close(23) = -1 EBADF (Bad file descriptor) [pid 6626] close(24) = -1 EBADF (Bad file descriptor) [pid 6626] close(25) = -1 EBADF (Bad file descriptor) [pid 6626] close(26) = -1 EBADF (Bad file descriptor) [pid 6626] close(27) = -1 EBADF (Bad file descriptor) [pid 6626] close(28) = -1 EBADF (Bad file descriptor) [pid 6626] close(29) = -1 EBADF (Bad file descriptor) [pid 6626] exit_group(0) = ? [pid 6628] <... futex resumed>) = ? [pid 6627] <... futex resumed>) = ? [pid 6628] +++ exited with 0 +++ [pid 6627] +++ exited with 0 +++ [pid 6626] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1544, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5063] umount2("./514", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./514", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./514/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./514/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./514/cgroup.cpu") = 0 [pid 5063] umount2("./514/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./514/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./514/binderfs") = 0 [pid 5063] umount2("./514/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./514/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./514/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./514/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./514/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./514/file0") = 0 [pid 5063] umount2("./514/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./514/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./514/cgroup") = 0 [pid 5063] umount2("./514/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./514/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./514/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./514") = 0 [pid 5063] mkdir("./515", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1547 ./strace-static-x86_64: Process 6629 attached [pid 6629] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6629] chdir("./515") = 0 [pid 6629] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6629] setpgid(0, 0) = 0 [pid 6629] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6629] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6629] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6629] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6629] write(3, "1000", 4) = 4 [pid 6629] close(3) = 0 [pid 6629] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6629] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6629] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6629] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6629] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6629] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6629] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6630 attached [pid 6630] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053) = 0 [pid 6630] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6630] rt_sigprocmask(SIG_SETMASK, [], [pid 6629] <... clone3 resumed> => {parent_tid=[1548]}, 88) = 1548 [pid 6630] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6629] rt_sigprocmask(SIG_SETMASK, [], [pid 6630] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6629] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6629] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6630] <... futex resumed>) = 0 [pid 6629] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6630] memfd_create("syzkaller", 0) = 3 [pid 6630] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6630] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6630] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6630] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6630] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6630] close(3) = 0 [pid 6630] mkdir("./file0", 0777) = 0 [pid 6630] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6630] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6630] chdir("./file0") = 0 [pid 6630] ioctl(4, LOOP_CLR_FD) = 0 [pid 6630] close(4) = 0 [ 356.702370][ T6630] loop0: detected capacity change from 0 to 4096 [ 356.719902][ T6630] ntfs: volume version 3.1. [pid 6630] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6629] <... futex resumed>) = 0 [pid 6630] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6629] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6630] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6629] <... futex resumed>) = 0 [pid 6630] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6629] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6630] <... openat resumed>) = 4 [pid 6630] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6629] <... futex resumed>) = 0 [pid 6629] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6630] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6629] <... futex resumed>) = 0 [pid 6629] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6629] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6629] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6629] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6629] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6629] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6631 attached [pid 6630] <... write resumed>) = 1048064 [pid 6629] <... clone3 resumed> => {parent_tid=[1549]}, 88) = 1549 [pid 6631] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6629] rt_sigprocmask(SIG_SETMASK, [], [pid 6630] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6631] <... rseq resumed>) = 0 [pid 6629] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6631] set_robust_list(0x7eff0a3299a0, 24 [pid 6630] <... futex resumed>) = 0 [pid 6629] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6631] <... set_robust_list resumed>) = 0 [pid 6629] <... futex resumed>) = 0 [pid 6631] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6630] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6629] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6631] creat("./file1", 000) = 5 [pid 6631] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6629] <... futex resumed>) = 0 [pid 6631] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6629] close(3) = 0 [pid 6629] close(4) = 0 [pid 6629] close(5) = 0 [pid 6629] close(6) = -1 EBADF (Bad file descriptor) [pid 6629] close(7) = -1 EBADF (Bad file descriptor) [pid 6629] close(8) = -1 EBADF (Bad file descriptor) [pid 6629] close(9) = -1 EBADF (Bad file descriptor) [pid 6629] close(10) = -1 EBADF (Bad file descriptor) [pid 6629] close(11) = -1 EBADF (Bad file descriptor) [pid 6629] close(12) = -1 EBADF (Bad file descriptor) [pid 6629] close(13) = -1 EBADF (Bad file descriptor) [pid 6629] close(14) = -1 EBADF (Bad file descriptor) [pid 6629] close(15) = -1 EBADF (Bad file descriptor) [pid 6629] close(16) = -1 EBADF (Bad file descriptor) [pid 6629] close(17) = -1 EBADF (Bad file descriptor) [pid 6629] close(18) = -1 EBADF (Bad file descriptor) [pid 6629] close(19) = -1 EBADF (Bad file descriptor) [pid 6629] close(20) = -1 EBADF (Bad file descriptor) [pid 6629] close(21) = -1 EBADF (Bad file descriptor) [pid 6629] close(22) = -1 EBADF (Bad file descriptor) [pid 6629] close(23) = -1 EBADF (Bad file descriptor) [pid 6629] close(24) = -1 EBADF (Bad file descriptor) [pid 6629] close(25) = -1 EBADF (Bad file descriptor) [pid 6629] close(26) = -1 EBADF (Bad file descriptor) [pid 6629] close(27) = -1 EBADF (Bad file descriptor) [pid 6629] close(28) = -1 EBADF (Bad file descriptor) [pid 6629] close(29) = -1 EBADF (Bad file descriptor) [pid 6629] exit_group(0 [pid 6631] <... futex resumed>) = ? [pid 6630] <... futex resumed>) = ? [pid 6629] <... exit_group resumed>) = ? [pid 6631] +++ exited with 0 +++ [pid 6630] +++ exited with 0 +++ [pid 6629] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1547, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5063] umount2("./515", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./515", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./515/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./515/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./515/cgroup.cpu") = 0 [pid 5063] umount2("./515/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./515/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./515/binderfs") = 0 [pid 5063] umount2("./515/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./515/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./515/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./515/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./515/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./515/file0") = 0 [pid 5063] umount2("./515/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./515/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./515/cgroup") = 0 [pid 5063] umount2("./515/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./515/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./515/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./515") = 0 [pid 5063] mkdir("./516", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1550 ./strace-static-x86_64: Process 6632 attached [pid 6632] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6632] chdir("./516") = 0 [pid 6632] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6632] setpgid(0, 0) = 0 [pid 6632] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6632] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6632] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6632] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6632] write(3, "1000", 4) = 4 [pid 6632] close(3) = 0 [pid 6632] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6632] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6632] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6632] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6632] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6632] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6632] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6632] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6633 attached => {parent_tid=[1551]}, 88) = 1551 [pid 6633] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6632] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6632] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6633] <... rseq resumed>) = 0 [pid 6633] set_robust_list(0x7eff0a34a9a0, 24 [pid 6632] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6633] <... set_robust_list resumed>) = 0 [pid 6633] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6633] memfd_create("syzkaller", 0) = 3 [pid 6633] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6633] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6633] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6633] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6633] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6633] close(3) = 0 [pid 6633] mkdir("./file0", 0777) = 0 [ 357.212794][ T6633] loop0: detected capacity change from 0 to 4096 [ 357.226545][ T6633] __ntfs_warning: 190 callbacks suppressed [ 357.226564][ T6633] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 357.253815][ T6633] ntfs: (device loop0): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 357.263407][ T6633] ntfs: (device loop0): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 357.279677][ T6633] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 357.288423][ T6633] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 357.308388][ T6633] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 357.317211][ T6633] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 357.337457][ T6633] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [pid 6633] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6633] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6633] chdir("./file0") = 0 [pid 6633] ioctl(4, LOOP_CLR_FD) = 0 [pid 6633] close(4) = 0 [pid 6633] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6632] <... futex resumed>) = 0 [pid 6633] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6632] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6633] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6632] <... futex resumed>) = 0 [pid 6633] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6632] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6633] <... openat resumed>) = 4 [pid 6633] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6633] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6632] <... futex resumed>) = 0 [pid 6632] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6633] <... futex resumed>) = 0 [pid 6632] <... futex resumed>) = 1 [pid 6633] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [ 357.346181][ T6633] ntfs: (device loop0): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 357.366154][ T6633] ntfs: (device loop0): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 357.376450][ T6633] ntfs: volume version 3.1. [pid 6632] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6632] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6632] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6632] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE [pid 6633] <... write resumed>) = 1048064 [pid 6633] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6632] <... mprotect resumed>) = 0 [pid 6633] <... futex resumed>) = 0 [pid 6633] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6632] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6632] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6634 attached => {parent_tid=[1552]}, 88) = 1552 [pid 6634] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6632] rt_sigprocmask(SIG_SETMASK, [], [pid 6634] <... rseq resumed>) = 0 [pid 6632] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6634] set_robust_list(0x7eff0a3299a0, 24) = 0 [pid 6632] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6634] rt_sigprocmask(SIG_SETMASK, [], [pid 6632] <... futex resumed>) = 0 [pid 6634] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6634] creat("./file1", 000 [pid 6632] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6634] <... creat resumed>) = 5 [pid 6634] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6634] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6632] <... futex resumed>) = 0 [pid 6632] close(3) = 0 [pid 6632] close(4) = 0 [pid 6632] close(5) = 0 [pid 6632] close(6) = -1 EBADF (Bad file descriptor) [pid 6632] close(7) = -1 EBADF (Bad file descriptor) [pid 6632] close(8) = -1 EBADF (Bad file descriptor) [pid 6632] close(9) = -1 EBADF (Bad file descriptor) [pid 6632] close(10) = -1 EBADF (Bad file descriptor) [pid 6632] close(11) = -1 EBADF (Bad file descriptor) [pid 6632] close(12) = -1 EBADF (Bad file descriptor) [pid 6632] close(13) = -1 EBADF (Bad file descriptor) [pid 6632] close(14) = -1 EBADF (Bad file descriptor) [pid 6632] close(15) = -1 EBADF (Bad file descriptor) [pid 6632] close(16) = -1 EBADF (Bad file descriptor) [pid 6632] close(17) = -1 EBADF (Bad file descriptor) [pid 6632] close(18) = -1 EBADF (Bad file descriptor) [pid 6632] close(19) = -1 EBADF (Bad file descriptor) [pid 6632] close(20) = -1 EBADF (Bad file descriptor) [pid 6632] close(21) = -1 EBADF (Bad file descriptor) [pid 6632] close(22) = -1 EBADF (Bad file descriptor) [pid 6632] close(23) = -1 EBADF (Bad file descriptor) [pid 6632] close(24) = -1 EBADF (Bad file descriptor) [pid 6632] close(25) = -1 EBADF (Bad file descriptor) [pid 6632] close(26) = -1 EBADF (Bad file descriptor) [pid 6632] close(27) = -1 EBADF (Bad file descriptor) [pid 6632] close(28) = -1 EBADF (Bad file descriptor) [pid 6632] close(29) = -1 EBADF (Bad file descriptor) [pid 6632] exit_group(0) = ? [pid 6634] <... futex resumed>) = ? [pid 6633] <... futex resumed>) = ? [pid 6634] +++ exited with 0 +++ [pid 6633] +++ exited with 0 +++ [pid 6632] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1550, si_uid=0, si_status=0, si_utime=0, si_stime=22 /* 0.22 s */} --- [pid 5063] umount2("./516", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./516", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./516/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./516/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./516/cgroup.cpu") = 0 [pid 5063] umount2("./516/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./516/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./516/binderfs") = 0 [pid 5063] umount2("./516/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./516/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./516/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./516/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./516/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./516/file0") = 0 [pid 5063] umount2("./516/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./516/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./516/cgroup") = 0 [pid 5063] umount2("./516/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./516/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./516/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./516") = 0 [pid 5063] mkdir("./517", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1553 ./strace-static-x86_64: Process 6635 attached [pid 6635] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6635] chdir("./517") = 0 [pid 6635] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6635] setpgid(0, 0) = 0 [pid 6635] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6635] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6635] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6635] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6635] write(3, "1000", 4) = 4 [pid 6635] close(3) = 0 [pid 6635] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6635] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6635] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6635] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6635] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6635] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6635] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6635] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6636 attached => {parent_tid=[1554]}, 88) = 1554 [pid 6636] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6635] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6635] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6635] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6636] <... rseq resumed>) = 0 [pid 6636] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6636] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6636] memfd_create("syzkaller", 0) = 3 [pid 6636] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6636] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6636] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6636] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6636] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6636] close(3) = 0 [pid 6636] mkdir("./file0", 0777) = 0 [pid 6636] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6636] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6636] chdir("./file0") = 0 [pid 6636] ioctl(4, LOOP_CLR_FD) = 0 [pid 6636] close(4) = 0 [pid 6636] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6636] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6635] <... futex resumed>) = 0 [pid 6635] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6636] <... futex resumed>) = 0 [pid 6636] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6635] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6636] <... openat resumed>) = 4 [pid 6636] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6635] <... futex resumed>) = 0 [pid 6635] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [ 357.858097][ T6636] loop0: detected capacity change from 0 to 4096 [ 357.873153][ T6636] ntfs: volume version 3.1. [pid 6635] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6636] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6635] <... futex resumed>) = -1 ETIMEDOUT (Connection timed out) [pid 6635] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6635] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6635] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6635] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6635] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6637 attached [pid 6637] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6635] <... clone3 resumed> => {parent_tid=[1555]}, 88) = 1555 [pid 6637] <... rseq resumed>) = 0 [pid 6637] set_robust_list(0x7eff0a3299a0, 24 [pid 6635] rt_sigprocmask(SIG_SETMASK, [], [pid 6637] <... set_robust_list resumed>) = 0 [pid 6635] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6637] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6635] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6637] creat("./file1", 000 [pid 6635] <... futex resumed>) = 0 [pid 6635] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6637] <... creat resumed>) = 5 [pid 6636] <... write resumed>) = 1048064 [pid 6637] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6636] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6635] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6635] close(3 [pid 6636] <... futex resumed>) = 0 [pid 6635] <... close resumed>) = 0 [pid 6637] <... futex resumed>) = 0 [pid 6635] close(4 [pid 6637] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6636] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6635] <... close resumed>) = 0 [pid 6635] close(5) = 0 [pid 6635] close(6) = -1 EBADF (Bad file descriptor) [pid 6635] close(7) = -1 EBADF (Bad file descriptor) [pid 6635] close(8) = -1 EBADF (Bad file descriptor) [pid 6635] close(9) = -1 EBADF (Bad file descriptor) [pid 6635] close(10) = -1 EBADF (Bad file descriptor) [pid 6635] close(11) = -1 EBADF (Bad file descriptor) [pid 6635] close(12) = -1 EBADF (Bad file descriptor) [pid 6635] close(13) = -1 EBADF (Bad file descriptor) [pid 6635] close(14) = -1 EBADF (Bad file descriptor) [pid 6635] close(15) = -1 EBADF (Bad file descriptor) [pid 6635] close(16) = -1 EBADF (Bad file descriptor) [pid 6635] close(17) = -1 EBADF (Bad file descriptor) [pid 6635] close(18) = -1 EBADF (Bad file descriptor) [pid 6635] close(19) = -1 EBADF (Bad file descriptor) [pid 6635] close(20) = -1 EBADF (Bad file descriptor) [pid 6635] close(21) = -1 EBADF (Bad file descriptor) [pid 6635] close(22) = -1 EBADF (Bad file descriptor) [pid 6635] close(23) = -1 EBADF (Bad file descriptor) [pid 6635] close(24) = -1 EBADF (Bad file descriptor) [pid 6635] close(25) = -1 EBADF (Bad file descriptor) [pid 6635] close(26) = -1 EBADF (Bad file descriptor) [pid 6635] close(27) = -1 EBADF (Bad file descriptor) [pid 6635] close(28) = -1 EBADF (Bad file descriptor) [pid 6635] close(29) = -1 EBADF (Bad file descriptor) [pid 6635] exit_group(0) = ? [pid 6637] <... futex resumed>) = ? [pid 6636] <... futex resumed>) = ? [pid 6636] +++ exited with 0 +++ [pid 6637] +++ exited with 0 +++ [pid 6635] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1553, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5063] umount2("./517", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./517", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./517/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./517/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./517/cgroup.cpu") = 0 [pid 5063] umount2("./517/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./517/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./517/binderfs") = 0 [pid 5063] umount2("./517/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./517/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./517/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./517/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./517/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./517/file0") = 0 [pid 5063] umount2("./517/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./517/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./517/cgroup") = 0 [pid 5063] umount2("./517/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./517/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./517/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./517") = 0 [pid 5063] mkdir("./518", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555560b8690) = 1556 ./strace-static-x86_64: Process 6638 attached [pid 6638] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6638] chdir("./518") = 0 [pid 6638] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6638] setpgid(0, 0) = 0 [pid 6638] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6638] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6638] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6638] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6638] write(3, "1000", 4) = 4 [pid 6638] close(3) = 0 [pid 6638] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6638] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6638] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6638] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6638] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6638] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6638] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6638] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6639 attached => {parent_tid=[1557]}, 88) = 1557 [pid 6639] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6638] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6638] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6638] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6639] <... rseq resumed>) = 0 [pid 6639] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6639] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6639] memfd_create("syzkaller", 0) = 3 [pid 6639] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6639] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 6639] munmap(0x7eff01f2a000, 138412032) = 0 [pid 6639] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 6639] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 6639] close(3) = 0 [pid 6639] mkdir("./file0", 0777) = 0 [pid 6639] mount("/dev/loop0", "./file0", "ntfs", 0, "errors=continue,errors=recover,utf8,errors=recover,fmask=00000000000017777777777,dmask=0000000000400"...) = 0 [pid 6639] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 6639] chdir("./file0") = 0 [pid 6639] ioctl(4, LOOP_CLR_FD) = 0 [pid 6639] close(4) = 0 [ 358.414228][ T6639] loop0: detected capacity change from 0 to 4096 [ 358.432497][ T6639] ntfs: volume version 3.1. [pid 6639] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6638] <... futex resumed>) = 0 [pid 6639] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6638] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6639] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6638] <... futex resumed>) = 0 [pid 6639] openat(AT_FDCWD, "./file1", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_NOATIME, 000 [pid 6638] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6639] <... openat resumed>) = 4 [pid 6639] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6638] <... futex resumed>) = 0 [pid 6639] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6638] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6639] <... futex resumed>) = -1 EAGAIN (Resource temporarily unavailable) [pid 6638] <... futex resumed>) = 0 [pid 6639] write(4, "\x74\xef\xc4\xc4\x19\xfd\xb8\xd6\x6b\xbb\xa7\x28\xf3\x71\xd0\x56\xad\x6f\x01\xe9\x76\x2d\x70\x40\x1d\x1c\x9d\x33\x1b\x48\xb9\x25\xe9\xe6\xa7\x75\x9a\xbb\x20\x6b\x9b\x18\xbf\xc3\xf3\xf9\x6a\xdb\x2b\x37\xc2\x12\x1e\xf2\x1e\x91\xba\xc7\x68\xdd\x33\xdf\x29\x64\x9d\xa1\xd8\x2e\x82\x6a\x55\xc4\xd6\x20\xb6\xf5\x10\xda\xee\x26\x00\x4b\x74\x1c\x95\x1d\x52\x8d\x80\x6e\xfb\xe0\x0c\x43\x9f\x2d\xf4\x6d\x3a\xdf"..., 1048064 [pid 6638] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000}) = -1 ETIMEDOUT (Connection timed out) [pid 6638] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6638] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a309000 [pid 6638] mprotect(0x7eff0a30a000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6638] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6638] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a329990, parent_tid=0x7eff0a329990, exit_signal=0, stack=0x7eff0a309000, stack_size=0x20300, tls=0x7eff0a3296c0}./strace-static-x86_64: Process 6640 attached [pid 6640] rseq(0x7eff0a329fe0, 0x20, 0, 0x53053053 [pid 6638] <... clone3 resumed> => {parent_tid=[1558]}, 88) = 1558 [pid 6638] rt_sigprocmask(SIG_SETMASK, [], [pid 6640] <... rseq resumed>) = 0 [pid 6639] <... write resumed>) = 1048064 [pid 6638] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6640] set_robust_list(0x7eff0a3299a0, 24 [pid 6639] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000 [pid 6638] futex(0x7eff0a4346d8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6640] <... set_robust_list resumed>) = 0 [pid 6639] <... futex resumed>) = 0 [pid 6638] <... futex resumed>) = 0 [pid 6640] rt_sigprocmask(SIG_SETMASK, [], [pid 6639] futex(0x7eff0a4346c8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6638] futex(0x7eff0a4346dc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=0, tv_nsec=50000000} [pid 6640] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6640] creat("./file1", 000) = 5 [pid 6640] futex(0x7eff0a4346dc, FUTEX_WAKE_PRIVATE, 1000000) = 1 [pid 6638] <... futex resumed>) = 0 [pid 6640] futex(0x7eff0a4346d8, FUTEX_WAIT_PRIVATE, 0, NULL [pid 6638] close(3) = 0 [pid 6638] close(4) = 0 [pid 6638] close(5) = 0 [pid 6638] close(6) = -1 EBADF (Bad file descriptor) [pid 6638] close(7) = -1 EBADF (Bad file descriptor) [pid 6638] close(8) = -1 EBADF (Bad file descriptor) [pid 6638] close(9) = -1 EBADF (Bad file descriptor) [pid 6638] close(10) = -1 EBADF (Bad file descriptor) [pid 6638] close(11) = -1 EBADF (Bad file descriptor) [pid 6638] close(12) = -1 EBADF (Bad file descriptor) [pid 6638] close(13) = -1 EBADF (Bad file descriptor) [pid 6638] close(14) = -1 EBADF (Bad file descriptor) [pid 6638] close(15) = -1 EBADF (Bad file descriptor) [pid 6638] close(16) = -1 EBADF (Bad file descriptor) [pid 6638] close(17) = -1 EBADF (Bad file descriptor) [pid 6638] close(18) = -1 EBADF (Bad file descriptor) [pid 6638] close(19) = -1 EBADF (Bad file descriptor) [pid 6638] close(20) = -1 EBADF (Bad file descriptor) [pid 6638] close(21) = -1 EBADF (Bad file descriptor) [pid 6638] close(22) = -1 EBADF (Bad file descriptor) [pid 6638] close(23) = -1 EBADF (Bad file descriptor) [pid 6638] close(24) = -1 EBADF (Bad file descriptor) [pid 6638] close(25) = -1 EBADF (Bad file descriptor) [pid 6638] close(26) = -1 EBADF (Bad file descriptor) [pid 6638] close(27) = -1 EBADF (Bad file descriptor) [pid 6638] close(28) = -1 EBADF (Bad file descriptor) [pid 6638] close(29) = -1 EBADF (Bad file descriptor) [pid 6638] exit_group(0) = ? [pid 6639] <... futex resumed>) = ? [pid 6640] <... futex resumed>) = ? [pid 6639] +++ exited with 0 +++ [pid 6640] +++ exited with 0 +++ [pid 6638] +++ exited with 0 +++ [pid 5063] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1556, si_uid=0, si_status=0, si_utime=0, si_stime=93 /* 0.93 s */} --- [pid 5063] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5063] umount2("./518", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./518", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5063] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 7 entries */, 32768) = 208 [pid 5063] umount2("./518/cgroup.cpu", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./518/cgroup.cpu", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./518/cgroup.cpu") = 0 [pid 5063] umount2("./518/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./518/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./518/binderfs") = 0 [pid 5063] umount2("./518/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5063] umount2("./518/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./518/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] umount2("./518/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] openat(AT_FDCWD, "./518/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5063] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5063] getdents64(4, 0x5555560c1770 /* 2 entries */, 32768) = 48 [pid 5063] getdents64(4, 0x5555560c1770 /* 0 entries */, 32768) = 0 [pid 5063] close(4) = 0 [pid 5063] rmdir("./518/file0") = 0 [pid 5063] umount2("./518/cgroup", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./518/cgroup", {st_mode=S_IFLNK|0777, st_size=23, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./518/cgroup") = 0 [pid 5063] umount2("./518/cgroup.net", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5063] newfstatat(AT_FDCWD, "./518/cgroup.net", {st_mode=S_IFLNK|0777, st_size=19, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5063] unlink("./518/cgroup.net") = 0 [pid 5063] getdents64(3, 0x5555560b9730 /* 0 entries */, 32768) = 0 [pid 5063] close(3) = 0 [pid 5063] rmdir("./518") = 0 [pid 5063] mkdir("./519", 0777) = 0 [pid 5063] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5063] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5063] close(3) = 0 [pid 5063] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 6641 attached , child_tidptr=0x5555560b8690) = 1559 [pid 6641] set_robust_list(0x5555560b86a0, 24) = 0 [pid 6641] chdir("./519") = 0 [pid 6641] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 6641] setpgid(0, 0) = 0 [pid 6641] symlink("/syzcgroup/unified/syz0", "./cgroup") = 0 [pid 6641] symlink("/syzcgroup/cpu/syz0", "./cgroup.cpu") = 0 [pid 6641] symlink("/syzcgroup/net/syz0", "./cgroup.net") = 0 [pid 6641] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 6641] write(3, "1000", 4) = 4 [pid 6641] close(3) = 0 [pid 6641] symlink("/dev/binderfs", "./binderfs") = 0 [pid 6641] futex(0x7eff0a4346cc, FUTEX_WAKE_PRIVATE, 1000000) = 0 [pid 6641] rt_sigaction(SIGRT_1, {sa_handler=0x7eff0a3b48e0, sa_mask=[], sa_flags=SA_RESTORER|SA_ONSTACK|SA_RESTART|SA_SIGINFO, sa_restorer=0x7eff0a3a5a90}, NULL, 8) = 0 [pid 6641] rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0 [pid 6641] mmap(NULL, 135168, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7eff0a32a000 [pid 6641] mprotect(0x7eff0a32b000, 131072, PROT_READ|PROT_WRITE) = 0 [pid 6641] rt_sigprocmask(SIG_BLOCK, ~[], [], 8) = 0 [pid 6641] clone3({flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, child_tid=0x7eff0a34a990, parent_tid=0x7eff0a34a990, exit_signal=0, stack=0x7eff0a32a000, stack_size=0x20300, tls=0x7eff0a34a6c0}./strace-static-x86_64: Process 6642 attached => {parent_tid=[1560]}, 88) = 1560 [pid 6642] rseq(0x7eff0a34afe0, 0x20, 0, 0x53053053 [pid 6641] rt_sigprocmask(SIG_SETMASK, [], [pid 6642] <... rseq resumed>) = 0 [pid 6641] <... rt_sigprocmask resumed>NULL, 8) = 0 [pid 6642] set_robust_list(0x7eff0a34a9a0, 24) = 0 [pid 6641] futex(0x7eff0a4346c8, FUTEX_WAKE_PRIVATE, 1000000 [pid 6642] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 6641] <... futex resumed>) = 0 [pid 6641] futex(0x7eff0a4346cc, FUTEX_WAIT_PRIVATE, 0, {tv_sec=4, tv_nsec=50000000} [pid 6642] memfd_create("syzkaller", 0) = 3 [pid 6642] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7eff01f2a000 [pid 6642] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x02\x02\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x0f\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\xff\x03\x00\x00\x00\x00\x00\x00\xb5\x0b\x00\x00\x04\x00\x00\x00\xf7\x9a\x81\x47\x2b\x73\xcf\x43\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152