./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1036559698 <...> [ 86.901684][ T31] cfg80211: failed to load regulatory.db Warning: Permanently added '10.128.10.26' (ED25519) to the list of known hosts. execve("./syz-executor1036559698", ["./syz-executor1036559698"], 0x7ffeb6b101e0 /* 10 vars */) = 0 brk(NULL) = 0x55558eab2000 brk(0x55558eab2d00) = 0x55558eab2d00 arch_prctl(ARCH_SET_FS, 0x55558eab2380) = 0 set_tid_address(0x55558eab2650) = 5823 set_robust_list(0x55558eab2660, 24) = 0 rseq(0x55558eab2ca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor1036559698", 4096) = 28 getrandom("\x3d\x82\xec\xd6\xdc\x3e\xbd\x7b", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55558eab2d00 brk(0x55558ead3d00) = 0x55558ead3d00 brk(0x55558ead4000) = 0x55558ead4000 mprotect(0x7fde850d5000, 16384, PROT_READ) = 0 mmap(0x1ffffffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffffffff000 mmap(0x200000000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200000000000 mmap(0x200001000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x200001000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5824 attached , child_tidptr=0x55558eab2650) = 5824 [pid 5824] set_robust_list(0x55558eab2660, 24) = 0 [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] mkdir("./syzkaller.mJlY0D", 0700./strace-static-x86_64: Process 5825 attached [pid 5823] <... clone resumed>, child_tidptr=0x55558eab2650) = 5825 [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] set_robust_list(0x55558eab2660, 24./strace-static-x86_64: Process 5826 attached ) = 0 [pid 5823] <... clone resumed>, child_tidptr=0x55558eab2650) = 5826 [pid 5826] set_robust_list(0x55558eab2660, 24 [pid 5825] mkdir("./syzkaller.NQE0bH", 0700 [pid 5824] <... mkdir resumed>) = 0 [pid 5826] <... set_robust_list resumed>) = 0 [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] mkdir("./syzkaller.1xDudC", 0700 [pid 5825] <... mkdir resumed>) = 0 [pid 5824] chmod("./syzkaller.mJlY0D", 0777 [pid 5825] chmod("./syzkaller.NQE0bH", 0777./strace-static-x86_64: Process 5827 attached [pid 5826] <... mkdir resumed>) = 0 [pid 5824] <... chmod resumed>) = 0 [pid 5823] <... clone resumed>, child_tidptr=0x55558eab2650) = 5827 [pid 5827] set_robust_list(0x55558eab2660, 24 [pid 5826] chmod("./syzkaller.1xDudC", 0777 [pid 5825] <... chmod resumed>) = 0 [pid 5824] chdir("./syzkaller.mJlY0D" [pid 5823] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] <... set_robust_list resumed>) = 0 [pid 5826] <... chmod resumed>) = 0 [pid 5827] mkdir("./syzkaller.2Lxsyp", 0700 [pid 5825] chdir("./syzkaller.NQE0bH" [pid 5826] chdir("./syzkaller.1xDudC") = 0 [pid 5825] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5828 attached [pid 5826] mkdir("./0", 0777 [pid 5825] mkdir("./0", 0777 [pid 5824] <... chdir resumed>) = 0 [pid 5824] mkdir("./0", 0777 [pid 5823] <... clone resumed>, child_tidptr=0x55558eab2650) = 5828 [pid 5825] <... mkdir resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5828] set_robust_list(0x55558eab2660, 24 [pid 5827] chmod("./syzkaller.2Lxsyp", 0777 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] <... mkdir resumed>) = 0 [pid 5828] <... set_robust_list resumed>) = 0 [pid 5827] <... chmod resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] chdir("./syzkaller.2Lxsyp" [pid 5826] <... openat resumed>) = 3 [pid 5825] <... openat resumed>) = 3 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] mkdir("./syzkaller.hvw2f8", 0700 [pid 5827] <... chdir resumed>) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5827] mkdir("./0", 0777 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5826] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5826] close(3 [pid 5828] chmod("./syzkaller.hvw2f8", 0777 [pid 5824] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5824] close(3 [pid 5825] close(3 [pid 5828] <... chmod resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5825] <... close resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5828] chdir("./syzkaller.hvw2f8" [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5829 attached ./strace-static-x86_64: Process 5830 attached [pid 5830] set_robust_list(0x55558eab2660, 24./strace-static-x86_64: Process 5831 attached ) = 0 [pid 5829] set_robust_list(0x55558eab2660, 24 [pid 5828] <... chdir resumed>) = 0 [pid 5827] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5830 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5829 [pid 5831] set_robust_list(0x55558eab2660, 24 [pid 5830] chdir("./0" [pid 5829] <... set_robust_list resumed>) = 0 [pid 5828] mkdir("./0", 0777 [pid 5827] close(3 [pid 5831] <... set_robust_list resumed>) = 0 [pid 5830] <... chdir resumed>) = 0 [pid 5829] chdir("./0" [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5830] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5831] chdir("./0" [pid 5830] <... prctl resumed>) = 0 [pid 5829] <... chdir resumed>) = 0 [pid 5830] setpgid(0, 0 [pid 5829] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5831] <... chdir resumed>) = 0 [pid 5830] <... setpgid resumed>) = 0 [pid 5829] <... prctl resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5831 [pid 5831] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5832 attached [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5831] setpgid(0, 0 [pid 5828] <... openat resumed>) = 3 [pid 5831] <... setpgid resumed>) = 0 [pid 5832] set_robust_list(0x55558eab2660, 24 [pid 5831] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5830] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5829] setpgid(0, 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5832 [pid 5832] <... set_robust_list resumed>) = 0 [pid 5831] <... openat resumed>) = 3 [pid 5830] <... openat resumed>) = 3 [pid 5829] <... setpgid resumed>) = 0 [pid 5828] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5832] chdir("./0" [pid 5830] write(3, "1000", 4 [pid 5829] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] close(3 [pid 5832] <... chdir resumed>) = 0 [pid 5831] write(3, "1000", 4 [pid 5830] <... write resumed>) = 4 [pid 5829] <... openat resumed>) = 3 [pid 5828] <... close resumed>) = 0 [pid 5832] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5831] <... write resumed>) = 4 [pid 5830] close(3 [pid 5829] write(3, "1000", 4 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5832] <... prctl resumed>) = 0 [pid 5831] close(3 [pid 5830] <... close resumed>) = 0 [pid 5829] <... write resumed>) = 4 ./strace-static-x86_64: Process 5833 attached [pid 5832] setpgid(0, 0 [pid 5830] symlink("/dev/binderfs", "./binderfs" [pid 5829] close(3 [pid 5832] <... setpgid resumed>) = 0 [pid 5831] <... close resumed>) = 0 [pid 5829] <... close resumed>) = 0 [pid 5831] symlink("/dev/binderfs", "./binderfs" [pid 5832] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5831] <... symlink resumed>) = 0 [pid 5829] symlink("/dev/binderfs", "./binderfs" [pid 5833] set_robust_list(0x55558eab2660, 24) = 0 [pid 5830] <... symlink resumed>) = 0 [pid 5833] chdir("./0" [pid 5831] write(1, "executing program\n", 18executing program [pid 5829] <... symlink resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5833 executing program executing program [pid 5833] <... chdir resumed>) = 0 [pid 5832] <... openat resumed>) = 3 [pid 5831] <... write resumed>) = 18 [pid 5830] write(1, "executing program\n", 18 [pid 5829] write(1, "executing program\n", 18 [pid 5833] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5832] write(3, "1000", 4 [pid 5831] memfd_create("syzkaller", 0 [pid 5830] <... write resumed>) = 18 [pid 5829] <... write resumed>) = 18 [pid 5833] <... prctl resumed>) = 0 [pid 5832] <... write resumed>) = 4 [pid 5833] setpgid(0, 0) = 0 [pid 5833] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5832] close(3 [pid 5831] <... memfd_create resumed>) = 3 [pid 5832] <... close resumed>) = 0 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5833] <... openat resumed>) = 3 [pid 5830] memfd_create("syzkaller", 0 [pid 5833] write(3, "1000", 4 [pid 5832] symlink("/dev/binderfs", "./binderfs" [pid 5830] <... memfd_create resumed>) = 3 [pid 5829] memfd_create("syzkaller", 0 [pid 5833] <... write resumed>) = 4 [pid 5831] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5832] <... symlink resumed>) = 0 [pid 5833] close(3 executing program executing program [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5829] <... memfd_create resumed>) = 3 [pid 5833] <... close resumed>) = 0 [pid 5832] write(1, "executing program\n", 18 [pid 5833] symlink("/dev/binderfs", "./binderfs" [pid 5830] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5833] <... symlink resumed>) = 0 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5832] <... write resumed>) = 18 [pid 5829] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5832] memfd_create("syzkaller", 0 [pid 5833] write(1, "executing program\n", 18 [pid 5831] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5833] <... write resumed>) = 18 [pid 5832] <... memfd_create resumed>) = 3 [pid 5833] memfd_create("syzkaller", 0 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5833] <... memfd_create resumed>) = 3 [pid 5832] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5830] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5833] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5829] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5831] <... write resumed>) = 2097152 [pid 5831] munmap(0x7fde7cbdc000, 138412032 [pid 5832] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5833] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5831] <... munmap resumed>) = 0 [pid 5830] <... write resumed>) = 2097152 [pid 5829] <... write resumed>) = 2097152 [pid 5831] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5830] munmap(0x7fde7cbdc000, 138412032 [pid 5831] <... openat resumed>) = 4 [pid 5830] <... munmap resumed>) = 0 [pid 5829] munmap(0x7fde7cbdc000, 138412032 [pid 5830] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5831] ioctl(4, LOOP_SET_FD, 3 [pid 5829] <... munmap resumed>) = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5830] <... openat resumed>) = 4 [pid 5829] <... openat resumed>) = 4 [pid 5829] ioctl(4, LOOP_SET_FD, 3 [pid 5830] ioctl(4, LOOP_SET_FD, 3 [pid 5831] <... ioctl resumed>) = 0 [pid 5830] <... ioctl resumed>) = 0 [pid 5831] close(3 [pid 5829] <... ioctl resumed>) = 0 [pid 5831] <... close resumed>) = 0 [pid 5831] close(4 [pid 5829] close(3 [pid 5831] <... close resumed>) = 0 [pid 5830] close(3 [pid 5829] <... close resumed>) = 0 [pid 5830] <... close resumed>) = 0 [pid 5831] mkdir("./file1", 0777 [pid 5830] close(4 [pid 5829] close(4 [pid 5830] <... close resumed>) = 0 [pid 5830] mkdir("./file1", 0777 [pid 5832] <... write resumed>) = 2097152 [pid 5831] <... mkdir resumed>) = 0 [pid 5830] <... mkdir resumed>) = 0 [pid 5833] <... write resumed>) = 2097152 [pid 5832] munmap(0x7fde7cbdc000, 138412032 [pid 5830] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5829] <... close resumed>) = 0 [pid 5833] munmap(0x7fde7cbdc000, 138412032 [ 91.624082][ T5831] loop2: detected capacity change from 0 to 4096 [ 91.637390][ T5830] loop1: detected capacity change from 0 to 4096 [ 91.642904][ T5829] loop0: detected capacity change from 0 to 4096 [pid 5831] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5833] <... munmap resumed>) = 0 [pid 5832] <... munmap resumed>) = 0 [pid 5829] mkdir("./file1", 0777) = 0 [pid 5829] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5832] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5832] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5832] close(3) = 0 [ 91.684351][ T5830] ======================================================= [ 91.684351][ T5830] WARNING: The mand mount option has been deprecated and [ 91.684351][ T5830] and is ignored by this kernel. Remove the mand [ 91.684351][ T5830] option from the mount to silence this warning. [ 91.684351][ T5830] ======================================================= [ 91.686120][ T5830] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5832] close(4) = 0 [pid 5832] mkdir("./file1", 0777) = 0 [pid 5832] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5833] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5833] close(3) = 0 [ 91.687129][ T5831] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 91.693179][ T5829] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 91.711772][ T5832] loop3: detected capacity change from 0 to 4096 [pid 5833] close(4) = 0 [pid 5833] mkdir("./file1", 0777) = 0 [ 91.788312][ T5832] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 91.789181][ T5833] loop4: detected capacity change from 0 to 4096 [ 91.821088][ T5833] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5833] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5830] <... mount resumed>) = 0 [pid 5831] <... mount resumed>) = 0 [pid 5830] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5829] <... mount resumed>) = 0 [pid 5831] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5830] <... openat resumed>) = 3 [pid 5829] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5829] chdir("./file1") = 0 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5829] unlink("./file0/file0" [pid 5831] <... openat resumed>) = 3 [pid 5831] chdir("./file1") = 0 [pid 5831] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5830] chdir("./file1" [pid 5831] unlink("./file0/file0" [pid 5830] <... chdir resumed>) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [ 91.955595][ T5830] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 91.957518][ T5831] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 91.975610][ T5829] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5830] unlink("./file0/file0" [pid 5833] <... mount resumed>) = 0 [pid 5833] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5833] chdir("./file1") = 0 [pid 5829] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5833] unlink("./file0/file0" [pid 5830] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... mount resumed>) = 0 [pid 5832] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5830] memfd_create("syzkaller", 0 [pid 5832] <... openat resumed>) = 3 [pid 5831] <... unlink resumed>) = -1 EINVAL (Invalid argument) [ 92.023793][ T5833] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 92.028165][ T5831] ntfs3(loop2): ino=1b, mi_enum_attr [ 92.028654][ T5831] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 92.038717][ T5829] ntfs3(loop0): ino=1b, mi_enum_attr [ 92.038746][ T5829] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 92.047858][ T5830] ntfs3(loop1): ino=1b, mi_enum_attr [ 92.047889][ T5830] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 92.060605][ T5832] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5832] chdir("./file1" [pid 5833] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5832] <... chdir resumed>) = 0 [pid 5831] memfd_create("syzkaller", 0 [pid 5830] <... memfd_create resumed>) = 4 [pid 5832] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5830] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5829] memfd_create("syzkaller", 0 [pid 5832] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5830] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5833] memfd_create("syzkaller", 0 [pid 5832] unlink("./file0/file0" [pid 5831] <... memfd_create resumed>) = 4 [pid 5829] <... memfd_create resumed>) = 4 [pid 5831] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5829] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5831] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5829] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5833] <... memfd_create resumed>) = 4 [pid 5832] <... unlink resumed>) = -1 EINVAL (Invalid argument) [ 92.076057][ T5833] ntfs3(loop4): ino=1b, mi_enum_attr [ 92.076087][ T5833] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5833] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5832] memfd_create("syzkaller", 0 [pid 5833] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5832] <... memfd_create resumed>) = 4 [pid 5832] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5831] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 92.120948][ T5832] ntfs3(loop3): ino=1b, mi_enum_attr [ 92.120977][ T5832] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5830] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5833] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5832] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5831] <... write resumed>) = 2097152 [pid 5830] <... write resumed>) = 2097152 [pid 5829] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5830] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5831] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5830] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5830] close(4 [pid 5831] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5831] close(4 [pid 5833] <... write resumed>) = 2097152 [pid 5833] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5831] <... close resumed>) = 0 [pid 5829] <... write resumed>) = 2097152 [pid 5833] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5833] close(4 [pid 5832] <... write resumed>) = 2097152 [pid 5831] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5832] munmap(0x7fde7cbdc000, 138412032 [pid 5830] <... close resumed>) = 0 [pid 5829] munmap(0x7fde7cbdc000, 138412032 [pid 5830] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5829] <... munmap resumed>) = 0 [pid 5832] <... munmap resumed>) = 0 [pid 5832] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5830] <... open resumed>) = 4 [pid 5829] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5832] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5831] <... open resumed>) = 4 [pid 5829] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5831] exit_group(0 [pid 5830] exit_group(0 [pid 5831] <... exit_group resumed>) = ? [pid 5833] <... close resumed>) = 0 [pid 5833] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5833] exit_group(0) = ? [pid 5830] <... exit_group resumed>) = ? [pid 5831] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5831, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5826] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5833] +++ exited with 0 +++ [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5832] close(4 [pid 5829] close(4 [pid 5826] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5833, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=15 /* 0.15 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 92.372581][ T37] audit: type=1800 audit(1753942223.300:2): pid=5830 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [ 92.372630][ T37] audit: type=1800 audit(1753942223.300:3): pid=5831 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [pid 5826] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", [pid 5828] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5828] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", [pid 5826] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5830] +++ exited with 0 +++ [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5830, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=15 /* 0.15 s */} --- [pid 5828] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5832] <... close resumed>) = 0 [pid 5825] getdents64(3, [pid 5832] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 92.398123][ T37] audit: type=1800 audit(1753942223.330:4): pid=5833 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [pid 5825] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... close resumed>) = 0 [pid 5832] <... open resumed>) = 4 [pid 5832] exit_group(0 [pid 5828] <... umount2 resumed>) = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5832] <... exit_group resumed>) = ? [pid 5829] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5832] +++ exited with 0 +++ [pid 5828] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./0/file1", [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5832, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=16 /* 0.16 s */} --- [pid 5829] <... open resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] exit_group(0 [pid 5827] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5829] <... exit_group resumed>) = ? [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 4 [pid 5829] +++ exited with 0 +++ [pid 5828] newfstatat(4, "", [pid 5827] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(AT_FDCWD, "./0/file1", [pid 5825] <... umount2 resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(4, [pid 5826] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5829, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(4, [pid 5827] newfstatat(3, "", [pid 5825] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(4 [pid 5827] getdents64(3, [pid 5826] <... openat resumed>) = 4 [pid 5825] newfstatat(AT_FDCWD, "./0/file1", [pid 5824] <... restart_syscall resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] newfstatat(4, "", [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] rmdir("./0/file1" [pid 5827] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5826] getdents64(4, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] umount2("./0", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... openat resumed>) = 4 [pid 5824] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] getdents64(4, [pid 5825] newfstatat(4, "", [pid 5824] <... openat resumed>) = 3 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] newfstatat(3, "", [pid 5826] close(4 [pid 5825] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] rmdir("./0/file1" [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(3, [pid 5828] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5825] getdents64(4, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] close(4) = 0 [pid 5828] unlink("./0/binderfs" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] rmdir("./0/file1") = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(3, [pid 5826] unlink("./0/binderfs" [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(3 [pid 5825] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5828] <... close resumed>) = 0 [pid 5826] getdents64(3, [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 92.499848][ T37] audit: type=1800 audit(1753942223.440:5): pid=5832 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 92.529206][ T37] audit: type=1800 audit(1753942223.460:6): pid=5829 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5828] rmdir("./0" [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] unlink("./0/binderfs" [pid 5826] close(3 [pid 5825] <... unlink resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./0") = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] mkdir("./1", 0777 [pid 5826] mkdir("./1", 0777) = 0 [pid 5825] close(3) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] rmdir("./0" [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... umount2 resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5827] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5825] mkdir("./1", 0777 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... ioctl resumed>) = 0 [pid 5828] <... ioctl resumed>) = 0 [pid 5826] close(3 [pid 5828] close(3 [pid 5827] newfstatat(AT_FDCWD, "./0/file1", [pid 5825] <... mkdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5824] newfstatat(AT_FDCWD, "./0/file1", [pid 5825] <... ioctl resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] close(3 [pid 5824] umount2("./0/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 4 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5824] openat(AT_FDCWD, "./0/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./0/file1") = 0 [pid 5824] <... openat resumed>) = 4 [pid 5827] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] newfstatat(4, "", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./0/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5824] getdents64(4, [pid 5828] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(4) = 0 [pid 5824] rmdir("./0/file1") = 0 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5838 [pid 5824] umount2("./0/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5838 attached [pid 5824] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] unlink("./0/binderfs" [pid 5827] rmdir("./0" [pid 5824] <... unlink resumed>) = 0 [pid 5824] getdents64(3, [pid 5838] set_robust_list(0x55558eab2660, 24 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5839 attached [pid 5838] <... set_robust_list resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5824] close(3 [pid 5839] set_robust_list(0x55558eab2660, 24 [pid 5838] chdir("./1" [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5839] <... set_robust_list resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5839] chdir("./1" [pid 5824] rmdir("./0" [pid 5838] <... chdir resumed>) = 0 [pid 5827] mkdir("./1", 0777 [pid 5839] <... chdir resumed>) = 0 [pid 5838] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5824] <... rmdir resumed>) = 0 [pid 5824] mkdir("./1", 0777 [pid 5838] <... prctl resumed>) = 0 [pid 5838] setpgid(0, 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5840 [pid 5839] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5838] <... setpgid resumed>) = 0 [pid 5839] <... prctl resumed>) = 0 [pid 5838] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5840 attached [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5839 [pid 5839] setpgid(0, 0 [pid 5840] set_robust_list(0x55558eab2660, 24 [pid 5838] <... openat resumed>) = 3 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5840] <... set_robust_list resumed>) = 0 [pid 5839] <... setpgid resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5839] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5838] write(3, "1000", 4 [pid 5839] <... openat resumed>) = 3 [pid 5838] <... write resumed>) = 4 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5838] close(3) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5839] write(3, "1000", 4 [pid 5838] symlink("/dev/binderfs", "./binderfs" [pid 5839] <... write resumed>) = 4 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5838] <... symlink resumed>) = 0 [pid 5839] close(3 [pid 5827] <... ioctl resumed>) = 0 [pid 5840] chdir("./1" [pid 5824] <... openat resumed>) = 3 [pid 5840] <... chdir resumed>) = 0 executing program [pid 5839] <... close resumed>) = 0 [pid 5838] write(1, "executing program\n", 18 [pid 5827] close(3 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5839] symlink("/dev/binderfs", "./binderfs" [pid 5838] <... write resumed>) = 18 [pid 5840] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5824] <... ioctl resumed>) = 0 [pid 5824] close(3 [pid 5840] setpgid(0, 0) = 0 [pid 5840] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5839] <... symlink resumed>) = 0 [pid 5840] <... openat resumed>) = 3 [pid 5838] memfd_create("syzkaller", 0 [pid 5840] write(3, "1000", 4) = 4 [pid 5840] close(3) = 0 [pid 5840] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5839] write(1, "executing program\n", 18executing program [pid 5840] write(1, "executing program\n", 18 [pid 5839] <... write resumed>) = 18 [pid 5840] <... write resumed>) = 18 [pid 5840] memfd_create("syzkaller", 0 [pid 5839] memfd_create("syzkaller", 0 [pid 5838] <... memfd_create resumed>) = 3 [pid 5839] <... memfd_create resumed>) = 3 [pid 5840] <... memfd_create resumed>) = 3 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5838] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5839] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5824] <... close resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5841 attached , child_tidptr=0x55558eab2650) = 5841 [pid 5841] set_robust_list(0x55558eab2660, 24) = 0 [pid 5841] chdir("./1") = 0 [pid 5841] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5841] setpgid(0, 0) = 0 [pid 5841] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5841] write(3, "1000", 4) = 4 [pid 5841] close(3) = 0 [pid 5841] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLDexecuting program [pid 5841] write(1, "executing program\n", 18) = 18 ./strace-static-x86_64: Process 5842 attached [pid 5841] memfd_create("syzkaller", 0 [pid 5842] set_robust_list(0x55558eab2660, 24 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5842 [pid 5842] <... set_robust_list resumed>) = 0 [pid 5841] <... memfd_create resumed>) = 3 [pid 5840] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5839] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5842] chdir("./1" [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5842] <... chdir resumed>) = 0 [pid 5842] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5842] setpgid(0, 0 [pid 5838] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5842] <... setpgid resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5842] write(3, "1000", 4) = 4 [pid 5842] close(3) = 0 [pid 5842] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5842] write(1, "executing program\n", 18executing program ) = 18 [pid 5842] memfd_create("syzkaller", 0) = 3 [pid 5840] <... write resumed>) = 2097152 [pid 5839] <... write resumed>) = 2097152 [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5840] munmap(0x7fde7cbdc000, 138412032 [pid 5839] munmap(0x7fde7cbdc000, 138412032 [pid 5840] <... munmap resumed>) = 0 [pid 5838] <... write resumed>) = 2097152 [pid 5839] <... munmap resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5840] ioctl(4, LOOP_SET_FD, 3 [pid 5839] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5839] ioctl(4, LOOP_SET_FD, 3 [pid 5841] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5838] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5838] ioctl(4, LOOP_SET_FD, 3 [pid 5840] <... ioctl resumed>) = 0 [pid 5839] <... ioctl resumed>) = 0 [pid 5838] <... ioctl resumed>) = 0 [pid 5840] close(3 [pid 5839] close(3 [pid 5838] close(3 [pid 5840] <... close resumed>) = 0 [pid 5838] <... close resumed>) = 0 [pid 5840] close(4 [pid 5838] close(4 [pid 5840] <... close resumed>) = 0 [pid 5838] <... close resumed>) = 0 [pid 5840] mkdir("./file1", 0777 [pid 5839] <... close resumed>) = 0 [pid 5838] mkdir("./file1", 0777 [pid 5842] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5840] <... mkdir resumed>) = 0 [pid 5839] close(4 [pid 5838] <... mkdir resumed>) = 0 [pid 5839] <... close resumed>) = 0 [pid 5839] mkdir("./file1", 0777 [pid 5840] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5839] <... mkdir resumed>) = 0 [ 92.981910][ T5840] loop1: detected capacity change from 0 to 4096 [ 92.988878][ T5839] loop4: detected capacity change from 0 to 4096 [ 93.008983][ T5838] loop2: detected capacity change from 0 to 4096 [pid 5838] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5839] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5841] <... write resumed>) = 2097152 [pid 5841] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5842] <... write resumed>) = 2097152 [pid 5842] munmap(0x7fde7cbdc000, 138412032 [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 93.064229][ T5840] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 93.066718][ T5838] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 93.077465][ T5839] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5841] ioctl(4, LOOP_SET_FD, 3 [pid 5842] <... munmap resumed>) = 0 [pid 5841] <... ioctl resumed>) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5841] close(3 [pid 5842] <... openat resumed>) = 4 [pid 5841] <... close resumed>) = 0 [pid 5841] close(4) = 0 [pid 5841] mkdir("./file1", 0777 [pid 5842] ioctl(4, LOOP_SET_FD, 3 [pid 5841] <... mkdir resumed>) = 0 [pid 5842] <... ioctl resumed>) = 0 [pid 5841] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5842] close(3) = 0 [pid 5842] close(4) = 0 [ 93.134423][ T5841] loop0: detected capacity change from 0 to 4096 [ 93.166256][ T5842] loop3: detected capacity change from 0 to 4096 [ 93.176632][ T5841] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5842] mkdir("./file1", 0777) = 0 [pid 5838] <... mount resumed>) = 0 [pid 5838] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5840] <... mount resumed>) = 0 [pid 5838] chdir("./file1" [pid 5842] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5840] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5838] <... chdir resumed>) = 0 [pid 5840] <... openat resumed>) = 3 [pid 5840] chdir("./file1" [pid 5838] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5840] <... chdir resumed>) = 0 [pid 5838] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5840] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5838] unlink("./file0/file0" [ 93.199330][ T5838] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 93.213773][ T5840] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 93.233051][ T5842] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5840] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5838] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5840] memfd_create("syzkaller", 0 [pid 5839] <... mount resumed>) = 0 [pid 5839] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5840] <... memfd_create resumed>) = 4 [pid 5840] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5839] <... openat resumed>) = 3 [pid 5838] memfd_create("syzkaller", 0 [pid 5840] <... mmap resumed>) = 0x7fde7cbdc000 [ 93.248818][ T5838] ntfs3(loop2): ino=1b, mi_enum_attr [ 93.248848][ T5838] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 93.251287][ T5840] ntfs3(loop1): ino=1b, mi_enum_attr [ 93.251314][ T5840] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 93.280624][ T5839] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5839] chdir("./file1" [pid 5841] <... mount resumed>) = 0 [pid 5839] <... chdir resumed>) = 0 [pid 5838] <... memfd_create resumed>) = 4 [pid 5839] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5838] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5841] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5839] unlink("./file0/file0" [pid 5840] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5841] <... openat resumed>) = 3 [pid 5841] chdir("./file1") = 0 [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5841] unlink("./file0/file0" [pid 5839] <... unlink resumed>) = -1 EINVAL (Invalid argument) [ 93.336647][ T5841] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5838] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5839] memfd_create("syzkaller", 0 [pid 5842] <... mount resumed>) = 0 [pid 5841] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5839] <... memfd_create resumed>) = 4 [pid 5839] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5842] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5839] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5842] <... openat resumed>) = 3 [pid 5841] memfd_create("syzkaller", 0 [pid 5842] chdir("./file1") = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5841] <... memfd_create resumed>) = 4 [pid 5842] unlink("./file0/file0" [pid 5841] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5840] <... write resumed>) = 2097152 [pid 5840] munmap(0x7fde7cbdc000, 138412032 [pid 5842] <... unlink resumed>) = -1 EINVAL (Invalid argument) [ 93.393384][ T5839] ntfs3(loop4): ino=1b, mi_enum_attr [ 93.393415][ T5839] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 93.409710][ T5842] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 93.410058][ T5841] ntfs3(loop0): ino=1b, mi_enum_attr [ 93.410080][ T5841] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5842] memfd_create("syzkaller", 0 [pid 5840] <... munmap resumed>) = 0 [pid 5840] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5840] close(4 [pid 5842] <... memfd_create resumed>) = 4 [pid 5842] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5840] <... close resumed>) = 0 [ 93.457839][ T5842] ntfs3(loop3): ino=1b, mi_enum_attr [ 93.457867][ T5842] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5840] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5841] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5840] <... open resumed>) = 4 [pid 5839] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5838] <... write resumed>) = 2097152 [pid 5842] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5840] exit_group(0 [pid 5838] munmap(0x7fde7cbdc000, 138412032 [pid 5840] <... exit_group resumed>) = ? [pid 5838] <... munmap resumed>) = 0 [pid 5838] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5840] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5840, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5838] close(4 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5825] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 93.560344][ T37] audit: type=1800 audit(1753942224.490:7): pid=5840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5839] <... write resumed>) = 2097152 [pid 5839] munmap(0x7fde7cbdc000, 138412032 [pid 5838] <... close resumed>) = 0 [pid 5841] <... write resumed>) = 2097152 [pid 5839] <... munmap resumed>) = 0 [pid 5842] <... write resumed>) = 2097152 [pid 5838] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5841] munmap(0x7fde7cbdc000, 138412032 [pid 5842] munmap(0x7fde7cbdc000, 138412032 [pid 5839] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5842] <... munmap resumed>) = 0 [pid 5839] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5839] close(4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./1/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5842] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5841] <... munmap resumed>) = 0 [pid 5838] <... open resumed>) = 4 [pid 5825] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5842] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5841] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5838] exit_group(0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5842] close(4 [pid 5841] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5838] <... exit_group resumed>) = ? [pid 5825] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", [pid 5838] +++ exited with 0 +++ [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 5841] close(4 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5838, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5839] <... close resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] close(4 [pid 5826] <... openat resumed>) = 3 [pid 5825] <... close resumed>) = 0 [pid 5826] newfstatat(3, "", [pid 5825] rmdir("./1/file1" [pid 5839] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5826] getdents64(3, [pid 5825] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(AT_FDCWD, "./1/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./1/binderfs") = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./1") = 0 [pid 5825] mkdir("./2", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3 [pid 5842] <... close resumed>) = 0 [pid 5841] <... close resumed>) = 0 [pid 5839] <... open resumed>) = 4 [pid 5841] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [ 93.683038][ T37] audit: type=1800 audit(1753942224.620:8): pid=5838 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [pid 5839] exit_group(0) = ? [pid 5839] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5839, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=15 /* 0.15 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5842] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5842] <... open resumed>) = 4 [pid 5842] exit_group(0) = ? [ 93.741686][ T37] audit: type=1800 audit(1753942224.680:9): pid=5839 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 93.770498][ T37] audit: type=1800 audit(1753942224.710:10): pid=5842 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [pid 5826] <... umount2 resumed>) = 0 [pid 5842] +++ exited with 0 +++ [pid 5841] <... open resumed>) = 4 [pid 5828] <... umount2 resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5826] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./1/file1", [pid 5841] exit_group(0) = ? [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5842, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5843 attached [pid 5827] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(4, [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] close(4 [pid 5841] +++ exited with 0 +++ [pid 5827] <... openat resumed>) = 3 [pid 5826] <... close resumed>) = 0 [pid 5827] newfstatat(3, "", [pid 5826] rmdir("./1/file1" [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5841, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=11 /* 0.11 s */} --- [pid 5843] set_robust_list(0x55558eab2660, 24 [pid 5828] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5824] umount2("./1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(3, [pid 5824] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... openat resumed>) = 3 [pid 5843] <... set_robust_list resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5843 [pid 5824] newfstatat(3, "", [pid 5843] chdir("./2" [pid 5828] newfstatat(AT_FDCWD, "./1/file1", [pid 5826] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] getdents64(3, [pid 5843] <... chdir resumed>) = 0 [pid 5828] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5843] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] unlink("./1/binderfs" [pid 5824] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5843] <... prctl resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... unlink resumed>) = 0 [pid 5826] getdents64(3, [pid 5843] setpgid(0, 0 [pid 5828] <... openat resumed>) = 4 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5843] <... setpgid resumed>) = 0 [ 93.797298][ T37] audit: type=1800 audit(1753942224.730:11): pid=5841 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5828] newfstatat(4, "", [pid 5843] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./1" [pid 5843] <... openat resumed>) = 3 [pid 5828] getdents64(4, [pid 5827] <... umount2 resumed>) = 0 [pid 5843] write(3, "1000", 4 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5843] <... write resumed>) = 4 [pid 5828] getdents64(4, [pid 5827] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5843] close(3 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5843] <... close resumed>) = 0 [pid 5828] close(4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... rmdir resumed>) = 0 [pid 5843] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... close resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./1/file1", [pid 5826] mkdir("./2", 0777 [pid 5843] <... symlink resumed>) = 0 [pid 5828] rmdir("./1/file1" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... umount2 resumed>) = 0 executing program [pid 5843] write(1, "executing program\n", 18 [pid 5828] <... rmdir resumed>) = 0 [pid 5827] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5843] <... write resumed>) = 18 [pid 5824] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5843] memfd_create("syzkaller", 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... mkdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./1/file1", [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5827] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... ioctl resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5827] <... openat resumed>) = 4 [pid 5826] close(3 [pid 5824] umount2("./1/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5843] <... memfd_create resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] newfstatat(4, "", [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] unlink("./1/binderfs" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] openat(AT_FDCWD, "./1/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5843] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] <... unlink resumed>) = 0 [pid 5827] getdents64(4, [pid 5824] <... openat resumed>) = 4 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] newfstatat(4, "", [pid 5828] getdents64(3, [pid 5827] getdents64(4, [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5828] close(3 [pid 5827] rmdir("./1/file1" [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... close resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5824] getdents64(4, [pid 5827] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] <... close resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5844 attached [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./1/binderfs" [pid 5844] set_robust_list(0x55558eab2660, 24 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5844 [pid 5844] <... set_robust_list resumed>) = 0 [pid 5828] rmdir("./1" [pid 5827] <... unlink resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(3, [pid 5844] chdir("./2" [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] getdents64(4, [pid 5844] <... chdir resumed>) = 0 [pid 5827] close(3) = 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5844] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] rmdir("./1" [pid 5828] mkdir("./2", 0777 [pid 5824] close(4 [pid 5844] <... prctl resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5827] mkdir("./2", 0777 [pid 5824] rmdir("./1/file1" [pid 5827] <... mkdir resumed>) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5844] setpgid(0, 0) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5824] umount2("./1/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5844] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... ioctl resumed>) = 0 [pid 5824] unlink("./1/binderfs" [pid 5844] <... openat resumed>) = 3 [pid 5828] close(3 [pid 5827] <... openat resumed>) = 3 [pid 5824] <... unlink resumed>) = 0 [pid 5844] write(3, "1000", 4 [pid 5824] getdents64(3, [pid 5844] <... write resumed>) = 4 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5844] close(3 [pid 5827] <... ioctl resumed>) = 0 [pid 5824] close(3 [pid 5844] <... close resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5844] symlink("/dev/binderfs", "./binderfs" [pid 5827] close(3 [pid 5824] rmdir("./1" [pid 5844] <... symlink resumed>) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5824] mkdir("./2", 0777executing program ) = 0 [pid 5844] write(1, "executing program\n", 18 [pid 5843] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5844] <... write resumed>) = 18 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5828] <... close resumed>) = 0 [pid 5824] <... ioctl resumed>) = 0 [pid 5844] memfd_create("syzkaller", 0 [pid 5824] close(3 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5844] <... memfd_create resumed>) = 3 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5845 ./strace-static-x86_64: Process 5845 attached [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5845] set_robust_list(0x55558eab2660, 24 [pid 5844] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5843] <... write resumed>) = 2097152 [pid 5827] <... close resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5845] <... set_robust_list resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5845] chdir("./2") = 0 [pid 5845] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5846 attached [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5846 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5843] munmap(0x7fde7cbdc000, 138412032 [pid 5846] set_robust_list(0x55558eab2660, 24 [pid 5845] <... prctl resumed>) = 0 [pid 5846] <... set_robust_list resumed>) = 0 [pid 5845] setpgid(0, 0 [pid 5846] chdir("./2") = 0 [pid 5845] <... setpgid resumed>) = 0 [pid 5846] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5845] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5846] <... prctl resumed>) = 0 [pid 5845] <... openat resumed>) = 3 [pid 5846] setpgid(0, 0 [pid 5845] write(3, "1000", 4 [pid 5846] <... setpgid resumed>) = 0 [pid 5845] <... write resumed>) = 4 [pid 5846] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5845] close(3executing program [pid 5846] <... openat resumed>) = 3 [pid 5845] <... close resumed>) = 0 [pid 5843] <... munmap resumed>) = 0 ./strace-static-x86_64: Process 5847 attached [pid 5846] write(3, "1000", 4 [pid 5845] symlink("/dev/binderfs", "./binderfs" [pid 5846] <... write resumed>) = 4 [pid 5845] <... symlink resumed>) = 0 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5847 [pid 5843] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5846] close(3 [pid 5845] write(1, "executing program\n", 18 [pid 5846] <... close resumed>) = 0 [pid 5845] <... write resumed>) = 18 [pid 5843] <... openat resumed>) = 4 [pid 5846] symlink("/dev/binderfs", "./binderfs" [pid 5843] ioctl(4, LOOP_SET_FD, 3executing program [pid 5847] set_robust_list(0x55558eab2660, 24 [pid 5846] <... symlink resumed>) = 0 [pid 5845] memfd_create("syzkaller", 0 [pid 5847] <... set_robust_list resumed>) = 0 [pid 5846] write(1, "executing program\n", 18 [pid 5845] <... memfd_create resumed>) = 3 [pid 5843] <... ioctl resumed>) = 0 [pid 5847] chdir("./2" [pid 5846] <... write resumed>) = 18 [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5843] close(3 [pid 5847] <... chdir resumed>) = 0 [pid 5846] memfd_create("syzkaller", 0 [pid 5845] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5843] <... close resumed>) = 0 [pid 5847] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5843] close(4 [pid 5847] <... prctl resumed>) = 0 [pid 5847] setpgid(0, 0) = 0 [pid 5847] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5843] <... close resumed>) = 0 [pid 5843] mkdir("./file1", 0777 [pid 5847] <... openat resumed>) = 3 [pid 5843] <... mkdir resumed>) = 0 [pid 5846] <... memfd_create resumed>) = 3 [pid 5846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5847] write(3, "1000", 4 [pid 5843] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5847] <... write resumed>) = 4 [ 94.061447][ T5843] loop1: detected capacity change from 0 to 4096 [pid 5847] close(3) = 0 [pid 5844] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5847] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5847] write(1, "executing program\n", 18) = 18 [pid 5847] memfd_create("syzkaller", 0) = 3 [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 94.116243][ T5843] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5846] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5845] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5846] <... write resumed>) = 2097152 [pid 5846] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5846] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5846] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5846] close(3) = 0 [pid 5846] close(4) = 0 [pid 5846] mkdir("./file1", 0777) = 0 [pid 5846] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5844] <... write resumed>) = 2097152 [ 94.220783][ T5846] loop3: detected capacity change from 0 to 4096 [ 94.266253][ T5846] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5847] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5845] <... write resumed>) = 2097152 [pid 5844] munmap(0x7fde7cbdc000, 138412032 [pid 5845] munmap(0x7fde7cbdc000, 138412032 [pid 5843] <... mount resumed>) = 0 [pid 5845] <... munmap resumed>) = 0 [pid 5843] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5845] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5844] <... munmap resumed>) = 0 [pid 5845] <... openat resumed>) = 4 [pid 5845] ioctl(4, LOOP_SET_FD, 3 [pid 5843] <... openat resumed>) = 3 [pid 5845] <... ioctl resumed>) = 0 [pid 5843] chdir("./file1") = 0 [pid 5845] close(3) = 0 [pid 5843] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5845] close(4) = 0 [pid 5843] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5845] mkdir("./file1", 0777 [pid 5843] unlink("./file0/file0" [pid 5845] <... mkdir resumed>) = 0 [ 94.305822][ T5843] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 94.327315][ T5845] loop4: detected capacity change from 0 to 4096 [ 94.340910][ T5843] ntfs3(loop1): ino=1b, mi_enum_attr [pid 5845] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5844] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5843] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5844] <... openat resumed>) = 4 [pid 5843] memfd_create("syzkaller", 0 [pid 5844] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5844] close(3) = 0 [pid 5844] close(4 [pid 5843] <... memfd_create resumed>) = 4 [pid 5844] <... close resumed>) = 0 [pid 5843] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] mkdir("./file1", 0777 [pid 5843] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5847] <... write resumed>) = 2097152 [pid 5846] <... mount resumed>) = 0 [pid 5844] <... mkdir resumed>) = 0 [ 94.340939][ T5843] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 94.377263][ T5845] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 94.394886][ T5844] loop2: detected capacity change from 0 to 4096 [pid 5844] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5847] munmap(0x7fde7cbdc000, 138412032 [pid 5846] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5847] <... munmap resumed>) = 0 [pid 5846] <... openat resumed>) = 3 [pid 5846] chdir("./file1") = 0 [pid 5846] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5846] unlink("./file0/file0" [pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5847] ioctl(4, LOOP_SET_FD, 3) = 0 [ 94.419065][ T5846] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 94.433518][ T5844] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [pid 5847] close(3) = 0 [pid 5846] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5847] close(4) = 0 [pid 5846] memfd_create("syzkaller", 0 [pid 5847] mkdir("./file1", 0777) = 0 [pid 5847] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5846] <... memfd_create resumed>) = 4 [ 94.468252][ T5846] ntfs3(loop3): ino=1b, mi_enum_attr [ 94.468278][ T5846] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 94.474641][ T5847] loop0: detected capacity change from 0 to 4096 [pid 5846] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5845] <... mount resumed>) = 0 [ 94.521517][ T5847] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5845] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5845] chdir("./file1") = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5845] unlink("./file0/file0" [ 94.568608][ T5845] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5843] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5845] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5845] memfd_create("syzkaller", 0 [pid 5844] <... mount resumed>) = 0 [pid 5845] <... memfd_create resumed>) = 4 [pid 5844] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5844] chdir("./file1") = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5845] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5844] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5846] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5845] <... mmap resumed>) = 0x7fde7cbdc000 [ 94.633997][ T5845] ntfs3(loop4): ino=1b, mi_enum_attr [ 94.634028][ T5845] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 94.635155][ T5844] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5844] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5844] memfd_create("syzkaller", 0 [pid 5847] <... mount resumed>) = 0 [pid 5844] <... memfd_create resumed>) = 4 [pid 5847] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [ 94.693808][ T5844] ntfs3(loop2): ino=1b, mi_enum_attr [ 94.693840][ T5844] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5844] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5847] <... openat resumed>) = 3 [pid 5844] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5847] chdir("./file1") = 0 [pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5847] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5847] memfd_create("syzkaller", 0) = 4 [pid 5843] <... write resumed>) = 2097152 [pid 5847] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5843] munmap(0x7fde7cbdc000, 138412032 [ 94.740305][ T5847] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 94.769006][ T5847] ntfs3(loop0): ino=1b, mi_enum_attr [ 94.769035][ T5847] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5845] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5843] <... munmap resumed>) = 0 [pid 5845] <... write resumed>) = 2097152 [pid 5845] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5845] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5845] close(4 [pid 5843] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5843] close(4 [pid 5844] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5847] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5846] <... write resumed>) = 2097152 [pid 5845] <... close resumed>) = 0 [pid 5843] <... close resumed>) = 0 [pid 5846] munmap(0x7fde7cbdc000, 138412032 [pid 5845] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5845] exit_group(0) = ? [pid 5846] <... munmap resumed>) = 0 [pid 5845] +++ exited with 0 +++ [pid 5843] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5846] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5844] <... write resumed>) = 2097152 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5845, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5846] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] munmap(0x7fde7cbdc000, 138412032 [pid 5846] close(4 [pid 5844] <... munmap resumed>) = 0 [pid 5843] <... open resumed>) = 4 [pid 5828] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5843] exit_group(0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5843] <... exit_group resumed>) = ? [pid 5843] +++ exited with 0 +++ [pid 5847] <... write resumed>) = 2097152 [pid 5846] <... close resumed>) = 0 [pid 5844] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5843, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=12 /* 0.12 s */} --- [pid 5847] munmap(0x7fde7cbdc000, 138412032 [pid 5846] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5844] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5844] close(4 [pid 5828] <... umount2 resumed>) = 0 [pid 5825] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5846] <... open resumed>) = 4 [pid 5828] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5847] <... munmap resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./2/file1", [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5847] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5847] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5846] exit_group(0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5847] close(4 [pid 5828] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5846] <... exit_group resumed>) = ? [pid 5844] <... close resumed>) = 0 [pid 5846] +++ exited with 0 +++ [pid 5844] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... openat resumed>) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5846, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=10 /* 0.10 s */} --- [pid 5828] getdents64(4, [pid 5827] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(3, [pid 5828] getdents64(4, [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5847] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] close(4 [pid 5847] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... close resumed>) = 0 [pid 5844] <... open resumed>) = 4 [pid 5828] rmdir("./2/file1" [pid 5825] <... umount2 resumed>) = 0 [pid 5847] <... open resumed>) = 4 [pid 5844] exit_group(0 [pid 5828] <... rmdir resumed>) = 0 [pid 5847] exit_group(0 [pid 5844] <... exit_group resumed>) = ? [pid 5828] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5847] <... exit_group resumed>) = ? [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5844] +++ exited with 0 +++ [pid 5828] unlink("./2/binderfs" [pid 5825] newfstatat(AT_FDCWD, "./2/file1", [pid 5847] +++ exited with 0 +++ [pid 5828] <... unlink resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5844, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] getdents64(3, [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5825] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5847, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5828] close(3 [pid 5825] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... close resumed>) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5828] rmdir("./2" [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] getdents64(4, [pid 5824] <... restart_syscall resumed>) = 0 [pid 5828] mkdir("./3", 0777) = 0 [pid 5826] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] umount2("./2", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(4, [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5825] close(4 [pid 5824] <... openat resumed>) = 3 [pid 5827] <... umount2 resumed>) = 0 [pid 5826] newfstatat(3, "", [pid 5825] <... close resumed>) = 0 [pid 5824] newfstatat(3, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] rmdir("./2/file1" [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5827] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 5824] getdents64(3, [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] <... rmdir resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] <... ioctl resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./2/file1", [pid 5826] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] unlink("./2/binderfs" [pid 5827] <... openat resumed>) = 4 [pid 5827] newfstatat(4, "", [pid 5825] <... unlink resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, [pid 5827] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./2/file1") = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./2" [pid 5827] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./2/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5825] mkdir("./3", 0777 [pid 5827] unlink("./2/binderfs") = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] <... close resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5827] rmdir("./2" [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5827] <... rmdir resumed>) = 0 [pid 5825] <... ioctl resumed>) = 0 [pid 5827] mkdir("./3", 0777 [pid 5825] close(3 [pid 5827] <... mkdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5848 attached [pid 5826] <... umount2 resumed>) = 0 [pid 5848] set_robust_list(0x55558eab2660, 24 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5848 [pid 5827] <... close resumed>) = 0 [pid 5826] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... close resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 [pid 5848] <... set_robust_list resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5849 attached [pid 5826] newfstatat(AT_FDCWD, "./2/file1", [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] newfstatat(AT_FDCWD, "./2/file1", [pid 5826] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5849] set_robust_list(0x55558eab2660, 24 [pid 5826] newfstatat(4, "", [pid 5824] umount2("./2/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5849] <... set_robust_list resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5849 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5849] chdir("./3" [pid 5848] chdir("./3" [pid 5826] getdents64(4, [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5848] <... chdir resumed>) = 0 [pid 5849] <... chdir resumed>) = 0 [pid 5848] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] openat(AT_FDCWD, "./2/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5848] <... prctl resumed>) = 0 [pid 5849] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] getdents64(4, [pid 5824] <... openat resumed>) = 4 [pid 5848] setpgid(0, 0 [pid 5849] <... prctl resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] newfstatat(4, "", [pid 5849] setpgid(0, 0 [pid 5826] close(4 [pid 5849] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5850 attached [pid 5826] <... close resumed>) = 0 [pid 5849] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5848] <... setpgid resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] rmdir("./2/file1" [pid 5850] set_robust_list(0x55558eab2660, 24 [pid 5849] <... openat resumed>) = 3 [pid 5848] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5850 [pid 5824] getdents64(4, [pid 5850] <... set_robust_list resumed>) = 0 [pid 5849] write(3, "1000", 4 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5850] chdir("./3" [pid 5849] <... write resumed>) = 4 [pid 5848] <... openat resumed>) = 3 [pid 5824] getdents64(4, [pid 5850] <... chdir resumed>) = 0 [pid 5849] close(3 [pid 5848] write(3, "1000", 4 [pid 5826] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5850] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5849] <... close resumed>) = 0 [pid 5848] <... write resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] close(4 [pid 5850] <... prctl resumed>) = 0 [pid 5849] symlink("/dev/binderfs", "./binderfs" [pid 5848] close(3 [pid 5824] <... close resumed>) = 0 [pid 5850] setpgid(0, 0 [pid 5826] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5848] <... close resumed>) = 0 [pid 5824] rmdir("./2/file1" [pid 5850] <... setpgid resumed>) = 0 [pid 5849] <... symlink resumed>) = 0 [pid 5848] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5850] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5849] write(1, "executing program\n", 18executing program [pid 5848] <... symlink resumed>) = 0 [pid 5826] unlink("./2/binderfs"executing program [pid 5824] <... rmdir resumed>) = 0 [pid 5850] <... openat resumed>) = 3 [pid 5849] <... write resumed>) = 18 [pid 5848] write(1, "executing program\n", 18 [pid 5824] umount2("./2/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5850] write(3, "1000", 4 [pid 5848] <... write resumed>) = 18 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5850] <... write resumed>) = 4 [pid 5849] memfd_create("syzkaller", 0 [pid 5848] memfd_create("syzkaller", 0 [pid 5826] <... unlink resumed>) = 0 [pid 5824] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5850] close(3) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5850] symlink("/dev/binderfs", "./binderfs" [pid 5824] unlink("./2/binderfs" [pid 5850] <... symlink resumed>) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3executing program [pid 5850] write(1, "executing program\n", 18 [pid 5848] <... memfd_create resumed>) = 3 [pid 5824] <... unlink resumed>) = 0 [pid 5850] <... write resumed>) = 18 [pid 5849] <... memfd_create resumed>) = 3 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] <... close resumed>) = 0 [pid 5824] getdents64(3, [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5848] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] rmdir("./2" [pid 5850] memfd_create("syzkaller", 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5824] close(3 [pid 5850] <... memfd_create resumed>) = 3 [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] mkdir("./3", 0777 [pid 5824] <... close resumed>) = 0 [pid 5824] rmdir("./2" [pid 5850] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] <... mkdir resumed>) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] mkdir("./3", 0777 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5826] close(3 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5849] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5848] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] <... ioctl resumed>) = 0 [pid 5824] close(3 [pid 5826] <... close resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5851 attached [pid 5851] set_robust_list(0x55558eab2660, 24 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5851 [pid 5851] <... set_robust_list resumed>) = 0 [pid 5851] chdir("./3" [pid 5850] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5851] <... chdir resumed>) = 0 [pid 5851] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5851] setpgid(0, 0) = 0 [pid 5851] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5851] write(3, "1000", 4) = 4 [pid 5851] close(3) = 0 [pid 5851] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5851] write(1, "executing program\n", 18) = 18 [pid 5851] memfd_create("syzkaller", 0) = 3 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... close resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5851] <... mmap resumed>) = 0x7fde7cbdc000 ./strace-static-x86_64: Process 5852 attached [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5852 [pid 5852] set_robust_list(0x55558eab2660, 24) = 0 [pid 5852] chdir("./3") = 0 [pid 5852] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5852] setpgid(0, 0 [pid 5849] <... write resumed>) = 2097152 [pid 5852] <... setpgid resumed>) = 0 [pid 5852] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5849] munmap(0x7fde7cbdc000, 138412032 [pid 5852] <... openat resumed>) = 3 [pid 5849] <... munmap resumed>) = 0 [pid 5848] <... write resumed>) = 2097152 [pid 5852] write(3, "1000", 4) = 4 [pid 5852] close(3) = 0 [pid 5848] munmap(0x7fde7cbdc000, 138412032 [pid 5852] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5852] write(1, "executing program\n", 18executing program ) = 18 [pid 5850] <... write resumed>) = 2097152 [pid 5849] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5849] ioctl(4, LOOP_SET_FD, 3 [pid 5852] memfd_create("syzkaller", 0 [pid 5850] munmap(0x7fde7cbdc000, 138412032 [pid 5849] <... ioctl resumed>) = 0 [pid 5848] <... munmap resumed>) = 0 [pid 5849] close(3 [pid 5848] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5849] <... close resumed>) = 0 [pid 5848] <... openat resumed>) = 4 [pid 5852] <... memfd_create resumed>) = 3 [pid 5850] <... munmap resumed>) = 0 [pid 5849] close(4 [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5849] <... close resumed>) = 0 [pid 5848] ioctl(4, LOOP_SET_FD, 3 [pid 5849] mkdir("./file1", 0777 [pid 5852] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5849] <... mkdir resumed>) = 0 [pid 5848] <... ioctl resumed>) = 0 [pid 5849] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5851] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5848] close(3 [pid 5850] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5848] <... close resumed>) = 0 [pid 5850] <... openat resumed>) = 4 [pid 5848] close(4 [pid 5852] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5848] <... close resumed>) = 0 [pid 5850] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5850] close(3) = 0 [pid 5848] mkdir("./file1", 0777 [pid 5850] close(4) = 0 [pid 5850] mkdir("./file1", 0777 [pid 5848] <... mkdir resumed>) = 0 [ 95.490192][ T5849] loop3: detected capacity change from 0 to 4096 [ 95.509367][ T5848] loop4: detected capacity change from 0 to 4096 [ 95.514636][ T5849] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5850] <... mkdir resumed>) = 0 [pid 5848] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5850] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5851] <... write resumed>) = 2097152 [pid 5852] <... write resumed>) = 2097152 [ 95.566065][ T5850] loop1: detected capacity change from 0 to 4096 [ 95.578676][ T5848] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 95.579034][ T5850] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5851] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5852] munmap(0x7fde7cbdc000, 138412032 [pid 5849] <... mount resumed>) = 0 [pid 5849] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5852] <... munmap resumed>) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5849] <... openat resumed>) = 3 [pid 5852] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5851] <... openat resumed>) = 4 [pid 5849] chdir("./file1") = 0 [pid 5852] <... openat resumed>) = 4 [pid 5851] ioctl(4, LOOP_SET_FD, 3 [pid 5849] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5851] <... ioctl resumed>) = 0 [pid 5849] unlink("./file0/file0" [pid 5851] close(3) = 0 [pid 5850] <... mount resumed>) = 0 [pid 5852] ioctl(4, LOOP_SET_FD, 3 [pid 5851] close(4 [pid 5849] <... unlink resumed>) = -1 EINVAL (Invalid argument) [ 95.664606][ T5849] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 95.693514][ T5851] loop2: detected capacity change from 0 to 4096 [ 95.701782][ T5850] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5850] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5850] chdir("./file1") = 0 [pid 5850] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5850] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5850] memfd_create("syzkaller", 0 [pid 5848] <... mount resumed>) = 0 [pid 5850] <... memfd_create resumed>) = 4 [pid 5848] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5850] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5848] <... openat resumed>) = 3 [pid 5850] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5848] chdir("./file1" [pid 5849] memfd_create("syzkaller", 0 [pid 5848] <... chdir resumed>) = 0 [pid 5852] <... ioctl resumed>) = 0 [pid 5851] <... close resumed>) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5848] unlink("./file0/file0" [pid 5852] close(3 [pid 5851] mkdir("./file1", 0777 [pid 5852] <... close resumed>) = 0 [pid 5851] <... mkdir resumed>) = 0 [pid 5852] close(4 [pid 5848] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5852] <... close resumed>) = 0 [pid 5851] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5849] <... memfd_create resumed>) = 4 [pid 5852] mkdir("./file1", 0777 [ 95.712033][ T5849] ntfs3(loop3): ino=1b, mi_enum_attr [ 95.712063][ T5849] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 95.717375][ T5852] loop0: detected capacity change from 0 to 4096 [ 95.731839][ T5850] ntfs3(loop1): ino=1b, mi_enum_attr [ 95.731866][ T5850] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 95.741125][ T5848] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5849] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5852] <... mkdir resumed>) = 0 [pid 5849] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5848] memfd_create("syzkaller", 0) = 4 [pid 5848] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 95.769576][ T5848] ntfs3(loop4): ino=1b, mi_enum_attr [ 95.769604][ T5848] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 95.791953][ T5851] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 95.814605][ T5852] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5852] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5850] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5848] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5852] <... mount resumed>) = 0 [pid 5852] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5852] chdir("./file1") = 0 [pid 5852] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5851] <... mount resumed>) = 0 [pid 5852] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5851] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5849] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5852] unlink("./file0/file0" [pid 5851] <... openat resumed>) = 3 [ 95.964419][ T5852] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 95.988714][ T5851] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5851] chdir("./file1" [pid 5852] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5851] <... chdir resumed>) = 0 [pid 5851] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5851] unlink("./file0/file0" [pid 5852] memfd_create("syzkaller", 0 [pid 5851] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5852] <... memfd_create resumed>) = 4 [pid 5851] memfd_create("syzkaller", 0 [pid 5852] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5851] <... memfd_create resumed>) = 4 [pid 5849] <... write resumed>) = 2097152 [pid 5848] <... write resumed>) = 2097152 [pid 5851] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5849] munmap(0x7fde7cbdc000, 138412032 [pid 5851] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5849] <... munmap resumed>) = 0 [ 96.009556][ T5852] ntfs3(loop0): ino=1b, mi_enum_attr [ 96.009584][ T5852] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 96.039825][ T5851] ntfs3(loop2): ino=1b, mi_enum_attr [ 96.039855][ T5851] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5849] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5848] munmap(0x7fde7cbdc000, 138412032 [pid 5850] <... write resumed>) = 2097152 [pid 5849] close(4 [pid 5848] <... munmap resumed>) = 0 [pid 5850] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5849] <... close resumed>) = 0 [pid 5848] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5852] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5850] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5849] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5850] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5848] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5850] close(4 [pid 5848] close(4 [pid 5851] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5849] <... open resumed>) = 4 [pid 5849] exit_group(0) = ? [pid 5850] <... close resumed>) = 0 [pid 5849] +++ exited with 0 +++ [pid 5848] <... close resumed>) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5849, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5850] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5848] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5850] <... open resumed>) = 4 [pid 5848] <... open resumed>) = 4 [pid 5827] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5851] <... write resumed>) = 2097152 [pid 5848] exit_group(0 [pid 5827] <... openat resumed>) = 3 [pid 5848] <... exit_group resumed>) = ? [pid 5827] newfstatat(3, "", [pid 5851] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5850] exit_group(0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5851] <... munmap resumed>) = 0 [pid 5850] <... exit_group resumed>) = ? [pid 5851] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5850] +++ exited with 0 +++ [pid 5848] +++ exited with 0 +++ [pid 5852] <... write resumed>) = 2097152 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5848, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5850, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=16 /* 0.16 s */} --- [pid 5851] close(4 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5825] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5852] munmap(0x7fde7cbdc000, 138412032 [pid 5825] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", [pid 5828] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5828] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] <... openat resumed>) = 3 [pid 5825] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5851] <... close resumed>) = 0 [pid 5852] <... munmap resumed>) = 0 [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./3/file1", [pid 5852] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5851] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... umount2 resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 5827] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5851] <... open resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] newfstatat(AT_FDCWD, "./3/file1", [pid 5852] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5851] exit_group(0 [pid 5828] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 4 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5852] close(4 [pid 5851] <... exit_group resumed>) = ? [pid 5827] newfstatat(4, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(4, [pid 5825] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... openat resumed>) = 4 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] newfstatat(4, "", [pid 5827] close(4 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... close resumed>) = 0 [pid 5825] getdents64(4, [pid 5852] <... close resumed>) = 0 [pid 5851] +++ exited with 0 +++ [pid 5828] newfstatat(AT_FDCWD, "./3/file1", [pid 5827] rmdir("./3/file1" [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5852] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5851, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=4 /* 0.04 s */} --- [pid 5828] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(4, [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... rmdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] close(4 [pid 5828] <... openat resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(4, "", [pid 5852] <... open resumed>) = 4 [pid 5827] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5826] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5828] getdents64(4, [pid 5852] exit_group(0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(3, "", [pid 5825] rmdir("./3/file1" [pid 5852] <... exit_group resumed>) = ? [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5852] +++ exited with 0 +++ [pid 5827] unlink("./3/binderfs" [pid 5826] getdents64(3, [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5852, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5828] close(4 [pid 5826] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] getdents64(3, [pid 5825] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5828] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5828] rmdir("./3/file1" [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... close resumed>) = 0 [pid 5825] unlink("./3/binderfs" [pid 5827] rmdir("./3" [pid 5828] <... rmdir resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5828] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] mkdir("./4", 0777 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5824] umount2("./3", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... mkdir resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./3/binderfs") = 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5825] close(3 [pid 5824] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... ioctl resumed>) = 0 [pid 5828] getdents64(3, [pid 5826] <... umount2 resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5826] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] rmdir("./3" [pid 5824] newfstatat(3, "", [pid 5828] close(3) = 0 [pid 5828] rmdir("./3") = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] mkdir("./4", 0777 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] mkdir("./4", 0777 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./3/file1", [pid 5825] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] <... openat resumed>) = 3 [pid 5828] <... ioctl resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5828] close(3 [pid 5826] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... ioctl resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] close(3 [pid 5826] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5853 attached [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5853 [pid 5826] newfstatat(4, "", [pid 5853] set_robust_list(0x55558eab2660, 24) = 0 [pid 5853] chdir("./4" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5853] <... chdir resumed>) = 0 [pid 5853] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] getdents64(4, [pid 5853] <... prctl resumed>) = 0 [pid 5853] setpgid(0, 0) = 0 [pid 5853] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5853] write(3, "1000", 4) = 4 [pid 5853] close(3 [pid 5826] getdents64(4, [pid 5824] <... umount2 resumed>) = 0 [pid 5853] <... close resumed>) = 0 [pid 5853] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 executing program [pid 5853] <... symlink resumed>) = 0 [pid 5826] close(4 [pid 5853] write(1, "executing program\n", 18) = 18 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./3/file1" [pid 5824] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5853] memfd_create("syzkaller", 0 [pid 5826] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5853] <... memfd_create resumed>) = 3 [pid 5824] newfstatat(AT_FDCWD, "./3/file1", [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5853] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5824] umount2("./3/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./3/binderfs"./strace-static-x86_64: Process 5854 attached ) = 0 [pid 5824] openat(AT_FDCWD, "./3/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5854] set_robust_list(0x55558eab2660, 24 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5854 [pid 5826] getdents64(3, [pid 5825] <... close resumed>) = 0 [pid 5824] <... openat resumed>) = 4 [pid 5854] <... set_robust_list resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] newfstatat(4, "", [pid 5854] chdir("./4" [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] close(3 [pid 5854] <... chdir resumed>) = 0 [pid 5824] close(4) = 0 [pid 5824] rmdir("./3/file1"./strace-static-x86_64: Process 5855 attached [pid 5854] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... close resumed>) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5826] rmdir("./3" [pid 5854] <... prctl resumed>) = 0 [pid 5824] umount2("./3/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5854] setpgid(0, 0 [pid 5855] set_robust_list(0x55558eab2660, 24 [pid 5854] <... setpgid resumed>) = 0 [pid 5824] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5855] <... set_robust_list resumed>) = 0 [pid 5854] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5855] chdir("./4" [pid 5854] <... openat resumed>) = 3 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5855 [pid 5824] unlink("./3/binderfs" [pid 5854] write(3, "1000", 4) = 4 [pid 5824] <... unlink resumed>) = 0 [pid 5854] close(3 [pid 5824] getdents64(3, [pid 5855] <... chdir resumed>) = 0 [pid 5854] <... close resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3) = 0 [pid 5824] rmdir("./3" [pid 5855] prctl(PR_SET_PDEATHSIG, SIGKILLexecuting program [pid 5854] symlink("/dev/binderfs", "./binderfs" [pid 5824] <... rmdir resumed>) = 0 [pid 5855] <... prctl resumed>) = 0 [pid 5853] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5854] <... symlink resumed>) = 0 [pid 5826] mkdir("./4", 0777 [pid 5855] setpgid(0, 0 [pid 5824] mkdir("./4", 0777 [pid 5855] <... setpgid resumed>) = 0 [pid 5854] write(1, "executing program\n", 18 [pid 5826] <... mkdir resumed>) = 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5855] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5854] <... write resumed>) = 18 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5855] write(3, "1000", 4 [pid 5824] <... openat resumed>) = 3 [pid 5855] <... write resumed>) = 4 [pid 5854] memfd_create("syzkaller", 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5855] close(3) = 0 [pid 5824] ioctl(3, LOOP_CLR_FD) = 0 [pid 5855] symlink("/dev/binderfs", "./binderfs" [pid 5824] close(3 [pid 5855] <... symlink resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5855] write(1, "executing program\n", 18 [pid 5826] ioctl(3, LOOP_CLR_FDexecuting program [pid 5855] <... write resumed>) = 18 [pid 5854] <... memfd_create resumed>) = 3 [pid 5826] <... ioctl resumed>) = 0 [pid 5855] memfd_create("syzkaller", 0) = 3 [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] close(3 [pid 5854] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5824] <... close resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558eab2650) = 5856 ./strace-static-x86_64: Process 5856 attached [pid 5856] set_robust_list(0x55558eab2660, 24) = 0 [pid 5856] chdir("./4") = 0 [pid 5856] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5856] setpgid(0, 0) = 0 [pid 5856] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5853] <... write resumed>) = 2097152 [pid 5853] munmap(0x7fde7cbdc000, 138412032 [pid 5856] write(3, "1000", 4) = 4 [pid 5855] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5856] close(3) = 0 [pid 5856] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5853] <... munmap resumed>) = 0 executing program [pid 5856] write(1, "executing program\n", 18) = 18 [pid 5856] memfd_create("syzkaller", 0 [pid 5853] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5856] <... memfd_create resumed>) = 3 [pid 5853] <... openat resumed>) = 4 [pid 5826] <... close resumed>) = 0 [pid 5853] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5853] close(3) = 0 [pid 5853] close(4) = 0 [pid 5853] mkdir("./file1", 0777) = 0 [pid 5853] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5855] <... write resumed>) = 2097152 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5855] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5857 ./strace-static-x86_64: Process 5857 attached [pid 5857] set_robust_list(0x55558eab2660, 24) = 0 [pid 5857] chdir("./4") = 0 [ 96.660027][ T5853] loop3: detected capacity change from 0 to 4096 [ 96.673595][ T5853] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5855] <... munmap resumed>) = 0 [pid 5854] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5857] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5857] setpgid(0, 0) = 0 [pid 5857] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5855] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5857] <... openat resumed>) = 3 [pid 5855] <... openat resumed>) = 4 [pid 5857] write(3, "1000", 4 [pid 5855] ioctl(4, LOOP_SET_FD, 3 [pid 5857] <... write resumed>) = 4 [pid 5856] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5857] close(3executing program ) = 0 [pid 5855] <... ioctl resumed>) = 0 [pid 5857] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5855] close(3 [pid 5857] write(1, "executing program\n", 18 [pid 5855] <... close resumed>) = 0 [pid 5857] <... write resumed>) = 18 [pid 5853] <... mount resumed>) = 0 [pid 5857] memfd_create("syzkaller", 0 [pid 5855] close(4 [pid 5853] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5857] <... memfd_create resumed>) = 3 [pid 5855] <... close resumed>) = 0 [pid 5854] <... write resumed>) = 2097152 [pid 5853] <... openat resumed>) = 3 [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 96.750380][ T5855] loop1: detected capacity change from 0 to 4096 [ 96.767129][ T5853] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5855] mkdir("./file1", 0777 [pid 5854] munmap(0x7fde7cbdc000, 138412032 [pid 5853] chdir("./file1" [pid 5857] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5856] <... write resumed>) = 2097152 [pid 5854] <... munmap resumed>) = 0 [pid 5853] <... chdir resumed>) = 0 [pid 5856] munmap(0x7fde7cbdc000, 138412032 [pid 5854] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5853] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5855] <... mkdir resumed>) = 0 [pid 5854] <... openat resumed>) = 4 [pid 5853] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5853] unlink("./file0/file0" [pid 5854] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5854] close(3 [pid 5855] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5853] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5853] memfd_create("syzkaller", 0) = 4 [pid 5854] <... close resumed>) = 0 [pid 5853] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5854] close(4 [pid 5853] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5854] <... close resumed>) = 0 [pid 5854] mkdir("./file1", 0777) = 0 [pid 5857] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5856] <... munmap resumed>) = 0 [pid 5854] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [ 96.824408][ T5854] loop4: detected capacity change from 0 to 4096 [ 96.826745][ T5853] ntfs3(loop3): ino=1b, mi_enum_attr [ 96.826771][ T5853] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 96.838019][ T5855] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5856] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5856] close(3) = 0 [pid 5857] <... write resumed>) = 2097152 [pid 5856] close(4 [pid 5857] munmap(0x7fde7cbdc000, 138412032 [pid 5856] <... close resumed>) = 0 [pid 5856] mkdir("./file1", 0777) = 0 [pid 5857] <... munmap resumed>) = 0 [pid 5856] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [ 96.877780][ T5854] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 96.903412][ T5856] loop0: detected capacity change from 0 to 4096 [pid 5857] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5857] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5857] close(3) = 0 [pid 5855] <... mount resumed>) = 0 [pid 5857] close(4 [pid 5855] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5857] <... close resumed>) = 0 [pid 5857] mkdir("./file1", 0777 [pid 5855] <... openat resumed>) = 3 [pid 5853] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5857] <... mkdir resumed>) = 0 [pid 5855] chdir("./file1" [ 96.946601][ T5856] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 96.963520][ T5857] loop2: detected capacity change from 0 to 4096 [ 96.967213][ T5855] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5857] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5855] <... chdir resumed>) = 0 [pid 5855] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5855] unlink("./file0/file0" [pid 5853] <... write resumed>) = 2097152 [ 97.010604][ T5857] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 97.054758][ T5855] ntfs3(loop1): ino=1b, mi_enum_attr [pid 5853] munmap(0x7fde7cbdc000, 138412032 [pid 5854] <... mount resumed>) = 0 [pid 5854] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5854] chdir("./file1") = 0 [pid 5854] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5853] <... munmap resumed>) = 0 [pid 5853] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5854] unlink("./file0/file0" [pid 5853] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5855] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5855] memfd_create("syzkaller", 0 [ 97.054787][ T5855] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 97.069827][ T5854] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5853] close(4 [pid 5855] <... memfd_create resumed>) = 4 [pid 5854] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5855] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5856] <... mount resumed>) = 0 [pid 5855] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5856] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5854] memfd_create("syzkaller", 0 [pid 5856] <... openat resumed>) = 3 [pid 5856] chdir("./file1") = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5854] <... memfd_create resumed>) = 4 [pid 5856] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5854] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5856] unlink("./file0/file0" [pid 5853] <... close resumed>) = 0 [ 97.106448][ T5854] ntfs3(loop4): ino=1b, mi_enum_attr [ 97.106478][ T5854] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 97.111032][ T5856] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5853] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5856] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5853] exit_group(0) = ? [pid 5856] memfd_create("syzkaller", 0) = 4 [pid 5856] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5853] +++ exited with 0 +++ [ 97.166155][ T5856] ntfs3(loop0): ino=1b, mi_enum_attr [ 97.166187][ T5856] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5854] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5853, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=16 /* 0.16 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5857] <... mount resumed>) = 0 [pid 5827] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5857] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5827] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5857] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 3 [pid 5857] chdir("./file1" [pid 5827] newfstatat(3, "", [pid 5857] <... chdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] getdents64(3, [pid 5857] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5857] unlink("./file0/file0" [pid 5827] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5854] <... write resumed>) = 2097152 [pid 5857] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5854] munmap(0x7fde7cbdc000, 138412032 [pid 5857] memfd_create("syzkaller", 0 [pid 5855] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5854] <... munmap resumed>) = 0 [pid 5856] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5854] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5857] <... memfd_create resumed>) = 4 [pid 5857] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 97.244565][ T5857] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 97.275813][ T5857] ntfs3(loop2): ino=1b, mi_enum_attr [ 97.275844][ T5857] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5854] close(4) = 0 [pid 5854] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5827] <... umount2 resumed>) = 0 [pid 5857] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5856] <... write resumed>) = 2097152 [pid 5854] exit_group(0 [pid 5827] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5854] <... exit_group resumed>) = ? [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5854] +++ exited with 0 +++ [pid 5827] newfstatat(AT_FDCWD, "./4/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5854, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=15 /* 0.15 s */} --- [pid 5827] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... restart_syscall resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [ 97.389258][ T37] kauditd_printk_skb: 11 callbacks suppressed [ 97.389275][ T37] audit: type=1800 audit(1753942228.320:23): pid=5854 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [pid 5827] newfstatat(4, "", [pid 5856] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5856] <... munmap resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] getdents64(4, [pid 5828] <... openat resumed>) = 3 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] newfstatat(3, "", [pid 5827] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] getdents64(3, [pid 5827] close(4 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] <... close resumed>) = 0 [pid 5828] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] rmdir("./4/file1") = 0 [pid 5827] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5856] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] unlink("./4/binderfs" [pid 5855] <... write resumed>) = 2097152 [pid 5855] munmap(0x7fde7cbdc000, 138412032 [pid 5856] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5855] <... munmap resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5856] close(4 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./4") = 0 [pid 5855] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] mkdir("./5", 0777 [pid 5856] <... close resumed>) = 0 [pid 5855] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... mkdir resumed>) = 0 [pid 5855] close(4 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5857] <... write resumed>) = 2097152 [pid 5856] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5856] exit_group(0) = ? [pid 5856] +++ exited with 0 +++ [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5856, si_uid=0, si_status=0, si_utime=0, si_stime=16 /* 0.16 s */} --- [pid 5857] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5824] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5855] <... close resumed>) = 0 [pid 5855] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] <... close resumed>) = 0 [pid 5857] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5858 attached [pid 5828] <... umount2 resumed>) = 0 [pid 5858] set_robust_list(0x55558eab2660, 24 [pid 5828] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5858 [pid 5858] <... set_robust_list resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5858] chdir("./5" [pid 5828] newfstatat(AT_FDCWD, "./4/file1", [pid 5857] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] <... openat resumed>) = 3 [pid 5824] newfstatat(3, "", [pid 5858] <... chdir resumed>) = 0 [pid 5857] close(4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5858] prctl(PR_SET_PDEATHSIG, SIGKILL [ 97.619141][ T37] audit: type=1800 audit(1753942228.560:24): pid=5856 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5828] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5858] <... prctl resumed>) = 0 [pid 5857] <... close resumed>) = 0 [pid 5855] <... open resumed>) = 4 [pid 5858] setpgid(0, 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] getdents64(3, [pid 5858] <... setpgid resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5858] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... openat resumed>) = 4 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5858] <... openat resumed>) = 3 [pid 5855] exit_group(0 [pid 5828] newfstatat(4, "", [pid 5858] write(3, "1000", 4 [pid 5855] <... exit_group resumed>) = ? [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5858] <... write resumed>) = 4 [pid 5855] +++ exited with 0 +++ [pid 5828] getdents64(4, [pid 5858] close(3 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 executing program [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5855, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5858] <... close resumed>) = 0 [pid 5857] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] getdents64(4, [pid 5858] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5858] <... symlink resumed>) = 0 [pid 5828] close(4 [pid 5858] write(1, "executing program\n", 18 [pid 5828] <... close resumed>) = 0 [pid 5858] <... write resumed>) = 18 [pid 5828] rmdir("./4/file1" [pid 5825] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... rmdir resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 3 [pid 5828] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5825] newfstatat(3, "", [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] unlink("./4/binderfs") = 0 [pid 5825] getdents64(3, [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] close(3 [pid 5825] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./4" [pid 5857] <... open resumed>) = 4 [pid 5858] memfd_create("syzkaller", 0 [pid 5857] exit_group(0 [pid 5828] <... rmdir resumed>) = 0 [pid 5858] <... memfd_create resumed>) = 3 [pid 5857] <... exit_group resumed>) = ? [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] mkdir("./5", 0777 [pid 5857] +++ exited with 0 +++ [pid 5828] <... mkdir resumed>) = 0 [ 97.696256][ T37] audit: type=1800 audit(1753942228.630:25): pid=5855 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5857, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5824] <... umount2 resumed>) = 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5824] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... restart_syscall resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] umount2("./4", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] newfstatat(AT_FDCWD, "./4/file1", [pid 5828] <... ioctl resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] close(3 [pid 5826] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5858] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5824] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [ 97.737831][ T37] audit: type=1800 audit(1753942228.670:26): pid=5857 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(4, "", [pid 5858] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... close resumed>) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] newfstatat(AT_FDCWD, "./4/file1", [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] getdents64(4, [pid 5825] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] getdents64(4, [pid 5825] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5824] close(4 [pid 5825] newfstatat(4, "", [pid 5824] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] rmdir("./4/file1" [pid 5825] getdents64(4, [pid 5824] <... rmdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] getdents64(4, [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] close(4 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... close resumed>) = 0 [pid 5824] unlink("./4/binderfs" [pid 5825] rmdir("./4/file1" [pid 5824] <... unlink resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3 [pid 5825] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... close resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] rmdir("./4" [pid 5825] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5824] <... rmdir resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5859 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5859 attached [pid 5824] mkdir("./5", 0777) = 0 [pid 5859] set_robust_list(0x55558eab2660, 24 [pid 5858] <... write resumed>) = 2097152 [pid 5825] unlink("./4/binderfs") = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5859] <... set_robust_list resumed>) = 0 [pid 5825] getdents64(3, [pid 5824] <... openat resumed>) = 3 [pid 5859] chdir("./5" [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5859] <... chdir resumed>) = 0 [pid 5858] munmap(0x7fde7cbdc000, 138412032 [pid 5825] close(3 [pid 5824] <... ioctl resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5824] close(3 [pid 5859] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] rmdir("./4" [pid 5824] <... close resumed>) = 0 [pid 5859] <... prctl resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5859] setpgid(0, 0 [pid 5825] mkdir("./5", 0777 [pid 5859] <... setpgid resumed>) = 0 [pid 5825] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5860 attached [pid 5859] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5858] <... munmap resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5859] <... openat resumed>) = 3 [pid 5825] <... openat resumed>) = 3 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5860 [pid 5859] write(3, "1000", 4 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5860] set_robust_list(0x55558eab2660, 24 [pid 5826] <... umount2 resumed>) = 0 [pid 5860] <... set_robust_list resumed>) = 0 [pid 5825] <... ioctl resumed>) = 0 [pid 5858] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5860] chdir("./5" [pid 5826] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] close(3 [pid 5859] <... write resumed>) = 4 [pid 5858] <... openat resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5860] <... chdir resumed>) = 0 [pid 5859] close(3 [pid 5858] ioctl(4, LOOP_SET_FD, 3 [pid 5860] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5859] <... close resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./4/file1", [pid 5860] <... prctl resumed>) = 0 [pid 5859] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5860] setpgid(0, 0 [pid 5859] <... symlink resumed>) = 0 [pid 5826] umount2("./4/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5860] <... setpgid resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5860] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5826] openat(AT_FDCWD, "./4/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5860] write(3, "1000", 4 [pid 5859] write(1, "executing program\n", 18 [pid 5826] <... openat resumed>) = 4 [pid 5858] <... ioctl resumed>) = 0 executing program [pid 5858] close(3 [pid 5860] <... write resumed>) = 4 [pid 5859] <... write resumed>) = 18 [pid 5826] newfstatat(4, "", [pid 5860] close(3 [pid 5859] memfd_create("syzkaller", 0 [pid 5858] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5860] <... close resumed>) = 0 [pid 5826] getdents64(4, [pid 5860] symlink("/dev/binderfs", "./binderfs"executing program [pid 5859] <... memfd_create resumed>) = 3 [pid 5858] close(4 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5860] <... symlink resumed>) = 0 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] getdents64(4, [pid 5860] write(1, "executing program\n", 18 [pid 5859] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5860] <... write resumed>) = 18 [pid 5858] <... close resumed>) = 0 [ 97.929420][ T5858] loop3: detected capacity change from 0 to 4096 [pid 5858] mkdir("./file1", 0777 [pid 5860] memfd_create("syzkaller", 0 [pid 5858] <... mkdir resumed>) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./4/file1" [pid 5858] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] <... rmdir resumed>) = 0 [pid 5826] umount2("./4/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5860] <... memfd_create resumed>) = 3 [pid 5826] unlink("./4/binderfs" [pid 5860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] <... unlink resumed>) = 0 [pid 5860] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... close resumed>) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./4") = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] mkdir("./5", 0777./strace-static-x86_64: Process 5861 attached [pid 5859] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] <... mkdir resumed>) = 0 [pid 5861] set_robust_list(0x55558eab2660, 24 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5861 [pid 5861] <... set_robust_list resumed>) = 0 [ 98.004596][ T5858] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5861] chdir("./5" [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5861] <... chdir resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5861] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5861] <... prctl resumed>) = 0 [pid 5860] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] close(3 [pid 5861] setpgid(0, 0) = 0 [pid 5861] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5860] <... write resumed>) = 2097152 [pid 5859] <... write resumed>) = 2097152 [pid 5861] <... openat resumed>) = 3 [pid 5860] munmap(0x7fde7cbdc000, 138412032 [pid 5859] munmap(0x7fde7cbdc000, 138412032 [pid 5861] write(3, "1000", 4 [pid 5860] <... munmap resumed>) = 0 [pid 5859] <... munmap resumed>) = 0 [pid 5861] <... write resumed>) = 4 [pid 5861] close(3) = 0 [pid 5861] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5861] write(1, "executing program\n", 18) = 18 [pid 5861] memfd_create("syzkaller", 0 [pid 5860] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5859] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5861] <... memfd_create resumed>) = 3 [pid 5860] <... openat resumed>) = 4 [pid 5859] <... openat resumed>) = 4 [pid 5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5860] ioctl(4, LOOP_SET_FD, 3 [pid 5859] ioctl(4, LOOP_SET_FD, 3 [pid 5858] <... mount resumed>) = 0 [pid 5861] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5860] <... ioctl resumed>) = 0 [pid 5859] <... ioctl resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5860] close(3 [pid 5859] close(3 [pid 5858] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5860] <... close resumed>) = 0 [pid 5859] <... close resumed>) = 0 [pid 5858] <... openat resumed>) = 3 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5860] close(4 [pid 5859] close(4./strace-static-x86_64: Process 5862 attached [pid 5860] <... close resumed>) = 0 [pid 5859] <... close resumed>) = 0 [pid 5858] chdir("./file1" [pid 5859] mkdir("./file1", 0777 [pid 5858] <... chdir resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5862 [pid 5862] set_robust_list(0x55558eab2660, 24 [pid 5860] mkdir("./file1", 0777) = 0 [pid 5860] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5858] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5859] <... mkdir resumed>) = 0 [pid 5858] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5862] <... set_robust_list resumed>) = 0 [pid 5859] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5862] chdir("./5") = 0 [pid 5858] unlink("./file0/file0" [ 98.163821][ T5858] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 98.166592][ T5860] loop0: detected capacity change from 0 to 4096 [ 98.167429][ T5859] loop4: detected capacity change from 0 to 4096 [pid 5862] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5858] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5862] setpgid(0, 0) = 0 [pid 5862] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5858] memfd_create("syzkaller", 0 [pid 5862] <... openat resumed>) = 3 [pid 5862] write(3, "1000", 4) = 4 [pid 5862] close(3) = 0 [pid 5858] <... memfd_create resumed>) = 4 [pid 5862] symlink("/dev/binderfs", "./binderfs" [pid 5861] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5862] <... symlink resumed>) = 0 [ 98.220585][ T5860] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 98.229322][ T5858] ntfs3(loop3): ino=1b, mi_enum_attr [ 98.229350][ T5858] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 98.231088][ T5859] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5858] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5862] write(1, "executing program\n", 18executing program ) = 18 [pid 5861] <... write resumed>) = 2097152 [pid 5862] memfd_create("syzkaller", 0 [pid 5861] munmap(0x7fde7cbdc000, 138412032 [pid 5862] <... memfd_create resumed>) = 3 [pid 5861] <... munmap resumed>) = 0 [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5861] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5861] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5860] <... mount resumed>) = 0 [pid 5859] <... mount resumed>) = 0 [pid 5861] close(3) = 0 [pid 5861] close(4) = 0 [pid 5860] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5859] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5861] mkdir("./file1", 0777 [pid 5860] <... openat resumed>) = 3 [pid 5859] <... openat resumed>) = 3 [pid 5861] <... mkdir resumed>) = 0 [pid 5860] chdir("./file1" [pid 5859] chdir("./file1" [pid 5860] <... chdir resumed>) = 0 [pid 5861] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5860] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5859] <... chdir resumed>) = 0 [pid 5862] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5860] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 98.367357][ T5861] loop1: detected capacity change from 0 to 4096 [ 98.385096][ T5860] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 98.392872][ T5859] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5859] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5860] unlink("./file0/file0" [pid 5859] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5858] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5859] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5859] memfd_create("syzkaller", 0 [pid 5860] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5860] memfd_create("syzkaller", 0 [pid 5859] <... memfd_create resumed>) = 4 [pid 5859] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5860] <... memfd_create resumed>) = 4 [pid 5860] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5858] <... write resumed>) = 2097152 [ 98.418841][ T5861] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 98.441531][ T5859] ntfs3(loop4): ino=1b, mi_enum_attr [ 98.441568][ T5859] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 98.453168][ T5860] ntfs3(loop0): ino=1b, mi_enum_attr [ 98.453197][ T5860] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5858] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5858] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5858] close(4) = 0 [pid 5858] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5860] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5858] <... open resumed>) = 4 [pid 5858] exit_group(0) = ? [pid 5862] <... write resumed>) = 2097152 [ 98.566544][ T37] audit: type=1800 audit(1753942229.500:27): pid=5858 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [pid 5861] <... mount resumed>) = 0 [pid 5861] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5858] +++ exited with 0 +++ [pid 5861] chdir("./file1" [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5858, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5861] <... chdir resumed>) = 0 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5861] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5859] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5862] munmap(0x7fde7cbdc000, 138412032 [pid 5861] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5861] unlink("./file0/file0" [pid 5827] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 98.624720][ T5861] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 98.665919][ T5861] ntfs3(loop1): ino=1b, mi_enum_attr [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, [pid 5861] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5861] memfd_create("syzkaller", 0 [pid 5860] <... write resumed>) = 2097152 [pid 5862] <... munmap resumed>) = 0 [pid 5861] <... memfd_create resumed>) = 4 [pid 5860] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5862] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 98.665949][ T5861] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5861] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5860] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5862] <... openat resumed>) = 4 [pid 5861] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5859] <... write resumed>) = 2097152 [pid 5827] <... umount2 resumed>) = 0 [pid 5860] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5860] close(4 [pid 5862] ioctl(4, LOOP_SET_FD, 3 [pid 5859] munmap(0x7fde7cbdc000, 138412032 [pid 5827] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5859] <... munmap resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5862] <... ioctl resumed>) = 0 [pid 5862] close(3 [pid 5827] newfstatat(AT_FDCWD, "./5/file1", [pid 5862] <... close resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5862] close(4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5862] <... close resumed>) = 0 [pid 5862] mkdir("./file1", 0777 [pid 5860] <... close resumed>) = 0 [pid 5860] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5862] <... mkdir resumed>) = 0 [pid 5861] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5859] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5862] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5859] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... openat resumed>) = 4 [pid 5859] close(4 [ 98.734045][ T5862] loop2: detected capacity change from 0 to 4096 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5860] <... open resumed>) = 4 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5860] exit_group(0) = ? [pid 5861] <... write resumed>) = 2097152 [pid 5860] +++ exited with 0 +++ [pid 5859] <... close resumed>) = 0 [pid 5827] close(4 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5860, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [ 98.773136][ T5862] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 98.804144][ T37] audit: type=1800 audit(1753942229.740:28): pid=5860 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5861] munmap(0x7fde7cbdc000, 138412032 [pid 5859] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] <... close resumed>) = 0 [pid 5824] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5861] <... munmap resumed>) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] rmdir("./5/file1") = 0 [pid 5824] <... openat resumed>) = 3 [pid 5824] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5861] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5859] <... open resumed>) = 4 [pid 5827] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5862] <... mount resumed>) = 0 [pid 5861] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5862] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5861] close(4 [pid 5859] exit_group(0 [pid 5827] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5862] <... openat resumed>) = 3 [pid 5859] <... exit_group resumed>) = ? [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./5/binderfs" [pid 5859] +++ exited with 0 +++ [pid 5827] <... unlink resumed>) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5862] chdir("./file1" [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./5" [pid 5862] <... chdir resumed>) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5859, si_uid=0, si_status=0, si_utime=0, si_stime=14 /* 0.14 s */} --- [pid 5827] <... rmdir resumed>) = 0 [pid 5828] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] mkdir("./6", 0777 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5862] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] <... mkdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5862] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... openat resumed>) = 3 [pid 5862] unlink("./file0/file0" [pid 5828] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5828] getdents64(3, [pid 5827] <... ioctl resumed>) = 0 [ 98.882149][ T37] audit: type=1800 audit(1753942229.820:29): pid=5859 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 98.893525][ T5862] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5827] close(3 [pid 5862] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5861] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] <... umount2 resumed>) = 0 [pid 5828] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5862] memfd_create("syzkaller", 0 [pid 5827] <... close resumed>) = 0 [pid 5824] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5862] <... memfd_create resumed>) = 4 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5862] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] newfstatat(AT_FDCWD, "./5/file1", [pid 5862] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5863 attached [pid 5824] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5863] set_robust_list(0x55558eab2660, 24) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5863 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5861] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5863] chdir("./6" [pid 5824] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5863] <... chdir resumed>) = 0 [pid 5863] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5824] <... openat resumed>) = 4 [pid 5824] newfstatat(4, "", [pid 5863] <... prctl resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, [pid 5863] setpgid(0, 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [ 98.950070][ T5862] ntfs3(loop2): ino=1b, mi_enum_attr [ 98.950101][ T5862] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5863] <... setpgid resumed>) = 0 [pid 5828] <... umount2 resumed>) = 0 [pid 5824] close(4 [pid 5861] <... open resumed>) = 4 [pid 5824] <... close resumed>) = 0 [pid 5824] rmdir("./5/file1") = 0 [pid 5824] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5861] exit_group(0 [pid 5824] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5863] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5861] <... exit_group resumed>) = ? [pid 5824] unlink("./5/binderfs" [pid 5863] <... openat resumed>) = 3 [pid 5824] <... unlink resumed>) = 0 [pid 5863] write(3, "1000", 4 [pid 5824] getdents64(3, [pid 5863] <... write resumed>) = 4 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5863] close(3 [pid 5824] close(3 [pid 5828] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./5/file1", [pid 5863] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... close resumed>) = 0 [pid 5863] symlink("/dev/binderfs", "./binderfs" [pid 5861] +++ exited with 0 +++ [pid 5828] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5824] rmdir("./5" [pid 5863] <... symlink resumed>) = 0 [pid 5863] write(1, "executing program\n", 18 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5861, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5824] <... rmdir resumed>) = 0 [pid 5863] <... write resumed>) = 18 [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5863] memfd_create("syzkaller", 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5824] mkdir("./6", 0777) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5863] <... memfd_create resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... openat resumed>) = 3 [pid 5863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... openat resumed>) = 4 [pid 5825] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5863] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] newfstatat(4, "", [pid 5825] <... openat resumed>) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5862] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(3, "", [pid 5824] <... ioctl resumed>) = 0 [pid 5828] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] close(3 [pid 5862] <... write resumed>) = 2097152 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] getdents64(4, [ 99.019361][ T37] audit: type=1800 audit(1753942229.960:30): pid=5861 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [pid 5825] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5862] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5824] <... close resumed>) = 0 [pid 5863] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5862] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] close(4 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5862] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5862] close(4 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./5/file1" [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5864 [pid 5828] <... rmdir resumed>) = 0 [pid 5828] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5864 attached [pid 5862] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] set_robust_list(0x55558eab2660, 24 [pid 5863] <... write resumed>) = 2097152 [pid 5862] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5825] <... umount2 resumed>) = 0 [pid 5864] <... set_robust_list resumed>) = 0 [pid 5862] <... open resumed>) = 4 [pid 5864] chdir("./6" [pid 5862] exit_group(0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... chdir resumed>) = 0 [pid 5862] <... exit_group resumed>) = ? [pid 5828] unlink("./5/binderfs" [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5863] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... unlink resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./5/file1", [pid 5864] <... prctl resumed>) = 0 [pid 5828] getdents64(3, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5864] setpgid(0, 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... setpgid resumed>) = 0 [pid 5828] close(3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5864] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... close resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] <... openat resumed>) = 3 [pid 5828] rmdir("./5" [pid 5825] <... openat resumed>) = 4 [pid 5864] write(3, "1000", 4 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] newfstatat(4, "", [pid 5864] <... write resumed>) = 4 [pid 5828] mkdir("./6", 0777 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5864] close(3 [pid 5828] <... mkdir resumed>) = 0 [pid 5864] <... close resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] getdents64(4, [pid 5864] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... openat resumed>) = 3 [pid 5864] <... symlink resumed>) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5864] write(1, "executing program\n", 18 [pid 5863] <... munmap resumed>) = 0 [pid 5862] +++ exited with 0 +++ executing program [pid 5828] <... ioctl resumed>) = 0 [pid 5825] getdents64(4, [pid 5864] <... write resumed>) = 18 [pid 5863] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5828] close(3 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5863] <... openat resumed>) = 4 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5862, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 5863] ioctl(4, LOOP_SET_FD, 3 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5863] <... ioctl resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5863] close(3) = 0 [pid 5826] umount2("./5", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5863] close(4) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 99.181711][ T37] audit: type=1800 audit(1753942230.120:31): pid=5862 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [pid 5863] mkdir("./file1", 0777 [pid 5825] close(4 [pid 5863] <... mkdir resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5864] memfd_create("syzkaller", 0 [pid 5826] <... openat resumed>) = 3 [pid 5825] rmdir("./5/file1" [pid 5863] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5825] <... rmdir resumed>) = 0 [pid 5826] newfstatat(3, "", [pid 5864] <... memfd_create resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./5/binderfs"./strace-static-x86_64: Process 5865 attached [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5865 [pid 5825] <... unlink resumed>) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5865] set_robust_list(0x55558eab2660, 24 [pid 5825] close(3 [pid 5865] <... set_robust_list resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5865] chdir("./6" [pid 5826] <... umount2 resumed>) = 0 [pid 5825] rmdir("./5" [pid 5826] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] <... chdir resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./5/file1", [pid 5865] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] setpgid(0, 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5826] umount2("./5/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] mkdir("./6", 0777 [pid 5865] <... setpgid resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... mkdir resumed>) = 0 [ 99.242745][ T5863] loop3: detected capacity change from 0 to 4096 [ 99.264819][ T5863] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5865] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5864] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] openat(AT_FDCWD, "./5/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5826] <... openat resumed>) = 4 [pid 5825] <... openat resumed>) = 3 [pid 5826] newfstatat(4, "", [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... ioctl resumed>) = 0 [pid 5826] getdents64(4, [pid 5825] close(3 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 5865] <... openat resumed>) = 3 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./5/file1") = 0 [pid 5865] write(3, "1000", 4 [pid 5826] umount2("./5/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5865] <... write resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5865] close(3 [pid 5826] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./5/binderfs") = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] symlink("/dev/binderfs", "./binderfs" [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 executing program [pid 5865] <... symlink resumed>) = 0 [pid 5826] close(3 [pid 5865] write(1, "executing program\n", 18 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./5" [pid 5865] <... write resumed>) = 18 [pid 5826] <... rmdir resumed>) = 0 [pid 5865] memfd_create("syzkaller", 0 [pid 5826] mkdir("./6", 0777 [pid 5864] <... write resumed>) = 2097152 [pid 5865] <... memfd_create resumed>) = 3 [pid 5863] <... mount resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5863] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5864] munmap(0x7fde7cbdc000, 138412032 [pid 5863] <... openat resumed>) = 3 [pid 5863] chdir("./file1") = 0 [pid 5825] <... close resumed>) = 0 [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5863] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5864] <... munmap resumed>) = 0 [pid 5863] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... openat resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5863] unlink("./file0/file0" [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5864] <... openat resumed>) = 4 [pid 5864] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5863] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... ioctl resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] close(3 [pid 5864] close(3) = 0 [pid 5864] close(4 [pid 5863] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5866 attached [pid 5864] <... close resumed>) = 0 [pid 5864] mkdir("./file1", 0777 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5866 [pid 5864] <... mkdir resumed>) = 0 [pid 5866] set_robust_list(0x55558eab2660, 24 [pid 5863] <... memfd_create resumed>) = 4 [pid 5866] <... set_robust_list resumed>) = 0 [pid 5863] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5866] chdir("./6" [pid 5863] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5866] <... chdir resumed>) = 0 [pid 5864] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5866] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5866] setpgid(0, 0) = 0 [ 99.369428][ T5863] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 99.404085][ T5864] loop0: detected capacity change from 0 to 4096 [ 99.405991][ T5863] ntfs3(loop3): ino=1b, mi_enum_attr [ 99.406019][ T5863] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5866] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5863] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5866] <... openat resumed>) = 3 [pid 5866] write(3, "1000", 4) = 4 [pid 5866] close(3) = 0 [pid 5866] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5866] write(1, "executing program\n", 18) = 18 [pid 5866] memfd_create("syzkaller", 0 [pid 5826] <... close resumed>) = 0 [pid 5866] <... memfd_create resumed>) = 3 [pid 5866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 99.483653][ T5864] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5865] <... write resumed>) = 2097152 [pid 5863] <... write resumed>) = 2097152 [pid 5865] munmap(0x7fde7cbdc000, 138412032 [pid 5863] munmap(0x7fde7cbdc000, 138412032 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5863] <... munmap resumed>) = 0 [pid 5865] <... munmap resumed>) = 0 [pid 5863] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5867 attached [pid 5865] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5863] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5865] <... openat resumed>) = 4 [pid 5863] close(4 [pid 5865] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5867 [pid 5867] set_robust_list(0x55558eab2660, 24) = 0 [pid 5865] <... ioctl resumed>) = 0 [pid 5867] chdir("./6") = 0 [pid 5867] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5867] setpgid(0, 0) = 0 [pid 5867] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5867] write(3, "1000", 4) = 4 [pid 5867] close(3) = 0 [pid 5865] close(3 [pid 5867] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5865] <... close resumed>) = 0 [pid 5865] close(4) = 0 [pid 5865] mkdir("./file1", 0777 [pid 5863] <... close resumed>) = 0 [pid 5865] <... mkdir resumed>) = 0 [pid 5863] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5865] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, ""executing program [pid 5867] write(1, "executing program\n", 18 [pid 5864] <... mount resumed>) = 0 [pid 5867] <... write resumed>) = 18 [pid 5867] memfd_create("syzkaller", 0 [pid 5864] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 99.598693][ T5865] loop4: detected capacity change from 0 to 4096 [ 99.645234][ T5864] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5864] chdir("./file1") = 0 [pid 5867] <... memfd_create resumed>) = 3 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5864] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5867] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5864] unlink("./file0/file0" [pid 5866] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5864] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5863] <... open resumed>) = 4 [pid 5864] memfd_create("syzkaller", 0 [pid 5863] exit_group(0) = ? [pid 5864] <... memfd_create resumed>) = 4 [pid 5863] +++ exited with 0 +++ [pid 5864] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5863, si_uid=0, si_status=0, si_utime=0, si_stime=13 /* 0.13 s */} --- [pid 5864] <... mmap resumed>) = 0x7fde7cbdc000 [ 99.655081][ T5865] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 99.657381][ T37] audit: type=1800 audit(1753942230.590:32): pid=5863 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 99.689579][ T5864] ntfs3(loop0): ino=1b, mi_enum_attr [ 99.689607][ T5864] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5866] <... write resumed>) = 2097152 [pid 5827] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5866] <... munmap resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5827] newfstatat(3, "", [pid 5866] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... openat resumed>) = 4 [pid 5827] getdents64(3, [pid 5866] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5866] close(3 [pid 5827] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5866] <... close resumed>) = 0 [pid 5866] close(4) = 0 [pid 5866] mkdir("./file1", 0777) = 0 [pid 5866] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [ 99.779961][ T5866] loop1: detected capacity change from 0 to 4096 [ 99.826651][ T5866] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5867] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5865] <... mount resumed>) = 0 [pid 5864] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5865] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5827] <... umount2 resumed>) = 0 [pid 5865] chdir("./file1") = 0 [pid 5865] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5827] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5865] unlink("./file0/file0" [pid 5827] newfstatat(AT_FDCWD, "./6/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5865] memfd_create("syzkaller", 0 [pid 5827] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./6/file1" [pid 5865] <... memfd_create resumed>) = 4 [pid 5827] <... rmdir resumed>) = 0 [pid 5865] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5864] <... write resumed>) = 2097152 [pid 5827] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5864] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./6/binderfs") = 0 [ 99.874992][ T5865] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 99.892503][ T5865] ntfs3(loop4): ino=1b, mi_enum_attr [ 99.892533][ T5865] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5827] getdents64(3, [pid 5864] <... munmap resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5864] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5865] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5864] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] close(3 [pid 5864] close(4 [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./6") = 0 [pid 5867] <... write resumed>) = 2097152 [pid 5827] mkdir("./7", 0777 [pid 5867] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5867] <... openat resumed>) = 4 [pid 5867] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5867] close(3 [pid 5866] <... mount resumed>) = 0 [pid 5866] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5867] <... close resumed>) = 0 [pid 5866] <... openat resumed>) = 3 [pid 5867] close(4 [pid 5866] chdir("./file1" [pid 5867] <... close resumed>) = 0 [pid 5866] <... chdir resumed>) = 0 [pid 5867] mkdir("./file1", 0777) = 0 [pid 5866] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5864] <... close resumed>) = 0 [pid 5867] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5866] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5866] unlink("./file0/file0" [pid 5827] <... close resumed>) = 0 [pid 5865] <... write resumed>) = 2097152 [pid 5864] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5866] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5865] munmap(0x7fde7cbdc000, 138412032 [pid 5864] <... open resumed>) = 4 [ 99.988150][ T5867] loop2: detected capacity change from 0 to 4096 [ 100.000216][ T5866] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 100.026470][ T5867] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [pid 5866] memfd_create("syzkaller", 0) = 4 [pid 5866] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5864] exit_group(0) = ? ./strace-static-x86_64: Process 5869 attached [pid 5864] +++ exited with 0 +++ [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5864, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5869] set_robust_list(0x55558eab2660, 24) = 0 [pid 5869] chdir("./7" [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5869 [pid 5869] <... chdir resumed>) = 0 [pid 5869] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5865] <... munmap resumed>) = 0 [pid 5869] setpgid(0, 0 [pid 5824] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] <... setpgid resumed>) = 0 [ 100.064573][ T5866] ntfs3(loop1): ino=1b, mi_enum_attr [ 100.064601][ T5866] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5869] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5865] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5869] <... openat resumed>) = 3 [pid 5865] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5869] write(3, "1000", 4) = 4 [pid 5865] close(4 [pid 5824] <... openat resumed>) = 3 [pid 5869] close(3 [pid 5824] newfstatat(3, "", [pid 5869] <... close resumed>) = 0 executing program [pid 5869] symlink("/dev/binderfs", "./binderfs" [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5869] <... symlink resumed>) = 0 [pid 5824] getdents64(3, [pid 5869] write(1, "executing program\n", 18) = 18 [pid 5867] <... mount resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5867] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5869] memfd_create("syzkaller", 0 [pid 5867] <... openat resumed>) = 3 [pid 5824] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] <... memfd_create resumed>) = 3 [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5867] chdir("./file1") = 0 [pid 5867] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5867] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [ 100.161138][ T5867] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5867] memfd_create("syzkaller", 0 [pid 5865] <... close resumed>) = 0 [pid 5867] <... memfd_create resumed>) = 4 [pid 5866] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5867] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5865] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [ 100.203298][ T5867] ntfs3(loop2): ino=1b, mi_enum_attr [ 100.203328][ T5867] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5869] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] <... umount2 resumed>) = 0 [pid 5865] <... open resumed>) = 4 [pid 5866] <... write resumed>) = 2097152 [pid 5824] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5869] <... write resumed>) = 2097152 [pid 5869] munmap(0x7fde7cbdc000, 138412032 [pid 5824] newfstatat(AT_FDCWD, "./6/file1", [pid 5869] <... munmap resumed>) = 0 [pid 5865] exit_group(0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5865] <... exit_group resumed>) = ? [pid 5824] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5866] munmap(0x7fde7cbdc000, 138412032 [pid 5865] +++ exited with 0 +++ [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5865, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=13 /* 0.13 s */} --- [pid 5824] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... openat resumed>) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(4, "", [pid 5828] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5824] getdents64(4, [pid 5828] newfstatat(3, "", [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5866] <... munmap resumed>) = 0 [pid 5828] getdents64(3, [pid 5869] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5866] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] getdents64(4, [pid 5869] <... openat resumed>) = 4 [pid 5866] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] ioctl(4, LOOP_SET_FD, 3 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5869] <... ioctl resumed>) = 0 [pid 5866] close(4 [pid 5824] close(4 [pid 5869] close(3) = 0 [pid 5824] <... close resumed>) = 0 [pid 5869] close(4 [pid 5824] rmdir("./6/file1") = 0 [pid 5824] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5869] <... close resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5869] mkdir("./file1", 0777) = 0 [pid 5824] unlink("./6/binderfs") = 0 [pid 5824] getdents64(3, [pid 5869] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3) = 0 [pid 5866] <... close resumed>) = 0 [pid 5824] rmdir("./6") = 0 [pid 5824] mkdir("./7", 0777) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5866] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5824] ioctl(3, LOOP_CLR_FD) = 0 [pid 5866] <... open resumed>) = 4 [pid 5824] close(3 [pid 5867] <... write resumed>) = 2097152 [pid 5866] exit_group(0 [pid 5867] munmap(0x7fde7cbdc000, 138412032 [pid 5866] <... exit_group resumed>) = ? [pid 5867] <... munmap resumed>) = 0 [pid 5866] +++ exited with 0 +++ [ 100.340743][ T5869] loop3: detected capacity change from 0 to 4096 [ 100.375957][ T5869] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5867] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5866, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5828] <... umount2 resumed>) = 0 [pid 5867] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./6/file1", [pid 5867] close(4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] <... openat resumed>) = 3 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] newfstatat(3, "", [pid 5828] newfstatat(4, "", ./strace-static-x86_64: Process 5870 attached {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5870] set_robust_list(0x55558eab2660, 24 [pid 5828] getdents64(4, [pid 5825] getdents64(3, [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5870 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5870] <... set_robust_list resumed>) = 0 [pid 5825] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] getdents64(4, [pid 5870] chdir("./7" [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5870] <... chdir resumed>) = 0 [pid 5828] close(4) = 0 [pid 5870] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5828] rmdir("./6/file1" [pid 5870] setpgid(0, 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5870] <... setpgid resumed>) = 0 [pid 5828] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5870] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./6/binderfs" [pid 5870] <... openat resumed>) = 3 [pid 5828] <... unlink resumed>) = 0 [pid 5870] write(3, "1000", 4) = 4 [pid 5870] close(3 [pid 5869] <... mount resumed>) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5870] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./6" [pid 5870] symlink("/dev/binderfs", "./binderfs" [pid 5867] <... close resumed>) = 0 [pid 5867] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5870] <... symlink resumed>) = 0 executing program [pid 5828] <... rmdir resumed>) = 0 [pid 5870] write(1, "executing program\n", 18) = 18 [pid 5870] memfd_create("syzkaller", 0 [pid 5867] <... open resumed>) = 4 [pid 5870] <... memfd_create resumed>) = 3 [pid 5869] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5828] mkdir("./7", 0777 [pid 5825] <... umount2 resumed>) = 0 [pid 5869] <... openat resumed>) = 3 [pid 5867] exit_group(0) = ? [pid 5870] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5869] chdir("./file1" [pid 5828] <... mkdir resumed>) = 0 [pid 5870] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5869] <... chdir resumed>) = 0 [pid 5825] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5867] +++ exited with 0 +++ [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5869] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5867, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=15 /* 0.15 s */} --- [pid 5825] newfstatat(AT_FDCWD, "./6/file1", [pid 5869] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5869] unlink("./file0/file0" [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./6", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", [ 100.486748][ T5869] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5825] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5869] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... ioctl resumed>) = 0 [pid 5826] getdents64(3, [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] close(3 [pid 5825] getdents64(4, [pid 5826] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5869] memfd_create("syzkaller", 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5869] <... memfd_create resumed>) = 4 [pid 5869] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] close(4 [pid 5869] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5825] rmdir("./6/file1" [pid 5870] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... rmdir resumed>) = 0 [pid 5825] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 100.536196][ T5869] ntfs3(loop3): ino=1b, mi_enum_attr [ 100.536224][ T5869] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5825] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5871 [pid 5825] unlink("./6/binderfs"./strace-static-x86_64: Process 5871 attached ) = 0 [pid 5871] set_robust_list(0x55558eab2660, 24 [pid 5825] getdents64(3, [pid 5871] <... set_robust_list resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5871] chdir("./7") = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5825] close(3 [pid 5871] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] <... close resumed>) = 0 [pid 5871] <... prctl resumed>) = 0 [pid 5825] rmdir("./6" [pid 5871] setpgid(0, 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5871] <... setpgid resumed>) = 0 [pid 5825] mkdir("./7", 0777) = 0 [pid 5871] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5871] <... openat resumed>) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3 [pid 5871] write(3, "1000", 4) = 4 [pid 5826] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./6/file1", [pid 5871] close(3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5871] <... close resumed>) = 0 [pid 5826] umount2("./6/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5871] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5871] <... symlink resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./6/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5871] write(1, "executing program\n", 18 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 5826] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5869] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5871] <... write resumed>) = 18 [pid 5826] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5871] memfd_create("syzkaller", 0 [pid 5826] close(4) = 0 [pid 5871] <... memfd_create resumed>) = 3 [pid 5826] rmdir("./6/file1") = 0 [pid 5826] umount2("./6/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5871] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] unlink("./6/binderfs") = 0 [pid 5826] getdents64(3, [pid 5825] <... close resumed>) = 0 [pid 5870] <... write resumed>) = 2097152 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./6" [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5872 attached [pid 5826] <... rmdir resumed>) = 0 [pid 5826] mkdir("./7", 0777 [pid 5872] set_robust_list(0x55558eab2660, 24 [pid 5870] munmap(0x7fde7cbdc000, 138412032 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5872 [pid 5870] <... munmap resumed>) = 0 [pid 5872] <... set_robust_list resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5872] chdir("./7") = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5872] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... openat resumed>) = 3 [pid 5872] <... prctl resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5872] setpgid(0, 0 [pid 5826] close(3 [pid 5872] <... setpgid resumed>) = 0 [pid 5870] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5872] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5870] <... openat resumed>) = 4 [pid 5872] <... openat resumed>) = 3 [pid 5870] ioctl(4, LOOP_SET_FD, 3 [pid 5872] write(3, "1000", 4 [pid 5870] <... ioctl resumed>) = 0 [pid 5869] <... write resumed>) = 2097152 [pid 5872] <... write resumed>) = 4 [pid 5872] close(3 [pid 5870] close(3 [pid 5872] <... close resumed>) = 0 [pid 5870] <... close resumed>) = 0 [pid 5872] symlink("/dev/binderfs", "./binderfs" [pid 5871] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152executing program [pid 5870] close(4 [pid 5869] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... close resumed>) = 0 [pid 5870] <... close resumed>) = 0 [pid 5872] <... symlink resumed>) = 0 [pid 5870] mkdir("./file1", 0777 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5870] <... mkdir resumed>) = 0 [pid 5872] write(1, "executing program\n", 18 [pid 5870] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5872] <... write resumed>) = 18 [pid 5872] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5873 attached [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5873 [pid 5873] set_robust_list(0x55558eab2660, 24) = 0 [pid 5872] <... memfd_create resumed>) = 3 [pid 5869] <... munmap resumed>) = 0 [pid 5873] chdir("./7" [pid 5872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5869] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5873] <... chdir resumed>) = 0 [pid 5872] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5869] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5873] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5869] close(4 [pid 5873] setpgid(0, 0) = 0 [pid 5873] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5873] write(3, "1000", 4) = 4 [pid 5873] close(3) = 0 [ 100.757358][ T5870] loop0: detected capacity change from 0 to 4096 [ 100.778001][ T5870] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5873] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5870] <... mount resumed>) = 0 [pid 5873] write(1, "executing program\n", 18 [pid 5870] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 executing program [pid 5870] chdir("./file1" [pid 5873] <... write resumed>) = 18 [pid 5870] <... chdir resumed>) = 0 [pid 5873] memfd_create("syzkaller", 0 [pid 5870] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5869] <... close resumed>) = 0 [ 100.825510][ T5870] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5873] <... memfd_create resumed>) = 3 [pid 5870] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5870] unlink("./file0/file0" [pid 5873] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5872] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5870] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5869] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5870] memfd_create("syzkaller", 0) = 4 [pid 5869] <... open resumed>) = 4 [pid 5870] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5871] <... write resumed>) = 2097152 [pid 5870] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5869] exit_group(0 [ 100.867047][ T5870] ntfs3(loop0): ino=1b, mi_enum_attr [ 100.867077][ T5870] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5871] munmap(0x7fde7cbdc000, 138412032 [pid 5869] <... exit_group resumed>) = ? [pid 5871] <... munmap resumed>) = 0 [pid 5869] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5869, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5827] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5871] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5871] <... openat resumed>) = 4 [pid 5871] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5871] close(3) = 0 [pid 5871] close(4) = 0 [pid 5871] mkdir("./file1", 0777) = 0 [pid 5871] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5870] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5873] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... umount2 resumed>) = 0 [pid 5870] <... write resumed>) = 2097152 [ 100.940075][ T5871] loop4: detected capacity change from 0 to 4096 [ 100.948144][ T5871] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5827] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5873] <... write resumed>) = 2097152 [pid 5870] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", [pid 5873] munmap(0x7fde7cbdc000, 138412032 [pid 5872] <... write resumed>) = 2097152 [pid 5870] <... munmap resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5873] <... munmap resumed>) = 0 [pid 5872] munmap(0x7fde7cbdc000, 138412032 [pid 5870] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] close(4 [pid 5870] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... close resumed>) = 0 [pid 5870] close(4 [pid 5827] rmdir("./7/file1") = 0 [pid 5827] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5873] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5871] <... mount resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./7/binderfs" [pid 5871] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5827] <... unlink resumed>) = 0 [pid 5871] <... openat resumed>) = 3 [pid 5871] chdir("./file1") = 0 [pid 5827] getdents64(3, [pid 5871] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5871] unlink("./file0/file0" [pid 5873] <... openat resumed>) = 4 [pid 5872] <... munmap resumed>) = 0 [pid 5873] ioctl(4, LOOP_SET_FD, 3 [pid 5872] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] <... close resumed>) = 0 [pid 5873] <... ioctl resumed>) = 0 [pid 5872] <... openat resumed>) = 4 [pid 5827] rmdir("./7" [pid 5873] close(3 [pid 5872] ioctl(4, LOOP_SET_FD, 3 [pid 5827] <... rmdir resumed>) = 0 [pid 5871] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5827] mkdir("./8", 0777 [pid 5871] memfd_create("syzkaller", 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5871] <... memfd_create resumed>) = 4 [pid 5871] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5873] <... close resumed>) = 0 [pid 5872] <... ioctl resumed>) = 0 [pid 5873] close(4 [pid 5872] close(3 [pid 5873] <... close resumed>) = 0 [pid 5872] <... close resumed>) = 0 [pid 5873] mkdir("./file1", 0777 [pid 5872] close(4 [pid 5873] <... mkdir resumed>) = 0 [pid 5872] <... close resumed>) = 0 [pid 5873] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5872] mkdir("./file1", 0777) = 0 [ 101.048248][ T5871] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 101.068104][ T5871] ntfs3(loop4): ino=1b, mi_enum_attr [ 101.068132][ T5871] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 101.068450][ T5873] loop2: detected capacity change from 0 to 4096 [ 101.077577][ T5872] loop1: detected capacity change from 0 to 4096 [pid 5872] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5870] <... close resumed>) = 0 [pid 5870] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5870] <... open resumed>) = 4 [pid 5871] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5870] exit_group(0) = ? ./strace-static-x86_64: Process 5874 attached [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5874 [pid 5874] set_robust_list(0x55558eab2660, 24) = 0 [ 101.141948][ T5872] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 101.143257][ T5873] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [pid 5874] chdir("./8") = 0 [pid 5874] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5874] setpgid(0, 0 [pid 5870] +++ exited with 0 +++ [pid 5874] <... setpgid resumed>) = 0 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5870, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=10 /* 0.10 s */} --- [pid 5874] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5874] <... openat resumed>) = 3 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5874] write(3, "1000", 4) = 4 [pid 5824] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5874] close(3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5874] <... close resumed>) = 0 [pid 5824] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5874] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5874] write(1, "executing program\n", 18 [pid 5824] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5874] <... write resumed>) = 18 [pid 5874] memfd_create("syzkaller", 0 [pid 5871] <... write resumed>) = 2097152 [pid 5874] <... memfd_create resumed>) = 3 [pid 5871] munmap(0x7fde7cbdc000, 138412032 [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5871] <... munmap resumed>) = 0 [pid 5871] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5824] <... umount2 resumed>) = 0 [pid 5871] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5871] close(4 [pid 5872] <... mount resumed>) = 0 [pid 5873] <... mount resumed>) = 0 [pid 5872] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5872] <... openat resumed>) = 3 [pid 5824] newfstatat(AT_FDCWD, "./7/file1", [pid 5873] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5872] chdir("./file1" [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5872] <... chdir resumed>) = 0 [pid 5824] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5873] <... openat resumed>) = 3 [pid 5872] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5873] chdir("./file1" [pid 5872] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5873] <... chdir resumed>) = 0 [pid 5872] unlink("./file0/file0" [pid 5824] <... openat resumed>) = 4 [pid 5873] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5872] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(4, "", [pid 5873] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5873] unlink("./file0/file0" [pid 5872] memfd_create("syzkaller", 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(4 [pid 5873] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5872] <... memfd_create resumed>) = 4 [pid 5824] <... close resumed>) = 0 [pid 5872] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 101.348596][ T5872] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 101.366782][ T5873] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 101.393680][ T5872] ntfs3(loop1): ino=1b, mi_enum_attr [ 101.393709][ T5872] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5824] rmdir("./7/file1" [pid 5874] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5873] memfd_create("syzkaller", 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5824] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] unlink("./7/binderfs") = 0 [pid 5873] <... memfd_create resumed>) = 4 [pid 5873] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3 [pid 5873] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5824] <... close resumed>) = 0 [pid 5824] rmdir("./7") = 0 [pid 5871] <... close resumed>) = 0 [pid 5871] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5824] mkdir("./8", 0777) = 0 [ 101.405637][ T5873] ntfs3(loop2): ino=1b, mi_enum_attr [ 101.405667][ T5873] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5871] <... open resumed>) = 4 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD) = 0 [pid 5824] close(3) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5875 attached [pid 5871] exit_group(0) = ? [pid 5875] set_robust_list(0x55558eab2660, 24 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5875 [pid 5875] <... set_robust_list resumed>) = 0 [pid 5872] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5875] chdir("./8" [pid 5873] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5871] +++ exited with 0 +++ [pid 5875] <... chdir resumed>) = 0 [pid 5875] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5871, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5875] <... prctl resumed>) = 0 [pid 5828] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5875] setpgid(0, 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5875] <... setpgid resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5875] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... openat resumed>) = 3 [pid 5875] <... openat resumed>) = 3 [pid 5828] newfstatat(3, "", [pid 5875] write(3, "1000", 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5875] <... write resumed>) = 4 [pid 5828] getdents64(3, [pid 5875] close(3 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5875] <... close resumed>) = 0 [pid 5828] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5875] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5875] write(1, "executing program\n", 18executing program ) = 18 [pid 5875] memfd_create("syzkaller", 0) = 3 [pid 5874] <... write resumed>) = 2097152 [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5874] munmap(0x7fde7cbdc000, 138412032 [pid 5875] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5874] <... munmap resumed>) = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5874] ioctl(4, LOOP_SET_FD, 3 [pid 5828] <... umount2 resumed>) = 0 [pid 5874] <... ioctl resumed>) = 0 [pid 5872] <... write resumed>) = 2097152 [pid 5828] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./7/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5874] close(3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5874] <... close resumed>) = 0 [pid 5874] close(4) = 0 [pid 5828] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5874] mkdir("./file1", 0777 [pid 5828] <... openat resumed>) = 4 [pid 5875] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5874] <... mkdir resumed>) = 0 [pid 5873] <... write resumed>) = 2097152 [pid 5872] munmap(0x7fde7cbdc000, 138412032 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5874] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5828] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [ 101.619240][ T5874] loop3: detected capacity change from 0 to 4096 [pid 5828] rmdir("./7/file1" [pid 5873] munmap(0x7fde7cbdc000, 138412032 [pid 5872] <... munmap resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5873] <... munmap resumed>) = 0 [pid 5872] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5873] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5872] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5875] <... write resumed>) = 2097152 [pid 5873] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5872] close(4 [pid 5828] unlink("./7/binderfs" [pid 5873] close(4 [pid 5875] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./7") = 0 [ 101.666831][ T5874] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5828] mkdir("./8", 0777 [pid 5874] <... mount resumed>) = 0 [pid 5874] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5873] <... close resumed>) = 0 [pid 5872] <... close resumed>) = 0 [pid 5874] chdir("./file1" [pid 5872] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... mkdir resumed>) = 0 [pid 5875] <... munmap resumed>) = 0 [pid 5873] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5874] <... chdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5875] <... openat resumed>) = 4 [pid 5828] <... openat resumed>) = 3 [pid 5875] ioctl(4, LOOP_SET_FD, 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3 [pid 5875] <... ioctl resumed>) = 0 [pid 5874] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5873] <... open resumed>) = 4 [pid 5872] <... open resumed>) = 4 [pid 5875] close(3) = 0 [pid 5874] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5873] exit_group(0 [pid 5872] exit_group(0 [pid 5875] close(4) = 0 [pid 5874] unlink("./file0/file0" [pid 5873] <... exit_group resumed>) = ? [pid 5872] <... exit_group resumed>) = ? [pid 5875] mkdir("./file1", 0777) = 0 [pid 5875] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5873] +++ exited with 0 +++ [pid 5828] <... close resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5873, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... restart_syscall resumed>) = 0 ./strace-static-x86_64: Process 5876 attached [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5876 [ 101.727036][ T5874] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 101.750127][ T5875] loop0: detected capacity change from 0 to 4096 [pid 5826] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5876] set_robust_list(0x55558eab2660, 24 [pid 5872] +++ exited with 0 +++ [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5872, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=13 /* 0.13 s */} --- [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] umount2("./7", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(3, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5876] <... set_robust_list resumed>) = 0 [pid 5876] chdir("./8" [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5876] <... chdir resumed>) = 0 [pid 5826] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... openat resumed>) = 3 [pid 5876] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] newfstatat(3, "", [pid 5876] <... prctl resumed>) = 0 [pid 5874] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5876] setpgid(0, 0) = 0 [pid 5874] memfd_create("syzkaller", 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5876] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5874] <... memfd_create resumed>) = 4 [pid 5876] <... openat resumed>) = 3 [pid 5874] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5876] write(3, "1000", 4) = 4 [pid 5876] close(3) = 0 [pid 5876] symlink("/dev/binderfs", "./binderfs") = 0 [ 101.798338][ T5874] ntfs3(loop3): ino=1b, mi_enum_attr [ 101.798366][ T5874] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 101.817504][ T5875] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). executing program [pid 5876] write(1, "executing program\n", 18) = 18 [pid 5876] memfd_create("syzkaller", 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5876] <... memfd_create resumed>) = 3 [pid 5876] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5826] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5875] <... mount resumed>) = 0 [pid 5875] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./7/file1", [pid 5875] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5875] chdir("./file1" [pid 5826] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5875] <... chdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5875] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... openat resumed>) = 4 [pid 5875] unlink("./file0/file0" [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [ 101.881258][ T5875] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5826] getdents64(4, [pid 5875] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 5825] <... umount2 resumed>) = 0 [pid 5875] memfd_create("syzkaller", 0 [pid 5826] <... close resumed>) = 0 [pid 5875] <... memfd_create resumed>) = 4 [pid 5874] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] rmdir("./7/file1" [pid 5825] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5875] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(AT_FDCWD, "./7/file1", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5825] umount2("./7/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5876] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] unlink("./7/binderfs" [pid 5825] openat(AT_FDCWD, "./7/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... openat resumed>) = 4 [pid 5826] getdents64(3, [pid 5825] newfstatat(4, "", [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] close(3 [pid 5825] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] rmdir("./7" [pid 5825] getdents64(4, [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./7/file1" [pid 5826] mkdir("./8", 0777 [pid 5825] <... rmdir resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] umount2("./7/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./7/binderfs") = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] getdents64(3, [pid 5826] <... openat resumed>) = 3 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5825] close(3 [pid 5826] <... ioctl resumed>) = 0 [pid 5826] close(3 [pid 5825] <... close resumed>) = 0 [ 101.937259][ T5875] ntfs3(loop0): ino=1b, mi_enum_attr [ 101.937288][ T5875] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5825] rmdir("./7") = 0 [pid 5825] mkdir("./8", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5876] <... write resumed>) = 2097152 [pid 5825] <... openat resumed>) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3 [pid 5826] <... close resumed>) = 0 [pid 5876] munmap(0x7fde7cbdc000, 138412032 [pid 5875] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5876] <... munmap resumed>) = 0 [pid 5874] <... write resumed>) = 2097152 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... close resumed>) = 0 [pid 5876] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5876] ioctl(4, LOOP_SET_FD, 3) = 0 ./strace-static-x86_64: Process 5877 attached [pid 5876] close(3) = 0 [pid 5876] close(4 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5877 [pid 5876] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5876] mkdir("./file1", 0777) = 0 [pid 5876] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, ""./strace-static-x86_64: Process 5878 attached [pid 5877] set_robust_list(0x55558eab2660, 24 [pid 5874] munmap(0x7fde7cbdc000, 138412032 [pid 5878] set_robust_list(0x55558eab2660, 24 [pid 5877] <... set_robust_list resumed>) = 0 [pid 5874] <... munmap resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5878 [pid 5878] <... set_robust_list resumed>) = 0 [pid 5878] chdir("./8" [pid 5877] chdir("./8" [pid 5878] <... chdir resumed>) = 0 [pid 5877] <... chdir resumed>) = 0 [pid 5878] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5877] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5878] <... prctl resumed>) = 0 [pid 5877] <... prctl resumed>) = 0 [pid 5878] setpgid(0, 0 [pid 5877] setpgid(0, 0 [pid 5878] <... setpgid resumed>) = 0 [pid 5877] <... setpgid resumed>) = 0 [pid 5878] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5877] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5878] <... openat resumed>) = 3 [pid 5877] <... openat resumed>) = 3 [pid 5878] write(3, "1000", 4 [pid 5877] write(3, "1000", 4 [pid 5875] <... write resumed>) = 2097152 [pid 5874] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5878] <... write resumed>) = 4 [pid 5877] <... write resumed>) = 4 [pid 5874] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5878] close(3 [pid 5877] close(3 [pid 5874] close(4 [pid 5878] <... close resumed>) = 0 [pid 5877] <... close resumed>) = 0 executing program executing program [pid 5878] symlink("/dev/binderfs", "./binderfs" [pid 5877] symlink("/dev/binderfs", "./binderfs" [pid 5878] <... symlink resumed>) = 0 [pid 5877] <... symlink resumed>) = 0 [pid 5878] write(1, "executing program\n", 18 [pid 5877] write(1, "executing program\n", 18 [pid 5878] <... write resumed>) = 18 [pid 5877] <... write resumed>) = 18 [pid 5878] memfd_create("syzkaller", 0 [pid 5877] memfd_create("syzkaller", 0 [pid 5878] <... memfd_create resumed>) = 3 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5877] <... memfd_create resumed>) = 3 [pid 5878] <... mmap resumed>) = 0x7fde7cbdc000 [ 102.080632][ T5876] loop4: detected capacity change from 0 to 4096 [ 102.109467][ T5876] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5875] munmap(0x7fde7cbdc000, 138412032 [pid 5874] <... close resumed>) = 0 [pid 5874] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5875] <... munmap resumed>) = 0 [pid 5874] <... open resumed>) = 4 [pid 5874] exit_group(0) = ? [pid 5874] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5874, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5875] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5875] close(4 [pid 5876] <... mount resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5878] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5876] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5827] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5876] <... openat resumed>) = 3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5876] chdir("./file1" [pid 5827] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5876] <... chdir resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5876] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] newfstatat(3, "", [pid 5877] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5876] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5876] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [ 102.211698][ T5876] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5876] memfd_create("syzkaller", 0) = 4 [pid 5876] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5875] <... close resumed>) = 0 [pid 5875] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5878] <... write resumed>) = 2097152 [pid 5877] <... write resumed>) = 2097152 [pid 5875] <... open resumed>) = 4 [pid 5878] munmap(0x7fde7cbdc000, 138412032 [pid 5877] munmap(0x7fde7cbdc000, 138412032 [pid 5876] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5875] exit_group(0) = ? [pid 5827] <... umount2 resumed>) = 0 [pid 5877] <... munmap resumed>) = 0 [pid 5875] +++ exited with 0 +++ [ 102.257956][ T5876] ntfs3(loop4): ino=1b, mi_enum_attr [ 102.257985][ T5876] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5827] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5878] <... munmap resumed>) = 0 [pid 5878] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5875, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=15 /* 0.15 s */} --- [pid 5827] newfstatat(AT_FDCWD, "./8/file1", [pid 5878] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5878] close(3 [pid 5877] <... openat resumed>) = 4 [pid 5827] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5877] ioctl(4, LOOP_SET_FD, 3 [pid 5878] <... close resumed>) = 0 [pid 5877] <... ioctl resumed>) = 0 [pid 5878] close(4 [pid 5877] close(3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5877] <... close resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5877] close(4 [pid 5878] <... close resumed>) = 0 [pid 5877] <... close resumed>) = 0 [pid 5878] mkdir("./file1", 0777 [pid 5877] mkdir("./file1", 0777 [pid 5878] <... mkdir resumed>) = 0 [pid 5877] <... mkdir resumed>) = 0 [pid 5877] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5878] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5827] <... openat resumed>) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] getdents64(4, [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] close(4 [pid 5824] <... openat resumed>) = 3 [pid 5827] <... close resumed>) = 0 [pid 5824] newfstatat(3, "", [pid 5827] rmdir("./8/file1") = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] getdents64(3, [pid 5876] <... write resumed>) = 2097152 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5876] munmap(0x7fde7cbdc000, 138412032 [pid 5827] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5824] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./8/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./8" [pid 5876] <... munmap resumed>) = 0 [ 102.338114][ T5878] loop1: detected capacity change from 0 to 4096 [ 102.341371][ T5877] loop2: detected capacity change from 0 to 4096 [ 102.358284][ T5877] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 102.358642][ T5878] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5876] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... rmdir resumed>) = 0 [pid 5876] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5876] close(4 [pid 5827] mkdir("./9", 0777 [pid 5878] <... mount resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 [pid 5878] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5824] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5878] chdir("./file1" [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5878] <... chdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5878] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] <... ioctl resumed>) = 0 [pid 5878] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] close(3 [pid 5824] newfstatat(AT_FDCWD, "./8/file1", [pid 5878] unlink("./file0/file0" [pid 5876] <... close resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5878] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5877] <... mount resumed>) = 0 [pid 5824] newfstatat(4, "", [pid 5877] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 102.444138][ T5878] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5877] <... openat resumed>) = 3 [pid 5824] getdents64(4, [pid 5878] memfd_create("syzkaller", 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5877] chdir("./file1" [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5877] <... chdir resumed>) = 0 [pid 5824] close(4 [pid 5877] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5878] <... memfd_create resumed>) = 4 [pid 5877] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5876] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] <... close resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5878] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5878] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5824] rmdir("./8/file1") = 0 [pid 5877] unlink("./file0/file0" [pid 5876] <... open resumed>) = 4 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5879 [ 102.492356][ T5877] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 102.495698][ T5878] ntfs3(loop1): ino=1b, mi_enum_attr [ 102.495725][ T5878] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 102.532137][ T37] kauditd_printk_skb: 11 callbacks suppressed ./strace-static-x86_64: Process 5879 attached [pid 5877] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5876] exit_group(0 [pid 5824] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5879] set_robust_list(0x55558eab2660, 24 [pid 5876] <... exit_group resumed>) = ? [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] unlink("./8/binderfs" [pid 5879] <... set_robust_list resumed>) = 0 [pid 5824] <... unlink resumed>) = 0 [pid 5879] chdir("./9" [pid 5876] +++ exited with 0 +++ [pid 5824] getdents64(3, [pid 5879] <... chdir resumed>) = 0 [pid 5877] memfd_create("syzkaller", 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5879] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5876, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5824] close(3 [pid 5879] <... prctl resumed>) = 0 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5824] <... close resumed>) = 0 [pid 5879] setpgid(0, 0 [pid 5824] rmdir("./8" [pid 5879] <... setpgid resumed>) = 0 [pid 5877] <... memfd_create resumed>) = 4 [pid 5879] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... rmdir resumed>) = 0 [pid 5824] mkdir("./9", 0777 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5877] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5824] <... mkdir resumed>) = 0 [pid 5879] <... openat resumed>) = 3 [pid 5879] write(3, "1000", 4 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5879] <... write resumed>) = 4 [pid 5879] close(3 [pid 5828] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... openat resumed>) = 3 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5879] <... close resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5879] symlink("/dev/binderfs", "./binderfs" [pid 5824] <... ioctl resumed>) = 0 [pid 5879] <... symlink resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [ 102.532155][ T37] audit: type=1800 audit(1753942233.470:44): pid=5876 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 102.541701][ T5877] ntfs3(loop2): ino=1b, mi_enum_attr [ 102.541732][ T5877] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5824] close(3 [pid 5828] newfstatat(3, "", [pid 5878] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5879] write(1, "executing program\n", 18executing program ) = 18 [pid 5879] memfd_create("syzkaller", 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5877] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5879] <... memfd_create resumed>) = 3 [pid 5879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5877] <... write resumed>) = 2097152 [pid 5877] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5877] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5877] close(4 [pid 5828] <... umount2 resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5828] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./8/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5880 attached [pid 5828] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5879] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5880 [pid 5828] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5880] set_robust_list(0x55558eab2660, 24 [pid 5828] <... openat resumed>) = 4 [pid 5880] <... set_robust_list resumed>) = 0 [pid 5880] chdir("./9") = 0 [pid 5828] newfstatat(4, "", [pid 5880] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5880] <... prctl resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5880] setpgid(0, 0 [pid 5828] getdents64(4, [pid 5880] <... setpgid resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5880] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] close(4 [pid 5880] <... openat resumed>) = 3 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./8/file1" [pid 5880] write(3, "1000", 4 [pid 5828] <... rmdir resumed>) = 0 [pid 5880] <... write resumed>) = 4 [pid 5877] <... close resumed>) = 0 [pid 5828] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5880] close(3) = 0 [pid 5880] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5880] write(1, "executing program\n", 18 [pid 5828] unlink("./8/binderfs" [pid 5880] <... write resumed>) = 18 [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./8" [pid 5878] <... write resumed>) = 2097152 [pid 5828] <... rmdir resumed>) = 0 [pid 5880] memfd_create("syzkaller", 0 [pid 5878] munmap(0x7fde7cbdc000, 138412032 [pid 5880] <... memfd_create resumed>) = 3 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5828] mkdir("./9", 0777 [pid 5877] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... mkdir resumed>) = 0 [pid 5878] <... munmap resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5878] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5828] <... openat resumed>) = 3 [pid 5878] close(4 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3 [pid 5877] <... open resumed>) = 4 [pid 5877] exit_group(0) = ? [pid 5879] <... write resumed>) = 2097152 [pid 5878] <... close resumed>) = 0 [pid 5877] +++ exited with 0 +++ [pid 5880] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5879] munmap(0x7fde7cbdc000, 138412032 [ 102.829479][ T37] audit: type=1800 audit(1753942233.770:45): pid=5877 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [pid 5878] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... close resumed>) = 0 [pid 5879] <... munmap resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5877, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=12 /* 0.12 s */} --- [pid 5878] <... open resumed>) = 4 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5878] exit_group(0./strace-static-x86_64: Process 5881 attached [pid 5879] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5878] <... exit_group resumed>) = ? [pid 5826] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5881] set_robust_list(0x55558eab2660, 24 [pid 5879] <... openat resumed>) = 4 [pid 5878] +++ exited with 0 +++ [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5881] <... set_robust_list resumed>) = 0 [pid 5879] ioctl(4, LOOP_SET_FD, 3 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5881 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5878, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5826] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5881] chdir("./9" [pid 5826] newfstatat(3, "", [pid 5825] umount2("./8", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5880] <... write resumed>) = 2097152 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 102.902813][ T37] audit: type=1800 audit(1753942233.840:46): pid=5878 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [pid 5880] munmap(0x7fde7cbdc000, 138412032 [pid 5826] getdents64(3, [pid 5825] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5881] <... chdir resumed>) = 0 [pid 5879] <... ioctl resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] <... openat resumed>) = 3 [pid 5881] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5880] <... munmap resumed>) = 0 [pid 5879] close(3 [pid 5826] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(3, "", [pid 5881] <... prctl resumed>) = 0 [pid 5879] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5881] setpgid(0, 0 [pid 5879] close(4 [pid 5825] getdents64(3, [pid 5881] <... setpgid resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5879] <... close resumed>) = 0 [pid 5825] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5881] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5879] mkdir("./file1", 0777 [pid 5881] <... openat resumed>) = 3 [pid 5880] <... openat resumed>) = 4 [pid 5881] write(3, "1000", 4) = 4 [pid 5881] close(3) = 0 [pid 5881] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5879] <... mkdir resumed>) = 0 executing program [pid 5881] write(1, "executing program\n", 18 [pid 5880] ioctl(4, LOOP_SET_FD, 3 [pid 5879] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5881] <... write resumed>) = 18 [pid 5881] memfd_create("syzkaller", 0 [pid 5880] <... ioctl resumed>) = 0 [pid 5881] <... memfd_create resumed>) = 3 [pid 5880] close(3 [pid 5826] <... umount2 resumed>) = 0 [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5880] <... close resumed>) = 0 [pid 5881] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5880] close(4) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 5880] mkdir("./file1", 0777) = 0 [pid 5826] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./8/file1", [pid 5880] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./8/file1", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./8/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] openat(AT_FDCWD, "./8/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 4 [pid 5825] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", [pid 5825] newfstatat(4, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [ 102.942609][ T5879] loop3: detected capacity change from 0 to 4096 [ 102.972768][ T5880] loop0: detected capacity change from 0 to 4096 [ 102.979737][ T5879] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5825] getdents64(4, [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, [pid 5825] getdents64(4, [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5825] close(4 [pid 5826] rmdir("./8/file1" [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./8/file1" [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5825] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./8/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5881] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5879] <... mount resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5879] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [ 103.018862][ T5880] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5879] chdir("./file1" [pid 5826] unlink("./8/binderfs" [pid 5879] <... chdir resumed>) = 0 [pid 5879] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... unlink resumed>) = 0 [pid 5879] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] getdents64(3, [pid 5825] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./8/binderfs") = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5826] close(3 [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./8" [pid 5879] unlink("./file0/file0" [pid 5826] <... close resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5826] rmdir("./8" [pid 5825] mkdir("./9", 0777 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5826] mkdir("./9", 0777 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3 [pid 5879] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5879] memfd_create("syzkaller", 0 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5826] close(3 [pid 5825] <... close resumed>) = 0 [ 103.061297][ T5879] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 103.090011][ T5879] ntfs3(loop3): ino=1b, mi_enum_attr [ 103.090038][ T5879] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5881] <... write resumed>) = 2097152 [pid 5879] <... memfd_create resumed>) = 4 [pid 5879] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5881] munmap(0x7fde7cbdc000, 138412032 [pid 5880] <... mount resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5880] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5881] <... munmap resumed>) = 0 [pid 5880] chdir("./file1") = 0 ./strace-static-x86_64: Process 5882 attached [pid 5881] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5881] <... openat resumed>) = 4 [pid 5880] unlink("./file0/file0" [pid 5882] set_robust_list(0x55558eab2660, 24 [pid 5881] ioctl(4, LOOP_SET_FD, 3 [pid 5880] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5882 [pid 5882] <... set_robust_list resumed>) = 0 [pid 5881] <... ioctl resumed>) = 0 [pid 5882] chdir("./9") = 0 [pid 5882] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5881] close(3 [pid 5880] memfd_create("syzkaller", 0 [pid 5882] setpgid(0, 0 [pid 5881] <... close resumed>) = 0 [pid 5880] <... memfd_create resumed>) = 4 [pid 5882] <... setpgid resumed>) = 0 [pid 5881] close(4 [pid 5880] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5882] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5881] <... close resumed>) = 0 [pid 5880] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5882] <... openat resumed>) = 3 [ 103.158255][ T5880] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 103.180728][ T5880] ntfs3(loop0): ino=1b, mi_enum_attr [ 103.180759][ T5880] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 103.199439][ T5881] loop4: detected capacity change from 0 to 4096 [pid 5881] mkdir("./file1", 0777 [pid 5882] write(3, "1000", 4 [pid 5881] <... mkdir resumed>) = 0 [pid 5879] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] <... close resumed>) = 0 [pid 5882] <... write resumed>) = 4 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5882] close(3./strace-static-x86_64: Process 5883 attached ) = 0 [pid 5881] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5879] <... write resumed>) = 2097152 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5883 [pid 5879] munmap(0x7fde7cbdc000, 138412032 [pid 5882] symlink("/dev/binderfs", "./binderfs" [pid 5883] set_robust_list(0x55558eab2660, 24 [pid 5882] <... symlink resumed>) = 0 [pid 5879] <... munmap resumed>) = 0 [pid 5883] <... set_robust_list resumed>) = 0 executing program [pid 5883] chdir("./9" [pid 5882] write(1, "executing program\n", 18 [pid 5879] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5882] <... write resumed>) = 18 [pid 5883] <... chdir resumed>) = 0 [pid 5883] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5883] setpgid(0, 0) = 0 [pid 5883] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5883] write(3, "1000", 4) = 4 [pid 5883] close(3) = 0 [pid 5883] symlink("/dev/binderfs", "./binderfs" [pid 5882] memfd_create("syzkaller", 0 [pid 5880] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5879] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5883] <... symlink resumed>) = 0 [pid 5879] close(4executing program [pid 5883] write(1, "executing program\n", 18 [pid 5882] <... memfd_create resumed>) = 3 [pid 5883] <... write resumed>) = 18 [pid 5882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 103.286971][ T5881] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5883] memfd_create("syzkaller", 0 [pid 5879] <... close resumed>) = 0 [pid 5883] <... memfd_create resumed>) = 3 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5879] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5880] <... write resumed>) = 2097152 [pid 5881] <... mount resumed>) = 0 [pid 5879] <... open resumed>) = 4 [pid 5880] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5879] exit_group(0) = ? [pid 5881] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5880] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5881] chdir("./file1" [pid 5879] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5879, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5881] <... chdir resumed>) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5880] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5881] unlink("./file0/file0" [pid 5880] close(4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 103.366779][ T37] audit: type=1800 audit(1753942234.300:47): pid=5879 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 103.367149][ T5881] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5827] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5881] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... openat resumed>) = 3 [pid 5882] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5883] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5881] memfd_create("syzkaller", 0 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5881] <... memfd_create resumed>) = 4 [pid 5881] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5880] <... close resumed>) = 0 [ 103.420746][ T5881] ntfs3(loop4): ino=1b, mi_enum_attr [ 103.420775][ T5881] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5880] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] <... umount2 resumed>) = 0 [pid 5880] <... open resumed>) = 4 [pid 5882] <... write resumed>) = 2097152 [pid 5827] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5880] exit_group(0 [pid 5827] newfstatat(AT_FDCWD, "./9/file1", [pid 5880] <... exit_group resumed>) = ? [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5882] munmap(0x7fde7cbdc000, 138412032 [pid 5880] +++ exited with 0 +++ [pid 5827] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5882] <... munmap resumed>) = 0 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5880, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=17 /* 0.17 s */} --- [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 4 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] getdents64(4, [pid 5824] newfstatat(3, "", [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4 [pid 5824] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... close resumed>) = 0 [pid 5882] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5881] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] rmdir("./9/file1" [pid 5883] <... write resumed>) = 2097152 [pid 5883] munmap(0x7fde7cbdc000, 138412032 [pid 5882] <... openat resumed>) = 4 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5882] ioctl(4, LOOP_SET_FD, 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./9/binderfs" [pid 5882] <... ioctl resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [ 103.497447][ T37] audit: type=1800 audit(1753942234.430:48): pid=5880 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5883] <... munmap resumed>) = 0 [pid 5827] getdents64(3, [pid 5883] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5883] <... openat resumed>) = 4 [pid 5827] <... close resumed>) = 0 [pid 5882] close(3) = 0 [pid 5882] close(4) = 0 [pid 5827] rmdir("./9" [pid 5882] mkdir("./file1", 0777) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5883] ioctl(4, LOOP_SET_FD, 3 [pid 5882] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5824] <... umount2 resumed>) = 0 [pid 5883] <... ioctl resumed>) = 0 [pid 5827] mkdir("./10", 0777 [pid 5824] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... mkdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./9/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5883] close(3 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5824] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 3 [pid 5883] <... close resumed>) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5883] close(4 [pid 5824] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5883] <... close resumed>) = 0 [pid 5824] <... openat resumed>) = 4 [pid 5824] newfstatat(4, "", [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5883] mkdir("./file1", 0777 [pid 5827] <... ioctl resumed>) = 0 [pid 5883] <... mkdir resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] close(3 [pid 5881] <... write resumed>) = 2097152 [pid 5883] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5824] getdents64(4, [ 103.556109][ T5882] loop1: detected capacity change from 0 to 4096 [ 103.582203][ T5883] loop2: detected capacity change from 0 to 4096 [ 103.586758][ T5882] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5881] munmap(0x7fde7cbdc000, 138412032 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(4) = 0 [pid 5824] rmdir("./9/file1") = 0 [pid 5824] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5827] <... close resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5881] <... munmap resumed>) = 0 [pid 5824] unlink("./9/binderfs") = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5881] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5824] close(3) = 0 [pid 5824] rmdir("./9" [pid 5881] close(4 [pid 5824] <... rmdir resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] mkdir("./10", 0777./strace-static-x86_64: Process 5884 attached [ 103.633626][ T5883] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). ) = 0 [pid 5884] set_robust_list(0x55558eab2660, 24 [pid 5882] <... mount resumed>) = 0 [pid 5881] <... close resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5884 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5884] <... set_robust_list resumed>) = 0 [pid 5884] chdir("./10" [pid 5882] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5884] <... chdir resumed>) = 0 [pid 5882] <... openat resumed>) = 3 [pid 5881] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5884] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5824] <... openat resumed>) = 3 [pid 5884] <... prctl resumed>) = 0 [pid 5882] chdir("./file1" [pid 5824] ioctl(3, LOOP_CLR_FD) = 0 [pid 5884] setpgid(0, 0 [pid 5882] <... chdir resumed>) = 0 [pid 5824] close(3 [pid 5884] <... setpgid resumed>) = 0 [pid 5882] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5881] <... open resumed>) = 4 [pid 5881] exit_group(0 [pid 5884] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5882] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5884] <... openat resumed>) = 3 [pid 5882] unlink("./file0/file0" [pid 5884] write(3, "1000", 4 [pid 5881] <... exit_group resumed>) = ? [pid 5881] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5881, si_uid=0, si_status=0, si_utime=0, si_stime=15 /* 0.15 s */} --- [pid 5884] <... write resumed>) = 4 [pid 5884] close(3 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5884] <... close resumed>) = 0 [pid 5884] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5884] write(1, "executing program\n", 18 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5884] <... write resumed>) = 18 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5884] memfd_create("syzkaller", 0 [pid 5828] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... close resumed>) = 0 [ 103.689084][ T5882] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 103.715288][ T37] audit: type=1800 audit(1753942234.650:49): pid=5881 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [pid 5828] <... openat resumed>) = 3 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5882] <... unlink resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5885 attached [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5882] memfd_create("syzkaller", 0 [pid 5828] getdents64(3, [pid 5885] set_robust_list(0x55558eab2660, 24 [pid 5884] <... memfd_create resumed>) = 3 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5885 [pid 5885] <... set_robust_list resumed>) = 0 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5885] chdir("./10" [pid 5884] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5885] <... chdir resumed>) = 0 [pid 5885] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5882] <... memfd_create resumed>) = 4 [pid 5885] <... prctl resumed>) = 0 [pid 5882] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5885] setpgid(0, 0 [pid 5882] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5885] <... setpgid resumed>) = 0 [pid 5885] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 103.775076][ T5882] ntfs3(loop1): ino=1b, mi_enum_attr [ 103.775105][ T5882] ntfs3(loop1): Mark volume as dirty due to NTFS errors executing program [pid 5885] write(3, "1000", 4) = 4 [pid 5885] close(3) = 0 [pid 5885] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5885] write(1, "executing program\n", 18) = 18 [pid 5882] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5885] memfd_create("syzkaller", 0) = 3 [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5884] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5883] <... mount resumed>) = 0 [pid 5883] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5883] chdir("./file1") = 0 [pid 5883] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5828] <... umount2 resumed>) = 0 [pid 5883] unlink("./file0/file0" [pid 5828] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./9/file1", [pid 5883] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5883] memfd_create("syzkaller", 0 [pid 5828] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5883] <... memfd_create resumed>) = 4 [pid 5828] close(4 [pid 5883] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... close resumed>) = 0 [pid 5883] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] rmdir("./9/file1") = 0 [pid 5828] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5882] <... write resumed>) = 2097152 [pid 5828] unlink("./9/binderfs") = 0 [ 103.888548][ T5883] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 103.902782][ T5883] ntfs3(loop2): ino=1b, mi_enum_attr [ 103.902812][ T5883] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./9") = 0 [pid 5884] <... write resumed>) = 2097152 [pid 5882] munmap(0x7fde7cbdc000, 138412032 [pid 5828] mkdir("./10", 0777 [pid 5885] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5884] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3 [pid 5884] <... munmap resumed>) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5884] ioctl(4, LOOP_SET_FD, 3 [pid 5882] <... munmap resumed>) = 0 [pid 5883] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5882] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5882] close(4 [pid 5885] <... write resumed>) = 2097152 [pid 5885] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5883] <... write resumed>) = 2097152 [pid 5884] <... ioctl resumed>) = 0 [pid 5884] close(3) = 0 [pid 5884] close(4) = 0 [pid 5884] mkdir("./file1", 0777) = 0 [pid 5884] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5885] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5883] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... close resumed>) = 0 [pid 5885] <... openat resumed>) = 4 [pid 5883] <... munmap resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5882] <... close resumed>) = 0 ./strace-static-x86_64: Process 5886 attached [pid 5885] ioctl(4, LOOP_SET_FD, 3 [pid 5883] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5882] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5886] set_robust_list(0x55558eab2660, 24 [pid 5885] <... ioctl resumed>) = 0 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5886 [ 104.045511][ T5884] loop3: detected capacity change from 0 to 4096 [ 104.052617][ T5884] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5886] <... set_robust_list resumed>) = 0 [pid 5883] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5882] <... open resumed>) = 4 [pid 5886] chdir("./10") = 0 [pid 5886] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5886] setpgid(0, 0) = 0 [pid 5886] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5886] write(3, "1000", 4) = 4 [pid 5886] close(3 [pid 5884] <... mount resumed>) = 0 [pid 5886] <... close resumed>) = 0 [pid 5884] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5886] symlink("/dev/binderfs", "./binderfs" [pid 5884] <... openat resumed>) = 3 [pid 5886] <... symlink resumed>) = 0 [pid 5884] chdir("./file1" [pid 5883] close(4 [pid 5884] <... chdir resumed>) = 0 [pid 5884] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5882] exit_group(0executing program [pid 5886] write(1, "executing program\n", 18 [pid 5882] <... exit_group resumed>) = ? [pid 5886] <... write resumed>) = 18 [pid 5885] close(3 [pid 5884] unlink("./file0/file0" [pid 5886] memfd_create("syzkaller", 0 [pid 5885] <... close resumed>) = 0 [pid 5885] close(4) = 0 [ 104.091302][ T5885] loop0: detected capacity change from 0 to 4096 [ 104.095884][ T37] audit: type=1800 audit(1753942235.040:50): pid=5882 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [ 104.113805][ T5884] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5885] mkdir("./file1", 0777 [pid 5884] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5885] <... mkdir resumed>) = 0 [pid 5884] memfd_create("syzkaller", 0 [pid 5886] <... memfd_create resumed>) = 3 [pid 5885] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5884] <... memfd_create resumed>) = 4 [pid 5882] +++ exited with 0 +++ [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5884] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5886] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5882, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [pid 5884] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5883] <... close resumed>) = 0 [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5883] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5825] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 104.138729][ T5884] ntfs3(loop3): ino=1b, mi_enum_attr [ 104.138757][ T5884] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 104.168253][ T5885] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5825] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5883] <... open resumed>) = 4 [pid 5883] exit_group(0) = ? [pid 5885] <... mount resumed>) = 0 [pid 5885] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5883] +++ exited with 0 +++ [pid 5886] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5885] <... openat resumed>) = 3 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5883, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=14 /* 0.14 s */} --- [pid 5884] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5885] chdir("./file1" [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5885] <... chdir resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5885] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 104.177825][ T37] audit: type=1800 audit(1753942235.110:51): pid=5883 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [ 104.226614][ T5885] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5885] unlink("./file0/file0" [pid 5826] umount2("./9", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", [pid 5825] <... umount2 resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5885] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5826] getdents64(3, [pid 5825] newfstatat(AT_FDCWD, "./9/file1", [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5885] memfd_create("syzkaller", 0 [pid 5826] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5885] <... memfd_create resumed>) = 4 [pid 5825] getdents64(4, [pid 5885] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5885] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] close(4) = 0 [pid 5825] rmdir("./9/file1" [pid 5884] <... write resumed>) = 2097152 [pid 5825] <... rmdir resumed>) = 0 [pid 5884] munmap(0x7fde7cbdc000, 138412032 [pid 5825] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 104.266792][ T5885] ntfs3(loop0): ino=1b, mi_enum_attr [ 104.266821][ T5885] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5826] <... umount2 resumed>) = 0 [pid 5886] <... write resumed>) = 2097152 [pid 5825] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5884] <... munmap resumed>) = 0 [pid 5826] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./9/binderfs" [pid 5886] munmap(0x7fde7cbdc000, 138412032 [pid 5884] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... unlink resumed>) = 0 [pid 5884] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] newfstatat(AT_FDCWD, "./9/file1", [pid 5825] getdents64(3, [pid 5884] close(4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] umount2("./9/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] close(3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... close resumed>) = 0 [pid 5886] <... munmap resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./9/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] rmdir("./9" [pid 5826] <... openat resumed>) = 4 [pid 5885] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... rmdir resumed>) = 0 [pid 5826] newfstatat(4, "", [pid 5825] mkdir("./10", 0777 [pid 5886] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5886] <... openat resumed>) = 4 [pid 5826] getdents64(4, [pid 5886] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5886] <... ioctl resumed>) = 0 [pid 5826] getdents64(4, [pid 5825] <... openat resumed>) = 3 [pid 5884] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5886] close(3 [pid 5884] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5886] <... close resumed>) = 0 [pid 5886] close(4 [pid 5825] <... ioctl resumed>) = 0 [pid 5826] close(4 [pid 5825] close(3 [pid 5886] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./9/file1" [pid 5886] mkdir("./file1", 0777 [pid 5826] <... rmdir resumed>) = 0 [pid 5886] <... mkdir resumed>) = 0 [pid 5826] umount2("./9/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5886] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] unlink("./9/binderfs") = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./9") = 0 [pid 5826] mkdir("./10", 0777) = 0 [pid 5884] <... open resumed>) = 4 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [ 104.386248][ T5886] loop4: detected capacity change from 0 to 4096 [ 104.425910][ T5886] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5826] close(3 [pid 5884] exit_group(0) = ? [pid 5884] +++ exited with 0 +++ [pid 5825] <... close resumed>) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5884, si_uid=0, si_status=0, si_utime=7 /* 0.07 s */, si_stime=9 /* 0.09 s */} --- [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5887 attached [pid 5826] <... close resumed>) = 0 [pid 5827] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5887] set_robust_list(0x55558eab2660, 24 [pid 5827] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5887] <... set_robust_list resumed>) = 0 [ 104.448767][ T37] audit: type=1800 audit(1753942235.390:52): pid=5884 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [pid 5887] chdir("./10" [pid 5827] <... openat resumed>) = 3 [pid 5887] <... chdir resumed>) = 0 [pid 5827] newfstatat(3, "", [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5887] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5885] <... write resumed>) = 2097152 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5887 [pid 5887] <... prctl resumed>) = 0 [pid 5885] munmap(0x7fde7cbdc000, 138412032 [pid 5827] getdents64(3, ./strace-static-x86_64: Process 5888 attached [pid 5887] setpgid(0, 0 [pid 5886] <... mount resumed>) = 0 [pid 5888] set_robust_list(0x55558eab2660, 24 [pid 5887] <... setpgid resumed>) = 0 [pid 5886] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5888 [pid 5887] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5885] <... munmap resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5888] <... set_robust_list resumed>) = 0 [pid 5887] <... openat resumed>) = 3 [pid 5886] <... openat resumed>) = 3 [pid 5887] write(3, "1000", 4 [pid 5885] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5887] <... write resumed>) = 4 [pid 5888] chdir("./10" [pid 5887] close(3 [pid 5885] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5887] <... close resumed>) = 0 [pid 5885] close(4 [pid 5887] symlink("/dev/binderfs", "./binderfs"executing program [pid 5888] <... chdir resumed>) = 0 [pid 5887] <... symlink resumed>) = 0 [pid 5886] chdir("./file1" [pid 5888] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5887] write(1, "executing program\n", 18 [pid 5886] <... chdir resumed>) = 0 [pid 5887] <... write resumed>) = 18 [pid 5888] <... prctl resumed>) = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5888] setpgid(0, 0 [pid 5886] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5888] <... setpgid resumed>) = 0 [pid 5887] memfd_create("syzkaller", 0 [pid 5886] unlink("./file0/file0" [pid 5888] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5887] <... memfd_create resumed>) = 3 [pid 5887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5888] <... openat resumed>) = 3 [pid 5887] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5888] write(3, "1000", 4) = 4 [pid 5888] close(3) = 0 [pid 5888] symlink("/dev/binderfs", "./binderfs") = 0 [ 104.533527][ T5886] ntfs3(loop4): Failed to initialize $Extend/$Reparse. executing program [pid 5888] write(1, "executing program\n", 18 [pid 5886] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5888] <... write resumed>) = 18 [pid 5888] memfd_create("syzkaller", 0 [pid 5886] memfd_create("syzkaller", 0 [pid 5885] <... close resumed>) = 0 [pid 5887] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5885] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5888] <... memfd_create resumed>) = 3 [pid 5886] <... memfd_create resumed>) = 4 [pid 5888] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 104.583241][ T5886] ntfs3(loop4): ino=1b, mi_enum_attr [ 104.583270][ T5886] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5886] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5888] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5886] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] <... umount2 resumed>) = 0 [pid 5885] <... open resumed>) = 4 [pid 5885] exit_group(0) = ? [pid 5827] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5887] <... write resumed>) = 2097152 [pid 5885] +++ exited with 0 +++ [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5887] munmap(0x7fde7cbdc000, 138412032 [pid 5827] newfstatat(AT_FDCWD, "./10/file1", [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5885, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=11 /* 0.11 s */} --- [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... openat resumed>) = 4 [pid 5824] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5887] <... munmap resumed>) = 0 [pid 5827] newfstatat(4, "", [pid 5824] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] newfstatat(3, "", [pid 5827] getdents64(4, [pid 5887] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5887] <... openat resumed>) = 4 [pid 5827] getdents64(4, [pid 5824] getdents64(3, [pid 5887] ioctl(4, LOOP_SET_FD, 3 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] close(4 [pid 5824] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... close resumed>) = 0 [ 104.647727][ T37] audit: type=1800 audit(1753942235.580:53): pid=5885 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5827] rmdir("./10/file1") = 0 [pid 5827] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./10/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3 [pid 5887] <... ioctl resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5887] close(3 [pid 5827] rmdir("./10" [pid 5887] <... close resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [ 104.704012][ T5887] loop1: detected capacity change from 0 to 4096 [pid 5887] close(4) = 0 [pid 5827] mkdir("./11", 0777 [pid 5887] mkdir("./file1", 0777) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 [pid 5887] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5824] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5824] newfstatat(AT_FDCWD, "./10/file1", [pid 5827] <... ioctl resumed>) = 0 [pid 5827] close(3 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5886] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... close resumed>) = 0 [pid 5824] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5889 attached [pid 5889] set_robust_list(0x55558eab2660, 24 [pid 5824] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5889] <... set_robust_list resumed>) = 0 [pid 5889] chdir("./11" [pid 5824] <... openat resumed>) = 4 [pid 5889] <... chdir resumed>) = 0 [pid 5824] newfstatat(4, "", [pid 5889] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5888] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5889 [pid 5889] <... prctl resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5889] setpgid(0, 0) = 0 [pid 5824] getdents64(4, [pid 5889] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5889] <... openat resumed>) = 3 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5889] write(3, "1000", 4 [ 104.777859][ T5887] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5824] close(4 [pid 5889] <... write resumed>) = 4 [pid 5824] <... close resumed>) = 0 [pid 5889] close(3 [pid 5824] rmdir("./10/file1" [pid 5889] <... close resumed>) = 0 [pid 5888] <... write resumed>) = 2097152 [pid 5824] <... rmdir resumed>) = 0 [pid 5888] munmap(0x7fde7cbdc000, 138412032 [pid 5889] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5824] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 executing program [pid 5889] write(1, "executing program\n", 18 [pid 5888] <... munmap resumed>) = 0 [pid 5824] unlink("./10/binderfs" [pid 5889] <... write resumed>) = 18 [pid 5889] memfd_create("syzkaller", 0 [pid 5888] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] <... unlink resumed>) = 0 [pid 5888] <... openat resumed>) = 4 [pid 5888] ioctl(4, LOOP_SET_FD, 3 [pid 5824] getdents64(3, [pid 5888] <... ioctl resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5888] close(3) = 0 [pid 5824] close(3 [pid 5889] <... memfd_create resumed>) = 3 [pid 5824] <... close resumed>) = 0 [pid 5888] close(4 [pid 5824] rmdir("./10" [pid 5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5889] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5824] mkdir("./11", 0777 [pid 5888] <... close resumed>) = 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5888] mkdir("./file1", 0777) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5888] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5824] <... openat resumed>) = 3 [pid 5887] <... mount resumed>) = 0 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5887] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5824] <... ioctl resumed>) = 0 [pid 5887] <... openat resumed>) = 3 [pid 5824] close(3 [pid 5887] chdir("./file1") = 0 [pid 5887] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [ 104.879451][ T5888] loop2: detected capacity change from 0 to 4096 [ 104.901283][ T5888] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 104.901562][ T5887] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5887] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5886] <... write resumed>) = 2097152 [pid 5887] memfd_create("syzkaller", 0) = 4 [ 104.934488][ T5887] ntfs3(loop1): ino=1b, mi_enum_attr [ 104.934516][ T5887] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5887] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5889] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5888] <... mount resumed>) = 0 [pid 5887] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5886] munmap(0x7fde7cbdc000, 138412032 [pid 5824] <... close resumed>) = 0 [pid 5888] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5890 attached [pid 5888] chdir("./file1") = 0 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5890 [pid 5888] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5890] set_robust_list(0x55558eab2660, 24 [pid 5888] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5890] <... set_robust_list resumed>) = 0 [pid 5888] unlink("./file0/file0" [pid 5890] chdir("./11" [pid 5888] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5886] <... munmap resumed>) = 0 [pid 5890] <... chdir resumed>) = 0 [ 105.009782][ T5888] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5890] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5886] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5890] setpgid(0, 0 [pid 5888] memfd_create("syzkaller", 0 [pid 5886] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5887] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5890] <... setpgid resumed>) = 0 [pid 5890] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5886] close(4 [pid 5888] <... memfd_create resumed>) = 4 [pid 5890] <... openat resumed>) = 3 [pid 5888] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5890] write(3, "1000", 4) = 4 [pid 5890] close(3) = 0 [pid 5890] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5890] write(1, "executing program\n", 18) = 18 [ 105.080430][ T5888] ntfs3(loop2): ino=1b, mi_enum_attr [ 105.080458][ T5888] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5890] memfd_create("syzkaller", 0) = 3 [pid 5887] <... write resumed>) = 2097152 [pid 5887] munmap(0x7fde7cbdc000, 138412032 [pid 5890] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5888] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5887] <... munmap resumed>) = 0 [pid 5887] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5886] <... close resumed>) = 0 [pid 5887] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5886] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5890] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5887] close(4 [pid 5889] <... write resumed>) = 2097152 [pid 5886] <... open resumed>) = 4 [pid 5886] exit_group(0) = ? [pid 5886] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5886, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5889] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5889] <... munmap resumed>) = 0 [pid 5889] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5888] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5887] <... close resumed>) = 0 [pid 5889] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5889] close(3) = 0 [pid 5887] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5889] close(4 [pid 5890] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5889] <... close resumed>) = 0 [pid 5887] <... open resumed>) = 4 [pid 5889] mkdir("./file1", 0777) = 0 [pid 5889] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5887] exit_group(0) = ? [pid 5888] <... write resumed>) = 2097152 [pid 5887] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5887, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=12 /* 0.12 s */} --- [ 105.251216][ T5889] loop3: detected capacity change from 0 to 4096 [ 105.282770][ T5889] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5888] munmap(0x7fde7cbdc000, 138412032 [pid 5825] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5888] <... munmap resumed>) = 0 [pid 5888] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] <... umount2 resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5888] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5888] close(4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... openat resumed>) = 3 [pid 5825] newfstatat(3, "", [pid 5828] newfstatat(AT_FDCWD, "./10/file1", [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] getdents64(3, [pid 5828] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5888] <... close resumed>) = 0 [pid 5888] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5888] exit_group(0) = ? [pid 5888] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5888, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5889] <... mount resumed>) = 0 [pid 5889] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5826] umount2("./10", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = 0 [pid 5890] <... write resumed>) = 2097152 [pid 5889] <... openat resumed>) = 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5890] munmap(0x7fde7cbdc000, 138412032 [pid 5826] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 3 [pid 5825] newfstatat(AT_FDCWD, "./10/file1", [pid 5826] newfstatat(3, "", [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5889] chdir("./file1" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5889] <... chdir resumed>) = 0 [pid 5826] getdents64(3, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5889] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5889] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] <... openat resumed>) = 4 [pid 5828] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5889] unlink("./file0/file0" [pid 5828] close(4 [pid 5826] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] <... close resumed>) = 0 [pid 5825] getdents64(4, [pid 5828] rmdir("./10/file1" [pid 5890] <... munmap resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5890] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] <... rmdir resumed>) = 0 [pid 5825] close(4 [pid 5890] <... openat resumed>) = 4 [pid 5828] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5890] ioctl(4, LOOP_SET_FD, 3 [pid 5828] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5825] rmdir("./10/file1" [pid 5890] <... ioctl resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... rmdir resumed>) = 0 [ 105.422378][ T5889] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5890] close(3) = 0 [pid 5825] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5890] close(4 [pid 5889] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5890] <... close resumed>) = 0 [pid 5889] memfd_create("syzkaller", 0 [pid 5825] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5890] mkdir("./file1", 0777 [pid 5825] unlink("./10/binderfs" [pid 5890] <... mkdir resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5889] <... memfd_create resumed>) = 4 [pid 5890] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5889] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5825] rmdir("./10") = 0 [pid 5825] mkdir("./11", 0777 [pid 5828] unlink("./10/binderfs" [pid 5825] <... mkdir resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] rmdir("./10" [pid 5825] <... openat resumed>) = 3 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] mkdir("./11", 0777) = 0 [pid 5825] close(3 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [ 105.476700][ T5890] loop0: detected capacity change from 0 to 4096 [ 105.479737][ T5889] ntfs3(loop3): ino=1b, mi_enum_attr [ 105.479766][ T5889] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 105.497764][ T5890] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5828] close(3 [pid 5826] <... umount2 resumed>) = 0 [pid 5889] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./10/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./10/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./10/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5890] <... mount resumed>) = 0 [pid 5826] close(4 [pid 5890] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./10/file1" [pid 5890] chdir("./file1" [pid 5826] <... rmdir resumed>) = 0 [pid 5890] <... chdir resumed>) = 0 [pid 5890] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] umount2("./10/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5890] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... close resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5826] unlink("./10/binderfs") = 0 [pid 5826] getdents64(3, [pid 5890] unlink("./file0/file0" [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3 [pid 5890] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5890] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5891 attached [pid 5826] rmdir("./10"./strace-static-x86_64: Process 5892 attached [pid 5890] <... memfd_create resumed>) = 4 [pid 5890] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5891] set_robust_list(0x55558eab2660, 24 [pid 5890] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5891 [pid 5892] set_robust_list(0x55558eab2660, 24 [pid 5891] <... set_robust_list resumed>) = 0 [pid 5892] <... set_robust_list resumed>) = 0 [pid 5891] chdir("./11" [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5892 [pid 5892] chdir("./11" [pid 5889] <... write resumed>) = 2097152 [pid 5889] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5892] <... chdir resumed>) = 0 [pid 5891] <... chdir resumed>) = 0 [pid 5892] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5891] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5892] <... prctl resumed>) = 0 [pid 5891] <... prctl resumed>) = 0 [pid 5892] setpgid(0, 0 [pid 5891] setpgid(0, 0 [pid 5889] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] mkdir("./11", 0777 [pid 5892] <... setpgid resumed>) = 0 [pid 5891] <... setpgid resumed>) = 0 [pid 5889] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... mkdir resumed>) = 0 [pid 5889] close(4 [pid 5892] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5891] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5892] <... openat resumed>) = 3 [pid 5891] <... openat resumed>) = 3 [pid 5892] write(3, "1000", 4 [pid 5826] <... openat resumed>) = 3 [pid 5892] <... write resumed>) = 4 [pid 5891] write(3, "1000", 4 [pid 5892] close(3 [pid 5891] <... write resumed>) = 4 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5892] <... close resumed>) = 0 [ 105.638660][ T5890] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 105.657480][ T5890] ntfs3(loop0): ino=1b, mi_enum_attr [ 105.658226][ T5890] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5891] close(3 [pid 5826] <... ioctl resumed>) = 0 [pid 5892] symlink("/dev/binderfs", "./binderfs" [pid 5891] <... close resumed>) = 0 [pid 5892] <... symlink resumed>) = 0 [pid 5891] symlink("/dev/binderfs", "./binderfs" [pid 5826] close(3 [pid 5890] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152executing program [pid 5892] write(1, "executing program\n", 18 [pid 5891] <... symlink resumed>) = 0 executing program [pid 5892] <... write resumed>) = 18 [pid 5891] write(1, "executing program\n", 18 [pid 5889] <... close resumed>) = 0 [pid 5889] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5891] <... write resumed>) = 18 [pid 5892] memfd_create("syzkaller", 0 [pid 5891] memfd_create("syzkaller", 0 [pid 5890] <... write resumed>) = 2097152 [pid 5889] <... open resumed>) = 4 [pid 5826] <... close resumed>) = 0 [pid 5889] exit_group(0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5890] munmap(0x7fde7cbdc000, 138412032 [pid 5892] <... memfd_create resumed>) = 3 [pid 5892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5891] <... memfd_create resumed>) = 3 [pid 5892] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5893 attached ) = 0x7fde7cbdc000 [pid 5890] <... munmap resumed>) = 0 [pid 5889] <... exit_group resumed>) = ? [pid 5893] set_robust_list(0x55558eab2660, 24 [pid 5890] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5889] +++ exited with 0 +++ [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5893 [pid 5893] <... set_robust_list resumed>) = 0 [pid 5893] chdir("./11" [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5889, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5890] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5893] <... chdir resumed>) = 0 [pid 5893] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5893] setpgid(0, 0 [pid 5890] close(4 [pid 5827] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5893] <... setpgid resumed>) = 0 [pid 5893] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5893] write(3, "1000", 4) = 4 [pid 5893] close(3) = 0 [pid 5891] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5890] <... close resumed>) = 0 [pid 5893] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5893] write(1, "executing program\n", 18) = 18 [pid 5890] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5892] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5893] memfd_create("syzkaller", 0) = 3 [pid 5890] <... open resumed>) = 4 [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] newfstatat(AT_FDCWD, "./11/file1", [pid 5893] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5890] exit_group(0 [pid 5827] getdents64(4, [pid 5890] <... exit_group resumed>) = ? [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./11/file1") = 0 [pid 5827] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5890] +++ exited with 0 +++ [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5890, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5827] unlink("./11/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./11") = 0 [pid 5827] mkdir("./12", 0777) = 0 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5824] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5824] <... openat resumed>) = 3 [pid 5893] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5892] <... write resumed>) = 2097152 [pid 5827] <... ioctl resumed>) = 0 [pid 5824] newfstatat(3, "", [pid 5827] close(3 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5891] <... write resumed>) = 2097152 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5892] munmap(0x7fde7cbdc000, 138412032 [pid 5824] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5892] <... munmap resumed>) = 0 [pid 5891] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5892] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5891] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5892] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5891] <... openat resumed>) = 4 [pid 5892] close(3) = 0 [pid 5891] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5892] close(4) = 0 [pid 5891] close(3 [pid 5892] mkdir("./file1", 0777 [pid 5891] <... close resumed>) = 0 [pid 5892] <... mkdir resumed>) = 0 [pid 5891] close(4 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5894 attached [pid 5891] <... close resumed>) = 0 [pid 5894] set_robust_list(0x55558eab2660, 24 [pid 5891] mkdir("./file1", 0777 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5894 [pid 5894] <... set_robust_list resumed>) = 0 [pid 5892] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5894] chdir("./12" [pid 5891] <... mkdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 [pid 5824] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5891] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5894] <... chdir resumed>) = 0 [pid 5824] newfstatat(AT_FDCWD, "./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 106.038691][ T5892] loop4: detected capacity change from 0 to 4096 [ 106.043123][ T5891] loop1: detected capacity change from 0 to 4096 [ 106.076342][ T5892] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5894] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5824] <... openat resumed>) = 4 [pid 5824] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5894] <... prctl resumed>) = 0 [pid 5824] getdents64(4, [pid 5894] setpgid(0, 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5894] <... setpgid resumed>) = 0 [pid 5824] close(4 [pid 5894] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... close resumed>) = 0 [pid 5894] <... openat resumed>) = 3 [pid 5824] rmdir("./11/file1" [pid 5894] write(3, "1000", 4 [pid 5824] <... rmdir resumed>) = 0 [pid 5894] <... write resumed>) = 4 [pid 5824] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5894] close(3 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5894] <... close resumed>) = 0 [pid 5824] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5894] symlink("/dev/binderfs", "./binderfs" [pid 5893] <... write resumed>) = 2097152 [pid 5824] unlink("./11/binderfs" [pid 5894] <... symlink resumed>) = 0 [pid 5824] <... unlink resumed>) = 0 [pid 5893] munmap(0x7fde7cbdc000, 138412032 [pid 5824] getdents64(3, [pid 5894] write(1, "executing program\n", 18executing program [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5894] <... write resumed>) = 18 [pid 5824] close(3 [pid 5894] memfd_create("syzkaller", 0 [pid 5893] <... munmap resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5824] rmdir("./11") = 0 [pid 5894] <... memfd_create resumed>) = 3 [pid 5824] mkdir("./12", 0777 [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... mkdir resumed>) = 0 [ 106.089488][ T5891] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5894] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5893] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5893] <... openat resumed>) = 4 [pid 5893] ioctl(4, LOOP_SET_FD, 3 [pid 5824] <... openat resumed>) = 3 [pid 5893] <... ioctl resumed>) = 0 [pid 5892] <... mount resumed>) = 0 [pid 5824] ioctl(3, LOOP_CLR_FD) = 0 [pid 5824] close(3) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5895 attached [pid 5893] close(3 [pid 5895] set_robust_list(0x55558eab2660, 24 [pid 5893] <... close resumed>) = 0 [pid 5892] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5895 [pid 5895] <... set_robust_list resumed>) = 0 [pid 5893] close(4 [pid 5892] <... openat resumed>) = 3 [pid 5895] chdir("./12" [pid 5893] <... close resumed>) = 0 [pid 5892] chdir("./file1" [pid 5895] <... chdir resumed>) = 0 [pid 5894] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5893] mkdir("./file1", 0777 [pid 5892] <... chdir resumed>) = 0 [pid 5893] <... mkdir resumed>) = 0 [pid 5892] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5895] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5892] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5895] <... prctl resumed>) = 0 [pid 5892] unlink("./file0/file0" [pid 5891] <... mount resumed>) = 0 [pid 5895] setpgid(0, 0 [pid 5891] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5895] <... setpgid resumed>) = 0 [pid 5893] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5892] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5891] <... openat resumed>) = 3 [pid 5895] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 106.168622][ T5893] loop2: detected capacity change from 0 to 4096 [ 106.174222][ T5892] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 106.210148][ T5891] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5891] chdir("./file1" [pid 5892] memfd_create("syzkaller", 0 [pid 5895] write(3, "1000", 4 [pid 5891] <... chdir resumed>) = 0 [pid 5895] <... write resumed>) = 4 [pid 5891] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5895] close(3) = 0 [pid 5895] symlink("/dev/binderfs", "./binderfs" [pid 5892] <... memfd_create resumed>) = 4 [pid 5895] <... symlink resumed>) = 0 executing program [pid 5895] write(1, "executing program\n", 18 [pid 5892] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5895] <... write resumed>) = 18 [pid 5892] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5895] memfd_create("syzkaller", 0) = 3 [pid 5894] <... write resumed>) = 2097152 [pid 5895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5894] munmap(0x7fde7cbdc000, 138412032 [pid 5891] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5895] <... mmap resumed>) = 0x7fde7cbdc000 [ 106.213081][ T5892] ntfs3(loop4): ino=1b, mi_enum_attr [ 106.213108][ T5892] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 106.217254][ T5893] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [pid 5891] unlink("./file0/file0" [pid 5894] <... munmap resumed>) = 0 [pid 5892] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5894] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5891] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5894] <... openat resumed>) = 4 [pid 5894] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5891] memfd_create("syzkaller", 0 [pid 5894] close(3) = 0 [ 106.289294][ T5891] ntfs3(loop1): ino=1b, mi_enum_attr [ 106.289325][ T5891] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 106.315739][ T5894] loop3: detected capacity change from 0 to 4096 [pid 5894] close(4 [pid 5891] <... memfd_create resumed>) = 4 [pid 5894] <... close resumed>) = 0 [pid 5893] <... mount resumed>) = 0 [pid 5891] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5895] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5891] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5894] mkdir("./file1", 0777 [pid 5893] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5894] <... mkdir resumed>) = 0 [pid 5893] <... openat resumed>) = 3 [pid 5894] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5893] chdir("./file1") = 0 [pid 5893] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [ 106.341218][ T5893] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 106.380967][ T5894] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5893] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5893] memfd_create("syzkaller", 0 [pid 5892] <... write resumed>) = 2097152 [pid 5893] <... memfd_create resumed>) = 4 [pid 5892] munmap(0x7fde7cbdc000, 138412032 [pid 5895] <... write resumed>) = 2097152 [pid 5893] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5892] <... munmap resumed>) = 0 [pid 5895] munmap(0x7fde7cbdc000, 138412032 [pid 5893] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5895] <... munmap resumed>) = 0 [ 106.390519][ T5893] ntfs3(loop2): ino=1b, mi_enum_attr [ 106.390548][ T5893] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5892] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5895] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5892] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5892] close(4 [pid 5895] <... openat resumed>) = 4 [pid 5895] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5895] ioctl(4, LOOP_CLR_FD) = 0 [pid 5895] ioctl(4, LOOP_SET_FD, 3) = -1 EBUSY (Device or resource busy) [pid 5895] close(4) = 0 [pid 5895] close(3 [pid 5891] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5892] <... close resumed>) = 0 [pid 5895] <... close resumed>) = 0 [pid 5895] unlink("./file0/file0") = -1 ENOENT (No such file or directory) [pid 5892] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5895] memfd_create("syzkaller", 0) = 3 [pid 5895] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5892] <... open resumed>) = 4 [pid 5892] exit_group(0 [pid 5894] <... mount resumed>) = 0 [pid 5892] <... exit_group resumed>) = ? [pid 5894] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5894] chdir("./file1") = 0 [pid 5894] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5893] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5892] +++ exited with 0 +++ [pid 5891] <... write resumed>) = 2097152 [pid 5894] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5892, si_uid=0, si_status=0, si_utime=0, si_stime=12 /* 0.12 s */} --- [pid 5894] unlink("./file0/file0" [pid 5828] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5895] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5891] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... openat resumed>) = 3 [ 106.568091][ T5894] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5894] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5891] <... munmap resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5894] memfd_create("syzkaller", 0 [pid 5828] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5894] <... memfd_create resumed>) = 4 [pid 5891] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5894] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5891] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5891] close(4 [pid 5894] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5891] <... close resumed>) = 0 [ 106.662319][ T5894] ntfs3(loop3): ino=1b, mi_enum_attr [ 106.662350][ T5894] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5891] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5891] exit_group(0) = ? [pid 5891] +++ exited with 0 +++ [pid 5828] <... umount2 resumed>) = 0 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5891, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=13 /* 0.13 s */} --- [pid 5825] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(AT_FDCWD, "./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5828] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5893] <... write resumed>) = 2097152 [pid 5825] newfstatat(3, "", [pid 5893] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5893] <... munmap resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5893] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5828] <... openat resumed>) = 4 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5893] close(4 [pid 5828] newfstatat(4, "", [pid 5825] getdents64(3, [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] getdents64(4, [pid 5825] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./11/file1" [pid 5895] <... write resumed>) = 2097152 [pid 5828] <... rmdir resumed>) = 0 [pid 5828] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5894] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5895] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./11/binderfs") = 0 [pid 5828] getdents64(3, [pid 5893] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./11") = 0 [pid 5895] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5893] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5895] <... openat resumed>) = 4 [pid 5828] mkdir("./12", 0777 [pid 5825] <... umount2 resumed>) = 0 [pid 5895] ioctl(4, LOOP_SET_FD, 3 [pid 5828] <... mkdir resumed>) = 0 [pid 5895] <... ioctl resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5895] close(3 [pid 5828] <... openat resumed>) = 3 [pid 5895] <... close resumed>) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5895] close(4 [pid 5828] <... ioctl resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5895] <... close resumed>) = 0 [pid 5828] close(3 [pid 5825] newfstatat(AT_FDCWD, "./11/file1", [pid 5895] mkdir("./file1", 0777 [pid 5828] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5893] <... open resumed>) = 4 [pid 5895] <... mkdir resumed>) = 0 [pid 5893] exit_group(0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5893] <... exit_group resumed>) = ? [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5896 attached [pid 5893] +++ exited with 0 +++ [pid 5825] <... openat resumed>) = 4 [pid 5895] mount("/dev/loop0", "./file1", "ntfs3", MS_NOSUID|MS_DIRSYNC, "showmeta," [pid 5825] newfstatat(4, "", [pid 5896] set_robust_list(0x55558eab2660, 24 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5896 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5893, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5896] <... set_robust_list resumed>) = 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5825] getdents64(4, [pid 5896] chdir("./12" [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5896] <... chdir resumed>) = 0 [pid 5825] getdents64(4, [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5896] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] close(4 [pid 5896] <... prctl resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5896] setpgid(0, 0 [pid 5826] umount2("./11", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] rmdir("./11/file1" [pid 5896] <... setpgid resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... rmdir resumed>) = 0 [pid 5896] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5896] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 3 [pid 5825] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(3, "", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5896] write(3, "1000", 4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5826] getdents64(3, [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] unlink("./11/binderfs" [pid 5896] <... write resumed>) = 4 [pid 5826] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... unlink resumed>) = 0 [pid 5896] close(3 [pid 5825] getdents64(3, [pid 5896] <... close resumed>) = 0 [pid 5896] symlink("/dev/binderfs", "./binderfs" [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5896] <... symlink resumed>) = 0 [pid 5825] close(3 [pid 5896] write(1, "executing program\n", 18executing program [pid 5825] <... close resumed>) = 0 [pid 5896] <... write resumed>) = 18 [pid 5825] rmdir("./11") = 0 [pid 5896] memfd_create("syzkaller", 0 [ 106.872210][ T5895] loop0: detected capacity change from 0 to 4096 [ 106.899982][ T5895] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [pid 5825] mkdir("./12", 0777) = 0 [pid 5896] <... memfd_create resumed>) = 3 [pid 5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5896] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] <... openat resumed>) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5894] <... write resumed>) = 2097152 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5897 [pid 5895] <... mount resumed>) = 0 [pid 5894] munmap(0x7fde7cbdc000, 138412032) = 0 ./strace-static-x86_64: Process 5897 attached [pid 5895] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5826] <... umount2 resumed>) = 0 [pid 5895] <... openat resumed>) = 3 [pid 5895] chdir("./file1") = 0 [pid 5895] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./11/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5895] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] umount2("./11/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5897] set_robust_list(0x55558eab2660, 24 [pid 5895] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5897] <... set_robust_list resumed>) = 0 [pid 5894] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] openat(AT_FDCWD, "./11/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5897] chdir("./12" [pid 5894] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5897] <... chdir resumed>) = 0 [pid 5894] close(4 [pid 5826] <... openat resumed>) = 4 [pid 5826] newfstatat(4, "", [pid 5897] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5897] <... prctl resumed>) = 0 [pid 5826] getdents64(4, [pid 5897] setpgid(0, 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5897] <... setpgid resumed>) = 0 [pid 5826] getdents64(4, [pid 5897] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5897] <... openat resumed>) = 3 [pid 5895] <... open resumed>) = -1 EINVAL (Invalid argument) [pid 5897] write(3, "1000", 4 [pid 5826] close(4) = 0 [pid 5826] rmdir("./11/file1") = 0 [pid 5826] umount2("./11/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./11/binderfs") = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5897] <... write resumed>) = 4 [pid 5826] close(3 [pid 5897] close(3 [pid 5826] <... close resumed>) = 0 [pid 5897] <... close resumed>) = 0 [pid 5826] rmdir("./11" [pid 5897] symlink("/dev/binderfs", "./binderfs" [pid 5826] <... rmdir resumed>) = 0 [pid 5897] <... symlink resumed>) = 0 [pid 5896] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] mkdir("./12", 0777 [pid 5897] write(1, "executing program\n", 18 [pid 5895] exit_group(0 [pid 5826] <... mkdir resumed>) = 0 executing program [pid 5897] <... write resumed>) = 18 [pid 5895] <... exit_group resumed>) = ? [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5897] memfd_create("syzkaller", 0 [pid 5895] +++ exited with 0 +++ [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5895, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=14 /* 0.14 s */} --- [pid 5826] close(3 [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5897] <... memfd_create resumed>) = 3 [pid 5826] <... close resumed>) = 0 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5897] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5898 attached ) = 0x7fde7cbdc000 [pid 5824] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5898 [ 107.024142][ T5895] [ 107.024153][ T5895] ====================================================== [ 107.024160][ T5895] WARNING: possible circular locking dependency detected [ 107.024175][ T5895] 6.16.0-syzkaller-06699-ge8d780dcd957 #0 Tainted: G W [ 107.024185][ T5895] ------------------------------------------------------ [ 107.024190][ T5895] syz-executor103/5895 is trying to acquire lock: [ 107.024199][ T5895] ffff888044bfa250 (&wnd->rw_lock){++++}-{4:4}, at: ntfs_look_for_free_space+0xd3/0x600 [ 107.024244][ T5895] [pid 5824] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5898] set_robust_list(0x55558eab2660, 24 [pid 5824] <... openat resumed>) = 3 [pid 5898] <... set_robust_list resumed>) = 0 [pid 5824] newfstatat(3, "", [pid 5898] chdir("./12" [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, [pid 5898] <... chdir resumed>) = 0 [pid 5898] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5898] setpgid(0, 0) = 0 [pid 5898] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5898] write(3, "1000", 4) = 4 [pid 5898] close(3) = 0 [pid 5898] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5898] write(1, "executing program\n", 18) = 18 [ 107.024244][ T5895] but task is already holding lock: [ 107.024249][ T5895] ffff8880416f75d0 (&ni->file.run_lock#2){++++}-{4:4}, at: ntfs_extend_mft+0x13d/0x450 [ 107.024286][ T5895] [ 107.024286][ T5895] which lock already depends on the new lock. [ 107.024286][ T5895] [ 107.024292][ T5895] [ 107.024292][ T5895] the existing dependency chain (in reverse order) is: [ 107.024298][ T5895] [ 107.024298][ T5895] -> #1 (&ni->file.run_lock#2){++++}-{4:4}: [ 107.024321][ T5895] lock_acquire+0x120/0x360 [pid 5898] memfd_create("syzkaller", 0) = 3 [pid 5894] <... close resumed>) = 0 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 107.024340][ T5895] down_read+0x97/0x1f0 [ 107.024358][ T5895] run_unpack_ex+0x7e5/0xba0 [ 107.024372][ T5895] ntfs_iget5+0x232b/0x37c0 [ 107.024388][ T5895] dir_search_u+0x1df/0x2c0 [ 107.024402][ T5895] ntfs_lookup+0xfb/0x1f0 [ 107.024418][ T5895] lookup_one_qstr_excl+0x131/0x360 [ 107.024432][ T5895] do_unlinkat+0x1df/0x570 [ 107.024449][ T5895] __x64_sys_unlink+0x47/0x50 [ 107.024467][ T5895] do_syscall_64+0xfa/0x3b0 [pid 5894] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5896] <... write resumed>) = 2097152 [pid 5896] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5894] <... open resumed>) = 4 [pid 5897] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5896] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5896] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5896] close(3) = 0 [pid 5896] close(4) = 0 [pid 5896] mkdir("./file1", 0777) = 0 [ 107.024485][ T5895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.024499][ T5895] [ 107.024499][ T5895] -> #0 (&wnd->rw_lock){++++}-{4:4}: [ 107.024523][ T5895] validate_chain+0xb9b/0x2140 [ 107.024543][ T5895] __lock_acquire+0xab9/0xd20 [ 107.024559][ T5895] lock_acquire+0x120/0x360 [ 107.024575][ T5895] down_write_nested+0x3e/0x60 [ 107.024589][ T5895] ntfs_look_for_free_space+0xd3/0x600 [ 107.024604][ T5895] attr_allocate_clusters+0x1c1/0x6d0 [ 107.024622][ T5895] attr_set_size+0x14a4/0x2c70 [pid 5896] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5894] exit_group(0 [pid 5898] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5894] <... exit_group resumed>) = ? [pid 5894] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5894, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=9 /* 0.09 s */} --- [pid 5827] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 107.024640][ T5895] ntfs_extend_mft+0x162/0x450 [ 107.024653][ T5895] ntfs_look_free_mft+0x5f8/0xd50 [ 107.024676][ T5895] ntfs_create_inode+0x590/0x32a0 [ 107.024690][ T5895] ntfs_create+0x3d/0x50 [ 107.024707][ T5895] path_openat+0x1500/0x3840 [ 107.024722][ T5895] do_filp_open+0x1fa/0x410 [ 107.024738][ T5895] do_sys_openat2+0x121/0x1c0 [ 107.024753][ T5895] __x64_sys_open+0x11e/0x150 [ 107.024766][ T5895] do_syscall_64+0xfa/0x3b0 [ 107.024784][ T5895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [pid 5827] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5896] <... mount resumed>) = 0 [pid 5896] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5824] <... umount2 resumed>) = 0 [pid 5896] chdir("./file1" [pid 5824] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5896] <... chdir resumed>) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5896] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5824] newfstatat(AT_FDCWD, "./12/file1", [pid 5896] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 107.024799][ T5895] [ 107.024799][ T5895] other info that might help us debug this: [ 107.024799][ T5895] [ 107.024804][ T5895] Possible unsafe locking scenario: [ 107.024804][ T5895] [ 107.024809][ T5895] CPU0 CPU1 [ 107.024814][ T5895] ---- ---- [ 107.024819][ T5895] lock(&ni->file.run_lock#2); [ 107.024835][ T5895] lock(&wnd->rw_lock); [ 107.024845][ T5895] lock(&ni->file.run_lock#2); [pid 5896] unlink("./file0/file0" [pid 5824] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5897] <... write resumed>) = 2097152 [pid 5824] <... openat resumed>) = 4 [pid 5824] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] <... umount2 resumed>) = 0 [pid 5824] close(4) = 0 [pid 5824] rmdir("./12/file1") = 0 [pid 5896] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5896] memfd_create("syzkaller", 0 [pid 5897] munmap(0x7fde7cbdc000, 138412032) = 0 [ 107.024859][ T5895] lock(&wnd->rw_lock); [ 107.024869][ T5895] [ 107.024869][ T5895] *** DEADLOCK *** [ 107.024869][ T5895] [ 107.024873][ T5895] 5 locks held by syz-executor103/5895: [ 107.024883][ T5895] #0: ffff888044bf8488 (sb_writers#8){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 107.024924][ T5895] #1: ffff8880415f9ae8 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: path_openat+0x8e6/0x3840 [ 107.024967][ T5895] #2: ffff8880415f9830 (&ni->ni_lock#2/6){+.+.}-{4:4}, at: ntfs_create_inode+0x16e/0x32a0 [pid 5896] <... memfd_create resumed>) = 4 [pid 5827] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5897] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5896] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5897] ioctl(4, LOOP_SET_FD, 3 [pid 5896] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] newfstatat(AT_FDCWD, "./12/file1", [pid 5897] <... ioctl resumed>) = 0 [pid 5824] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5898] <... write resumed>) = 2097152 [pid 5897] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5898] munmap(0x7fde7cbdc000, 138412032 [pid 5897] <... close resumed>) = 0 [pid 5827] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] unlink("./12/binderfs" [pid 5897] close(4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... unlink resumed>) = 0 [pid 5897] <... close resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] getdents64(3, [pid 5827] <... openat resumed>) = 4 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5897] mkdir("./file1", 0777 [pid 5827] newfstatat(4, "", [pid 5824] close(3 [pid 5897] <... mkdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... close resumed>) = 0 [pid 5827] getdents64(4, [ 107.025012][ T5895] #3: ffff888044bfa118 (&wnd->rw_lock/1){+.+.}-{4:4}, at: ntfs_look_free_mft+0x163/0xd50 [ 107.025051][ T5895] #4: ffff8880416f75d0 (&ni->file.run_lock#2){++++}-{4:4}, at: ntfs_extend_mft+0x13d/0x450 [ 107.025091][ T5895] [ 107.025091][ T5895] stack backtrace: [ 107.025103][ T5895] CPU: 0 UID: 0 PID: 5895 Comm: syz-executor103 Tainted: G W 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT_{RT,(full)} [ 107.025127][ T5895] Tainted: [W]=WARN [ 107.025132][ T5895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [pid 5824] rmdir("./12" [pid 5897] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5824] <... rmdir resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, [pid 5898] <... munmap resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./12/file1" [pid 5824] mkdir("./13", 0777 [pid 5898] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] <... rmdir resumed>) = 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5898] <... openat resumed>) = 4 [pid 5898] ioctl(4, LOOP_SET_FD, 3 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5898] <... ioctl resumed>) = 0 [pid 5827] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... openat resumed>) = 3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5827] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5824] <... ioctl resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] close(3 [pid 5898] close(3 [pid 5827] unlink("./12/binderfs" [pid 5824] <... close resumed>) = 0 [pid 5898] <... close resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5898] close(4 [pid 5827] getdents64(3, ./strace-static-x86_64: Process 5899 attached [pid 5898] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5899 [pid 5898] mkdir("./file1", 0777 [pid 5827] close(3 [pid 5898] <... mkdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5899] set_robust_list(0x55558eab2660, 24 [pid 5827] rmdir("./12" [pid 5899] <... set_robust_list resumed>) = 0 [pid 5898] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5827] <... rmdir resumed>) = 0 [pid 5899] chdir("./13" [pid 5827] mkdir("./13", 0777 [pid 5899] <... chdir resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5899] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5899] setpgid(0, 0) = 0 [ 107.025142][ T5895] Call Trace: [ 107.025148][ T5895] [ 107.025154][ T5895] dump_stack_lvl+0x189/0x250 [ 107.025175][ T5895] ? __pfx_dump_stack_lvl+0x10/0x10 [ 107.025195][ T5895] ? __pfx__printk+0x10/0x10 [ 107.025208][ T5895] ? stack_trace_save+0x9c/0xe0 [ 107.025230][ T5895] print_circular_bug+0x2ee/0x310 [ 107.025248][ T5895] check_noncircular+0x134/0x160 [ 107.025272][ T5895] validate_chain+0xb9b/0x2140 [ 107.025294][ T5895] ? __lock_acquire+0xab9/0xd20 [ 107.025316][ T5895] __lock_acquire+0xab9/0xd20 [pid 5899] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5899] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5899] write(3, "1000", 4 [pid 5827] <... ioctl resumed>) = 0 [pid 5899] <... write resumed>) = 4 [pid 5827] close(3 [pid 5899] close(3) = 0 [pid 5897] <... mount resumed>) = 0 [pid 5897] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5899] symlink("/dev/binderfs", "./binderfs" [pid 5897] <... openat resumed>) = 3 [pid 5899] <... symlink resumed>) = 0 [ 107.025337][ T5895] ? ntfs_look_for_free_space+0xd3/0x600 [ 107.025354][ T5895] lock_acquire+0x120/0x360 [ 107.025372][ T5895] ? ntfs_look_for_free_space+0xd3/0x600 [ 107.025392][ T5895] ? unwind_next_frame+0xa5/0x2390 [ 107.025412][ T5895] ? rcu_is_watching+0x15/0xb0 [ 107.025433][ T5895] ? unwind_next_frame+0xa5/0x2390 [ 107.025453][ T5895] down_write_nested+0x3e/0x60 [ 107.025469][ T5895] ? ntfs_look_for_free_space+0xd3/0x600 [ 107.025486][ T5895] ntfs_look_for_free_space+0xd3/0x600 [ 107.025504][ T5895] ? is_bpf_text_address+0x26/0x2b0 [pid 5897] chdir("./file1"executing program [pid 5899] write(1, "executing program\n", 18 [pid 5897] <... chdir resumed>) = 0 [pid 5899] <... write resumed>) = 18 [pid 5897] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5899] memfd_create("syzkaller", 0 [pid 5897] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5896] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5897] unlink("./file0/file0" [pid 5899] <... memfd_create resumed>) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5897] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5897] memfd_create("syzkaller", 0) = 4 [pid 5897] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 107.025526][ T5895] ? rcu_is_watching+0x15/0xb0 [ 107.025547][ T5895] ? __kasan_check_byte+0x12/0x40 [ 107.025571][ T5895] ? rcu_is_watching+0x15/0xb0 [ 107.025594][ T5895] ? __pfx_ntfs_look_for_free_space+0x10/0x10 [ 107.025617][ T5895] attr_allocate_clusters+0x1c1/0x6d0 [ 107.025637][ T5895] ? __pfx_hlock_conflict+0x10/0x10 [ 107.025657][ T5895] ? __pfx_attr_allocate_clusters+0x10/0x10 [ 107.025687][ T5895] ? ni_find_attr+0x1dd/0x570 [ 107.025707][ T5895] ? run_is_mapped_full+0x345/0x420 [pid 5827] <... close resumed>) = 0 [pid 5898] <... mount resumed>) = 0 [pid 5898] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5898] chdir("./file1") = 0 [pid 5898] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5898] unlink("./file0/file0"./strace-static-x86_64: Process 5900 attached [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5900 [pid 5900] set_robust_list(0x55558eab2660, 24 [pid 5898] <... unlink resumed>) = -1 EINVAL (Invalid argument) [ 107.025725][ T5895] attr_set_size+0x14a4/0x2c70 [ 107.025756][ T5895] ? do_raw_spin_lock+0x121/0x290 [ 107.025778][ T5895] ? __pfx_attr_set_size+0x10/0x10 [ 107.025797][ T5895] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 107.025817][ T5895] ? lockdep_hardirqs_on+0x9c/0x150 [ 107.025837][ T5895] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 107.025857][ T5895] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 107.025881][ T5895] ? rwbase_write_lock+0x56f/0x750 [ 107.025905][ T5895] ntfs_extend_mft+0x162/0x450 [ 107.025924][ T5895] ? __pfx_ntfs_extend_mft+0x10/0x10 [pid 5900] <... set_robust_list resumed>) = 0 [pid 5898] memfd_create("syzkaller", 0) = 4 [pid 5898] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5896] <... write resumed>) = 2097152 [pid 5898] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5900] chdir("./13" [pid 5899] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5900] <... chdir resumed>) = 0 [pid 5900] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 107.025942][ T5895] ? __pfx_wnd_find+0x10/0x10 [ 107.025959][ T5895] ? wnd_zone_set+0x106/0x160 [ 107.025977][ T5895] ntfs_look_free_mft+0x5f8/0xd50 [ 107.025999][ T5895] ? __pfx_ntfs_look_free_mft+0x10/0x10 [ 107.026019][ T5895] ? __pfx_ntfs_set_state+0x10/0x10 [ 107.026037][ T5895] ? ntfs_create_inode+0x4ba/0x32a0 [ 107.026055][ T5895] ? kmem_cache_alloc_noprof+0x192/0x310 [ 107.026079][ T5895] ntfs_create_inode+0x590/0x32a0 [ 107.026102][ T5895] ? rt_mutex_slowunlock+0x493/0x8a0 [ 107.026119][ T5895] ? reacquire_held_locks+0x127/0x1d0 [pid 5900] setpgid(0, 0 [pid 5897] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5900] <... setpgid resumed>) = 0 [pid 5900] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5896] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5896] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5896] close(4 [pid 5900] <... openat resumed>) = 3 [ 107.026145][ T5895] ? __pfx_ntfs_create_inode+0x10/0x10 [ 107.026163][ T5895] ? rt_spin_unlock+0x65/0x80 [ 107.026182][ T5895] ? __d_add+0x54d/0x840 [ 107.026203][ T5895] ntfs_create+0x3d/0x50 [ 107.026226][ T5895] ? __pfx_ntfs_create+0x10/0x10 [ 107.026247][ T5895] path_openat+0x1500/0x3840 [ 107.026280][ T5895] ? __pfx_path_openat+0x10/0x10 [ 107.026304][ T5895] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 107.026324][ T5895] ? lockdep_hardirqs_on+0x9c/0x150 [ 107.026342][ T5895] ? _raw_spin_unlock_irqrestore+0xad/0x110 [pid 5900] write(3, "1000", 4) = 4 [pid 5900] close(3) = 0 [pid 5896] <... close resumed>) = 0 [pid 5900] symlink("/dev/binderfs", "./binderfs") = 0 [ 107.026364][ T5895] do_filp_open+0x1fa/0x410 [ 107.026383][ T5895] ? __pfx_do_filp_open+0x10/0x10 [ 107.026402][ T5895] ? rt_mutex_slowunlock+0x493/0x8a0 [ 107.026427][ T5895] ? alloc_fd+0x64f/0x6c0 [ 107.026453][ T5895] do_sys_openat2+0x121/0x1c0 [ 107.026472][ T5895] ? __pfx_do_sys_openat2+0x10/0x10 [ 107.026491][ T5895] ? rcu_is_watching+0x15/0xb0 [ 107.026513][ T5895] __x64_sys_open+0x11e/0x150 [ 107.026531][ T5895] do_syscall_64+0xfa/0x3b0 [ 107.026551][ T5895] ? lockdep_hardirqs_on+0x9c/0x150 executing program [pid 5900] write(1, "executing program\n", 18) = 18 [pid 5900] memfd_create("syzkaller", 0 [pid 5898] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5900] <... memfd_create resumed>) = 3 [ 107.026570][ T5895] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.026585][ T5895] ? clear_bhb_loop+0x60/0xb0 [ 107.026603][ T5895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.026619][ T5895] RIP: 0033:0x7fde85023499 [ 107.026644][ T5895] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 107.026663][ T5895] RSP: 002b:00007ffc366140f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [pid 5899] <... write resumed>) = 2097152 [pid 5896] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5900] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5897] <... write resumed>) = 2097152 [pid 5900] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5899] munmap(0x7fde7cbdc000, 138412032 [pid 5896] <... open resumed>) = 4 [pid 5899] <... munmap resumed>) = 0 [pid 5896] exit_group(0) = ? [pid 5897] munmap(0x7fde7cbdc000, 138412032 [pid 5896] +++ exited with 0 +++ [pid 5897] <... munmap resumed>) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5896, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 107.026681][ T5895] RAX: ffffffffffffffda RBX: 0000200000000640 RCX: 00007fde85023499 [ 107.026693][ T5895] RDX: 0000000000000000 RSI: 000000000014d27c RDI: 0000200000000180 [ 107.026705][ T5895] RBP: 000020000001f840 R08: 002c6174656d776f R09: 00007ffc36614130 [ 107.026716][ T5895] R10: 00007ffc36613fc0 R11: 0000000000000246 R12: 00007ffc3661411c [ 107.026727][ T5895] R13: 000000000000000c R14: 431bde82d7b634db R15: 00007ffc36614150 [ 107.026745][ T5895] [ 107.026841][ T5895] ntfs3(loop0): ino=0, attr_set_size [pid 5899] ioctl(4, LOOP_SET_FD, 3 [pid 5828] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5899] <... ioctl resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5897] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5897] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... openat resumed>) = 3 [pid 5897] close(4 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5899] close(3 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5899] <... close resumed>) = 0 [pid 5828] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5899] close(4) = 0 [pid 5898] <... write resumed>) = 2097152 [pid 5899] mkdir("./file1", 0777 [pid 5898] munmap(0x7fde7cbdc000, 138412032 [pid 5899] <... mkdir resumed>) = 0 [pid 5898] <... munmap resumed>) = 0 [ 107.225855][ T5896] loop4: detected capacity change from 0 to 4096 [ 107.257893][ T5896] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 107.298373][ T5896] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 107.352842][ T5896] ntfs3(loop4): ino=1b, mi_enum_attr [ 107.352869][ T5896] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 107.398092][ T5897] loop1: detected capacity change from 0 to 4096 [ 107.433057][ T5897] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 107.438208][ T5898] loop2: detected capacity change from 0 to 4096 [pid 5897] <... close resumed>) = 0 [pid 5900] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5899] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5898] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5897] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5898] close(4 [pid 5897] <... open resumed>) = 4 [pid 5898] <... close resumed>) = 0 [pid 5897] exit_group(0) = ? [ 107.477753][ T5898] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 107.507986][ T5897] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 107.538389][ T5897] ntfs3(loop1): ino=1b, mi_enum_attr [ 107.538416][ T5897] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 107.593314][ T5898] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 107.620491][ T5898] ntfs3(loop2): ino=1b, mi_enum_attr [ 107.620516][ T5898] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5897] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5897, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5898] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5825] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5898] <... open resumed>) = 4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5899] <... mount resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5899] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] <... openat resumed>) = 3 [pid 5899] <... openat resumed>) = 3 [pid 5898] exit_group(0 [pid 5828] <... umount2 resumed>) = 0 [pid 5825] newfstatat(3, "", [pid 5899] chdir("./file1" [pid 5898] <... exit_group resumed>) = ? [pid 5828] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5899] <... chdir resumed>) = 0 [pid 5898] +++ exited with 0 +++ [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] newfstatat(AT_FDCWD, "./12/file1", [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5899] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5898, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5899] unlink("./file0/file0" [pid 5828] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] restart_syscall(<... resuming interrupted clone ...> [ 107.854028][ T37] kauditd_printk_skb: 9 callbacks suppressed [ 107.854044][ T37] audit: type=1800 audit(1753942238.790:63): pid=5896 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 107.883611][ T5899] loop0: detected capacity change from 0 to 4096 [ 107.941974][ T5899] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5828] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5899] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 4 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5899] memfd_create("syzkaller", 0 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, [pid 5826] umount2("./12", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5899] <... memfd_create resumed>) = 4 [pid 5828] close(4 [pid 5826] <... openat resumed>) = 3 [pid 5899] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... close resumed>) = 0 [pid 5826] newfstatat(3, "", [pid 5899] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] rmdir("./12/file1" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5826] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./12/binderfs") = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./12") = 0 [pid 5828] mkdir("./13", 0777 [pid 5825] <... umount2 resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5900] <... write resumed>) = 2097152 [pid 5828] <... openat resumed>) = 3 [pid 5825] newfstatat(AT_FDCWD, "./12/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5900] munmap(0x7fde7cbdc000, 138412032 [pid 5899] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... ioctl resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5900] <... munmap resumed>) = 0 [pid 5828] close(3 [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./12/file1") = 0 [ 107.945859][ T37] audit: type=1800 audit(1753942238.880:64): pid=5897 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [ 108.007045][ T37] audit: type=1800 audit(1753942238.940:65): pid=5898 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [ 108.007213][ T5899] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 108.023856][ T5899] ntfs3(loop0): ino=1b, mi_enum_attr [ 108.023881][ T5899] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5900] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5900] <... openat resumed>) = 4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = 0 [pid 5826] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5900] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./12/file1", [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./12/binderfs" [pid 5900] <... ioctl resumed>) = 0 [pid 5826] umount2("./12/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... unlink resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5900] close(3 [pid 5826] openat(AT_FDCWD, "./12/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] getdents64(3, [pid 5900] <... close resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5900] close(4) = 0 [pid 5826] newfstatat(4, "", [pid 5825] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5900] mkdir("./file1", 0777 [pid 5826] rmdir("./12/file1" [pid 5900] <... mkdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] rmdir("./12" [pid 5826] umount2("./12/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... rmdir resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] mkdir("./13", 0777 [pid 5900] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5825] <... mkdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5826] unlink("./12/binderfs" [pid 5825] <... openat resumed>) = 3 [pid 5826] <... unlink resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5826] getdents64(3, [pid 5825] <... ioctl resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5899] <... write resumed>) = 2097152 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5826] close(3 [pid 5825] <... close resumed>) = 0 [pid 5899] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5902 attached ./strace-static-x86_64: Process 5901 attached [pid 5899] <... munmap resumed>) = 0 [pid 5826] rmdir("./12") = 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5902 [pid 5826] mkdir("./13", 0777 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5901 [pid 5826] <... mkdir resumed>) = 0 [pid 5902] set_robust_list(0x55558eab2660, 24 [pid 5901] set_robust_list(0x55558eab2660, 24 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5902] <... set_robust_list resumed>) = 0 [pid 5901] <... set_robust_list resumed>) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5902] chdir("./13" [pid 5901] chdir("./13" [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5902] <... chdir resumed>) = 0 [pid 5901] <... chdir resumed>) = 0 [pid 5826] <... ioctl resumed>) = 0 [pid 5902] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5901] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5899] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] close(3 [pid 5902] <... prctl resumed>) = 0 [pid 5899] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... close resumed>) = 0 [pid 5902] setpgid(0, 0 [pid 5901] <... prctl resumed>) = 0 [pid 5899] close(4 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5903 attached [pid 5901] setpgid(0, 0) = 0 [pid 5902] <... setpgid resumed>) = 0 [pid 5901] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5902] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5901] <... openat resumed>) = 3 [pid 5903] set_robust_list(0x55558eab2660, 24 [pid 5902] <... openat resumed>) = 3 [pid 5901] write(3, "1000", 4 [pid 5903] <... set_robust_list resumed>) = 0 [pid 5902] write(3, "1000", 4 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5903 [pid 5903] chdir("./13" [pid 5902] <... write resumed>) = 4 [pid 5901] <... write resumed>) = 4 [ 108.136922][ T5900] loop3: detected capacity change from 0 to 4096 [ 108.167523][ T5900] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5903] <... chdir resumed>) = 0 [pid 5902] close(3 [pid 5901] close(3 [pid 5900] <... mount resumed>) = 0 [pid 5902] <... close resumed>) = 0 [pid 5901] <... close resumed>) = 0 [pid 5899] <... close resumed>) = 0 [pid 5903] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5902] symlink("/dev/binderfs", "./binderfs" [pid 5903] <... prctl resumed>) = 0 [pid 5902] <... symlink resumed>) = 0 [pid 5901] symlink("/dev/binderfs", "./binderfs" [pid 5900] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORYexecuting program executing program [pid 5903] setpgid(0, 0 [pid 5902] write(1, "executing program\n", 18 [pid 5901] <... symlink resumed>) = 0 [pid 5900] <... openat resumed>) = 3 [pid 5903] <... setpgid resumed>) = 0 [pid 5902] <... write resumed>) = 18 [pid 5901] write(1, "executing program\n", 18 [pid 5900] chdir("./file1" [pid 5903] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5902] memfd_create("syzkaller", 0 [pid 5901] <... write resumed>) = 18 [pid 5903] <... openat resumed>) = 3 [pid 5901] memfd_create("syzkaller", 0 [pid 5900] <... chdir resumed>) = 0 [pid 5903] write(3, "1000", 4 [pid 5900] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5903] <... write resumed>) = 4 [pid 5902] <... memfd_create resumed>) = 3 [pid 5901] <... memfd_create resumed>) = 3 [pid 5903] close(3 [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5900] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5903] <... close resumed>) = 0 [pid 5902] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5903] symlink("/dev/binderfs", "./binderfs" [pid 5901] <... mmap resumed>) = 0x7fde7cbdc000 [ 108.215828][ T5900] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5900] unlink("./file0/file0"executing program [pid 5903] <... symlink resumed>) = 0 [pid 5903] write(1, "executing program\n", 18 [pid 5900] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5900] memfd_create("syzkaller", 0 [pid 5903] <... write resumed>) = 18 [pid 5903] memfd_create("syzkaller", 0 [pid 5900] <... memfd_create resumed>) = 4 [pid 5900] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5903] <... memfd_create resumed>) = 3 [pid 5903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5899] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5899] exit_group(0) = ? [pid 5899] +++ exited with 0 +++ [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5899, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5824] restart_syscall(<... resuming interrupted clone ...>) = 0 [ 108.265208][ T5900] ntfs3(loop3): ino=1b, mi_enum_attr [ 108.265236][ T5900] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5902] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5824] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, [pid 5900] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5900] <... write resumed>) = 2097152 [pid 5900] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5901] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5900] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [ 108.303139][ T37] audit: type=1800 audit(1753942239.240:66): pid=5899 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5900] close(4 [pid 5824] <... umount2 resumed>) = 0 [pid 5903] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./13/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5824] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5900] <... close resumed>) = 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(4) = 0 [pid 5824] rmdir("./13/file1") = 0 [pid 5824] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5900] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5900] exit_group(0 [pid 5824] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5900] <... exit_group resumed>) = ? [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] unlink("./13/binderfs") = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3) = 0 [pid 5824] rmdir("./13") = 0 [pid 5824] mkdir("./14", 0777) = 0 [pid 5900] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5900, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD) = 0 [pid 5824] close(3 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5827] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5827] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5903] <... write resumed>) = 2097152 [pid 5824] <... close resumed>) = 0 [pid 5903] munmap(0x7fde7cbdc000, 138412032 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5903] <... munmap resumed>) = 0 [pid 5902] <... write resumed>) = 2097152 ./strace-static-x86_64: Process 5904 attached [pid 5902] munmap(0x7fde7cbdc000, 138412032 [pid 5904] set_robust_list(0x55558eab2660, 24) = 0 [pid 5904] chdir("./14") = 0 [pid 5904] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5904] setpgid(0, 0) = 0 [pid 5904] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5904 [pid 5902] <... munmap resumed>) = 0 [pid 5904] <... openat resumed>) = 3 [ 108.414232][ T37] audit: type=1800 audit(1753942239.350:67): pid=5900 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [pid 5903] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5901] <... write resumed>) = 2097152 [pid 5827] <... umount2 resumed>) = 0 [pid 5904] write(3, "1000", 4 [pid 5902] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5904] <... write resumed>) = 4 [pid 5901] munmap(0x7fde7cbdc000, 138412032 [pid 5827] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5904] close(3 [pid 5902] <... openat resumed>) = 4 [pid 5901] <... munmap resumed>) = 0 [pid 5904] <... close resumed>) = 0 [pid 5902] ioctl(4, LOOP_SET_FD, 3 [pid 5904] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5904] <... symlink resumed>) = 0 [pid 5903] <... openat resumed>) = 4 [pid 5902] <... ioctl resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./13/file1", executing program [pid 5904] write(1, "executing program\n", 18 [pid 5903] ioctl(4, LOOP_SET_FD, 3 [pid 5902] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5904] <... write resumed>) = 18 [pid 5902] <... close resumed>) = 0 [pid 5903] <... ioctl resumed>) = 0 [pid 5902] close(4) = 0 [pid 5904] memfd_create("syzkaller", 0 [pid 5902] mkdir("./file1", 0777 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5904] <... memfd_create resumed>) = 3 [pid 5903] close(3 [pid 5902] <... mkdir resumed>) = 0 [pid 5901] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5903] <... close resumed>) = 0 [pid 5901] <... openat resumed>) = 4 [pid 5903] close(4 [pid 5827] <... openat resumed>) = 4 [pid 5903] <... close resumed>) = 0 [pid 5901] ioctl(4, LOOP_SET_FD, 3 [pid 5903] mkdir("./file1", 0777 [pid 5827] newfstatat(4, "", [pid 5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5903] <... mkdir resumed>) = 0 [pid 5904] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5901] <... ioctl resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5903] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5902] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5827] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5901] close(3) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./13/file1") = 0 [pid 5901] close(4) = 0 [pid 5901] mkdir("./file1", 0777 [pid 5904] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5901] <... mkdir resumed>) = 0 [pid 5827] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5901] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5827] unlink("./13/binderfs") = 0 [ 108.486442][ T5902] loop1: detected capacity change from 0 to 4096 [ 108.494927][ T5903] loop2: detected capacity change from 0 to 4096 [ 108.508026][ T5901] loop4: detected capacity change from 0 to 4096 [ 108.518787][ T5902] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5902] <... mount resumed>) = 0 [pid 5827] close(3) = 0 [pid 5902] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5827] rmdir("./13" [pid 5902] <... openat resumed>) = 3 [pid 5827] <... rmdir resumed>) = 0 [pid 5902] chdir("./file1") = 0 [pid 5902] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5827] mkdir("./14", 0777 [pid 5902] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... mkdir resumed>) = 0 [pid 5901] <... mount resumed>) = 0 [ 108.544937][ T5901] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 108.545968][ T5903] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 108.565763][ T5902] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5902] unlink("./file0/file0" [pid 5904] <... write resumed>) = 2097152 [pid 5903] <... mount resumed>) = 0 [pid 5902] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5901] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5904] munmap(0x7fde7cbdc000, 138412032 [pid 5901] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 3 [pid 5901] chdir("./file1" [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5901] <... chdir resumed>) = 0 [pid 5827] <... ioctl resumed>) = 0 [pid 5901] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] close(3 [pid 5904] <... munmap resumed>) = 0 [pid 5903] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5902] memfd_create("syzkaller", 0 [pid 5901] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5904] ioctl(4, LOOP_SET_FD, 3 [pid 5903] <... openat resumed>) = 3 [pid 5901] unlink("./file0/file0" [pid 5904] <... ioctl resumed>) = 0 [pid 5903] chdir("./file1" [pid 5904] close(3 [pid 5903] <... chdir resumed>) = 0 [pid 5903] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5903] unlink("./file0/file0" [pid 5902] <... memfd_create resumed>) = 4 [pid 5902] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5904] <... close resumed>) = 0 [pid 5904] close(4) = 0 [ 108.588415][ T5901] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 108.594603][ T5902] ntfs3(loop1): ino=1b, mi_enum_attr [ 108.594632][ T5902] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 108.605153][ T5903] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5904] mkdir("./file1", 0777) = 0 [pid 5904] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5903] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5901] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5903] memfd_create("syzkaller", 0 [pid 5901] memfd_create("syzkaller", 0) = 4 [pid 5903] <... memfd_create resumed>) = 4 [pid 5901] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5903] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5901] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5903] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558eab2650) = 5905 ./strace-static-x86_64: Process 5905 attached [pid 5905] set_robust_list(0x55558eab2660, 24 [pid 5902] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5905] <... set_robust_list resumed>) = 0 [pid 5905] chdir("./14") = 0 [pid 5902] <... write resumed>) = 2097152 [pid 5905] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [ 108.660099][ T5904] loop0: detected capacity change from 0 to 4096 [ 108.671200][ T5901] ntfs3(loop4): ino=1b, mi_enum_attr [ 108.671228][ T5901] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 108.672134][ T5903] ntfs3(loop2): ino=1b, mi_enum_attr [ 108.672156][ T5903] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 108.686600][ T5904] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5905] setpgid(0, 0) = 0 [pid 5902] munmap(0x7fde7cbdc000, 138412032 [pid 5905] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5903] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5902] <... munmap resumed>) = 0 [pid 5901] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5902] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5905] <... openat resumed>) = 3 [pid 5905] write(3, "1000", 4) = 4 [pid 5902] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5905] close(3executing program ) = 0 [pid 5905] symlink("/dev/binderfs", "./binderfs" [pid 5902] close(4 [pid 5905] <... symlink resumed>) = 0 [pid 5905] write(1, "executing program\n", 18) = 18 [pid 5904] <... mount resumed>) = 0 [pid 5905] memfd_create("syzkaller", 0 [pid 5904] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5904] chdir("./file1") = 0 [pid 5905] <... memfd_create resumed>) = 3 [pid 5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5904] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5905] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5904] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5903] <... write resumed>) = 2097152 [pid 5904] memfd_create("syzkaller", 0 [pid 5902] <... close resumed>) = 0 [pid 5904] <... memfd_create resumed>) = 4 [pid 5904] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5901] <... write resumed>) = 2097152 [pid 5901] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5903] munmap(0x7fde7cbdc000, 138412032 [pid 5901] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5902] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5903] <... munmap resumed>) = 0 [pid 5901] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5901] close(4 [pid 5903] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5903] close(4 [pid 5901] <... close resumed>) = 0 [pid 5902] <... open resumed>) = 4 [pid 5902] exit_group(0) = ? [pid 5905] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5902] +++ exited with 0 +++ [pid 5901] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5902, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [ 108.776409][ T5904] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 108.798409][ T5904] ntfs3(loop0): ino=1b, mi_enum_attr [ 108.798437][ T5904] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5903] <... close resumed>) = 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5825] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, [pid 5903] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5903] <... open resumed>) = 4 [pid 5825] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5903] exit_group(0) = ? [pid 5904] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5903] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5903, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5826] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5904] <... write resumed>) = 2097152 [pid 5904] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5904] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5901] <... open resumed>) = 4 [pid 5904] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5901] exit_group(0 [pid 5904] close(4 [pid 5901] <... exit_group resumed>) = ? [pid 5901] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5901, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5905] <... write resumed>) = 2097152 [pid 5828] umount2("./13", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 108.857763][ T37] audit: type=1800 audit(1753942239.790:68): pid=5902 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [ 108.878766][ T37] audit: type=1800 audit(1753942239.820:69): pid=5903 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [pid 5828] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5905] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5904] <... close resumed>) = 0 [pid 5905] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5905] close(3) = 0 [pid 5905] close(4 [pid 5904] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5905] <... close resumed>) = 0 [pid 5904] <... open resumed>) = 4 [pid 5905] mkdir("./file1", 0777) = 0 [pid 5904] exit_group(0) = ? [pid 5905] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5904] +++ exited with 0 +++ [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5904, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5824] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5824] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5824] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 108.918345][ T37] audit: type=1800 audit(1753942239.860:70): pid=5901 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 108.946762][ T5905] loop3: detected capacity change from 0 to 4096 [ 108.949609][ T37] audit: type=1800 audit(1753942239.890:71): pid=5904 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5824] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5905] <... mount resumed>) = 0 [pid 5905] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5905] chdir("./file1") = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5905] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5905] memfd_create("syzkaller", 0) = 4 [pid 5905] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5905] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... umount2 resumed>) = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5905] <... write resumed>) = 2097152 [pid 5826] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5905] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... umount2 resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = 0 [pid 5828] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./13/file1", [pid 5825] newfstatat(AT_FDCWD, "./13/file1", [pid 5905] <... munmap resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./13/file1", [pid 5826] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./13/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./14/file1", [pid 5825] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 4 [pid 5825] <... openat resumed>) = 4 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5905] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5828] openat(AT_FDCWD, "./13/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] newfstatat(4, "", [pid 5905] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... openat resumed>) = 4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(4, "", [pid 5905] close(4 [pid 5824] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(4, "", [pid 5826] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 5824] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] getdents64(4, [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] <... openat resumed>) = 4 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, [pid 5824] newfstatat(4, "", [pid 5828] getdents64(4, [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] close(4 [pid 5824] getdents64(4, [pid 5828] close(4 [pid 5826] <... close resumed>) = 0 [pid 5825] getdents64(4, [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] <... close resumed>) = 0 [pid 5826] rmdir("./13/file1" [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] getdents64(4, [pid 5828] rmdir("./13/file1" [pid 5826] <... rmdir resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] close(4 [pid 5828] <... rmdir resumed>) = 0 [pid 5824] close(4 [pid 5828] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] rmdir("./14/file1" [pid 5828] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5825] <... close resumed>) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5825] rmdir("./13/file1" [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] unlink("./13/binderfs" [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5826] unlink("./13/binderfs" [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] umount2("./13/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... unlink resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 108.959091][ T5905] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 108.978498][ T5905] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 108.980830][ T5905] ntfs3(loop3): ino=1b, mi_enum_attr [ 108.980854][ T5905] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5824] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5825] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5828] getdents64(3, [pid 5826] getdents64(3, [pid 5905] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] unlink("./13/binderfs" [pid 5824] unlink("./14/binderfs" [pid 5828] close(3) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5824] <... unlink resumed>) = 0 [pid 5828] rmdir("./13" [pid 5824] getdents64(3, [pid 5826] close(3 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] <... close resumed>) = 0 [pid 5824] close(3 [pid 5826] rmdir("./13" [pid 5825] getdents64(3, [pid 5824] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5824] rmdir("./14" [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] mkdir("./14", 0777 [pid 5828] mkdir("./14", 0777 [pid 5825] close(3 [pid 5824] <... rmdir resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] <... close resumed>) = 0 [pid 5824] mkdir("./15", 0777 [pid 5905] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 3 [pid 5825] rmdir("./13" [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5824] <... mkdir resumed>) = 0 [pid 5828] <... ioctl resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5828] close(3 [pid 5826] <... ioctl resumed>) = 0 [pid 5825] mkdir("./14", 0777 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5905] <... open resumed>) = 4 [pid 5905] exit_group(0 [pid 5826] close(3 [pid 5905] <... exit_group resumed>) = ? [pid 5905] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5905, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5827] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... mkdir resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5824] <... openat resumed>) = 3 [pid 5827] newfstatat(3, "", [pid 5828] <... close resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... close resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] ioctl(3, LOOP_CLR_FD [ 109.071335][ T37] audit: type=1800 audit(1753942240.010:72): pid=5905 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] getdents64(3, [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... openat resumed>) = 3 [pid 5824] <... ioctl resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5824] close(3 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5906 [pid 5825] <... ioctl resumed>) = 0 [pid 5825] close(3./strace-static-x86_64: Process 5907 attached [pid 5907] set_robust_list(0x55558eab2660, 24) = 0 [pid 5907] chdir("./14") = 0 [pid 5907] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5907] setpgid(0, 0) = 0 [pid 5907] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] <... close resumed>) = 0 [pid 5907] <... openat resumed>) = 3 [pid 5907] write(3, "1000", 4) = 4 [pid 5907] close(3) = 0 [pid 5907] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 ./strace-static-x86_64: Process 5906 attached [pid 5827] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5907 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5907] write(1, "executing program\n", 18) = 18 [pid 5907] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5908 attached [pid 5906] set_robust_list(0x55558eab2660, 24 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5908 [pid 5824] <... close resumed>) = 0 [pid 5908] set_robust_list(0x55558eab2660, 24 [pid 5906] <... set_robust_list resumed>) = 0 [pid 5908] <... set_robust_list resumed>) = 0 [pid 5906] chdir("./14" [pid 5908] chdir("./14" [pid 5907] <... memfd_create resumed>) = 3 [pid 5906] <... chdir resumed>) = 0 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5908] <... chdir resumed>) = 0 [pid 5906] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5909 attached [pid 5908] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5906] <... prctl resumed>) = 0 [pid 5908] <... prctl resumed>) = 0 [pid 5906] setpgid(0, 0 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5909 [pid 5909] set_robust_list(0x55558eab2660, 24 [pid 5906] <... setpgid resumed>) = 0 [pid 5909] <... set_robust_list resumed>) = 0 [pid 5908] setpgid(0, 0 [pid 5909] chdir("./15" [pid 5908] <... setpgid resumed>) = 0 [pid 5906] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5909] <... chdir resumed>) = 0 [pid 5908] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5906] <... openat resumed>) = 3 [pid 5909] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5906] write(3, "1000", 4 [pid 5909] setpgid(0, 0 [pid 5908] <... openat resumed>) = 3 [pid 5906] <... write resumed>) = 4 [pid 5909] <... setpgid resumed>) = 0 [pid 5908] write(3, "1000", 4 [pid 5906] close(3) = 0 [pid 5909] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5908] <... write resumed>) = 4 [pid 5906] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... umount2 resumed>) = 0 [pid 5908] close(3 [pid 5909] <... openat resumed>) = 3 executing program [pid 5909] write(3, "1000", 4 [pid 5908] <... close resumed>) = 0 [pid 5906] <... symlink resumed>) = 0 [pid 5827] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5909] <... write resumed>) = 4 [pid 5908] symlink("/dev/binderfs", "./binderfs" [pid 5906] write(1, "executing program\n", 18 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5909] close(3 [pid 5908] <... symlink resumed>) = 0 [pid 5909] <... close resumed>) = 0 [pid 5908] write(1, "executing program\n", 18 [pid 5906] <... write resumed>) = 18 [pid 5827] newfstatat(AT_FDCWD, "./14/file1", [pid 5909] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5909] write(1, "executing program\n", 18executing program [pid 5906] memfd_create("syzkaller", 0 executing program [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5909] <... write resumed>) = 18 [pid 5827] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5909] memfd_create("syzkaller", 0 [pid 5827] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5908] <... write resumed>) = 18 [pid 5827] <... openat resumed>) = 4 [pid 5909] <... memfd_create resumed>) = 3 [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5908] memfd_create("syzkaller", 0 [pid 5906] <... memfd_create resumed>) = 3 [pid 5827] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5909] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5908] <... memfd_create resumed>) = 3 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5906] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] rmdir("./14/file1") = 0 [pid 5827] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5908] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] unlink("./14/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./14" [pid 5907] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] mkdir("./15", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5906] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5909] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5908] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5907] <... write resumed>) = 2097152 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5907] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... ioctl resumed>) = 0 [pid 5907] <... munmap resumed>) = 0 [pid 5827] close(3 [pid 5907] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] <... close resumed>) = 0 [pid 5907] <... openat resumed>) = 4 [pid 5907] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5909] <... write resumed>) = 2097152 [pid 5906] <... write resumed>) = 2097152 [pid 5909] munmap(0x7fde7cbdc000, 138412032 [pid 5908] <... write resumed>) = 2097152 [pid 5907] close(3 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5907] <... close resumed>) = 0 [pid 5906] munmap(0x7fde7cbdc000, 138412032 [pid 5909] <... munmap resumed>) = 0 [pid 5908] munmap(0x7fde7cbdc000, 138412032 [pid 5907] close(4) = 0 ./strace-static-x86_64: Process 5910 attached [pid 5909] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5907] mkdir("./file1", 0777) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5910 [pid 5907] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5906] <... munmap resumed>) = 0 [pid 5910] set_robust_list(0x55558eab2660, 24 [pid 5909] <... openat resumed>) = 4 [pid 5908] <... munmap resumed>) = 0 [pid 5907] <... mount resumed>) = 0 [pid 5910] <... set_robust_list resumed>) = 0 [pid 5909] ioctl(4, LOOP_SET_FD, 3 [pid 5908] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5907] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5910] chdir("./15" [pid 5909] <... ioctl resumed>) = 0 [pid 5908] <... openat resumed>) = 4 [pid 5907] <... openat resumed>) = 3 [ 109.309414][ T5907] loop2: detected capacity change from 0 to 4096 [ 109.334678][ T5907] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 109.346029][ T5907] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 109.355053][ T5909] loop0: detected capacity change from 0 to 4096 [pid 5906] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5908] ioctl(4, LOOP_SET_FD, 3 [pid 5907] chdir("./file1" [pid 5906] <... openat resumed>) = 4 [pid 5910] <... chdir resumed>) = 0 [pid 5909] close(3 [pid 5908] <... ioctl resumed>) = 0 [pid 5906] ioctl(4, LOOP_SET_FD, 3 [pid 5907] <... chdir resumed>) = 0 [pid 5910] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5909] <... close resumed>) = 0 [pid 5908] close(3 [pid 5906] <... ioctl resumed>) = 0 [pid 5907] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5910] <... prctl resumed>) = 0 [pid 5909] close(4 [pid 5908] <... close resumed>) = 0 [pid 5907] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5910] setpgid(0, 0 [pid 5909] <... close resumed>) = 0 [pid 5908] close(4 [pid 5907] unlink("./file0/file0" [pid 5906] close(3 [pid 5910] <... setpgid resumed>) = 0 [pid 5909] mkdir("./file1", 0777 [pid 5908] <... close resumed>) = 0 [pid 5906] <... close resumed>) = 0 [pid 5908] mkdir("./file1", 0777 [pid 5906] close(4 [pid 5909] <... mkdir resumed>) = 0 [pid 5910] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5909] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5908] <... mkdir resumed>) = 0 [pid 5907] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5906] <... close resumed>) = 0 [pid 5910] <... openat resumed>) = 3 [pid 5908] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5906] mkdir("./file1", 0777 [pid 5907] memfd_create("syzkaller", 0 [pid 5910] write(3, "1000", 4 [pid 5906] <... mkdir resumed>) = 0 [pid 5910] <... write resumed>) = 4 [pid 5907] <... memfd_create resumed>) = 4 [pid 5910] close(3 [pid 5906] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5910] <... close resumed>) = 0 [pid 5907] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5910] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5907] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5910] write(1, "executing program\n", 18executing program ) = 18 [ 109.358011][ T5908] loop1: detected capacity change from 0 to 4096 [ 109.372039][ T5906] loop4: detected capacity change from 0 to 4096 [ 109.376188][ T5907] ntfs3(loop2): ino=1b, mi_enum_attr [ 109.376214][ T5907] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 109.397467][ T5909] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5910] memfd_create("syzkaller", 0) = 3 [pid 5909] <... mount resumed>) = 0 [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5909] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5910] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5909] <... openat resumed>) = 3 [pid 5909] chdir("./file1") = 0 [pid 5909] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5907] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5909] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5909] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5909] memfd_create("syzkaller", 0) = 4 [ 109.408389][ T5908] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 109.413972][ T5906] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 109.443290][ T5909] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5909] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5910] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5907] <... write resumed>) = 2097152 [pid 5907] munmap(0x7fde7cbdc000, 138412032 [pid 5906] <... mount resumed>) = 0 [pid 5906] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5906] chdir("./file1" [pid 5907] <... munmap resumed>) = 0 [pid 5906] <... chdir resumed>) = 0 [ 109.490461][ T5909] ntfs3(loop0): ino=1b, mi_enum_attr [ 109.490491][ T5909] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 109.527824][ T5906] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5906] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5907] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5909] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5907] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5907] close(4 [pid 5906] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5906] unlink("./file0/file0" [pid 5908] <... mount resumed>) = 0 [pid 5906] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5908] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5906] memfd_create("syzkaller", 0 [pid 5908] <... openat resumed>) = 3 [pid 5906] <... memfd_create resumed>) = 4 [pid 5908] chdir("./file1" [pid 5906] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5908] <... chdir resumed>) = 0 [pid 5906] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5908] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5908] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5908] memfd_create("syzkaller", 0) = 4 [pid 5908] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5909] <... write resumed>) = 2097152 [pid 5907] <... close resumed>) = 0 [pid 5909] munmap(0x7fde7cbdc000, 138412032 [pid 5910] <... write resumed>) = 2097152 [pid 5909] <... munmap resumed>) = 0 [pid 5908] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5907] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5906] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 109.547533][ T5908] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 109.561920][ T5906] ntfs3(loop4): ino=1b, mi_enum_attr [ 109.561945][ T5906] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 109.568947][ T5908] ntfs3(loop1): ino=1b, mi_enum_attr [ 109.568972][ T5908] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5910] munmap(0x7fde7cbdc000, 138412032 [pid 5909] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5907] <... open resumed>) = 4 [pid 5909] close(4 [pid 5907] exit_group(0 [pid 5910] <... munmap resumed>) = 0 [pid 5907] <... exit_group resumed>) = ? [pid 5907] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5907, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5910] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5909] <... close resumed>) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5910] <... openat resumed>) = 4 [pid 5909] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] <... ioctl resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5910] close(3 [pid 5909] <... open resumed>) = 4 [pid 5826] getdents64(3, [pid 5910] <... close resumed>) = 0 [pid 5909] exit_group(0 [pid 5910] close(4 [pid 5909] <... exit_group resumed>) = ? [pid 5910] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] mkdir("./file1", 0777) = 0 [pid 5910] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5906] <... write resumed>) = 2097152 [pid 5906] munmap(0x7fde7cbdc000, 138412032 [pid 5909] +++ exited with 0 +++ [pid 5908] <... write resumed>) = 2097152 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5909, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5906] <... munmap resumed>) = 0 [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5908] munmap(0x7fde7cbdc000, 138412032 [pid 5906] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5906] close(4 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5824] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5824] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5908] <... munmap resumed>) = 0 [pid 5906] <... close resumed>) = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5826] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 109.648703][ T5910] loop3: detected capacity change from 0 to 4096 [ 109.667874][ T5910] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5826] newfstatat(AT_FDCWD, "./14/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5910] <... mount resumed>) = 0 [pid 5908] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5906] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5908] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5910] <... openat resumed>) = 3 [pid 5908] close(4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] chdir("./file1" [pid 5826] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... umount2 resumed>) = 0 [pid 5910] <... chdir resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5824] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] newfstatat(4, "", [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5910] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] newfstatat(AT_FDCWD, "./15/file1", [pid 5826] getdents64(4, [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5910] unlink("./file0/file0" [pid 5906] <... open resumed>) = 4 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(4, [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5906] exit_group(0 [pid 5826] close(4 [pid 5824] <... openat resumed>) = 4 [pid 5826] <... close resumed>) = 0 [pid 5824] newfstatat(4, "", [pid 5826] rmdir("./14/file1" [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5910] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5906] <... exit_group resumed>) = ? [pid 5826] <... rmdir resumed>) = 0 [pid 5824] getdents64(4, [pid 5826] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] getdents64(4, [pid 5826] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] unlink("./14/binderfs" [pid 5824] close(4 [pid 5910] memfd_create("syzkaller", 0 [pid 5826] <... unlink resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5824] rmdir("./15/file1") = 0 [pid 5910] <... memfd_create resumed>) = 4 [pid 5826] getdents64(3, [pid 5910] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5910] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5906] +++ exited with 0 +++ [pid 5826] close(3 [pid 5824] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5826] <... close resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5906, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=11 /* 0.11 s */} --- [pid 5826] rmdir("./14" [pid 5824] unlink("./15/binderfs" [pid 5826] <... rmdir resumed>) = 0 [pid 5824] <... unlink resumed>) = 0 [pid 5826] mkdir("./15", 0777 [pid 5824] getdents64(3, [pid 5908] <... close resumed>) = 0 [pid 5828] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... mkdir resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3) = 0 [pid 5824] rmdir("./15" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... rmdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5824] mkdir("./16", 0777 [pid 5828] newfstatat(3, "", [pid 5824] <... mkdir resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] getdents64(3, [pid 5826] <... openat resumed>) = 3 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] <... openat resumed>) = 3 [pid 5828] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5824] <... ioctl resumed>) = 0 [pid 5826] <... ioctl resumed>) = 0 [pid 5824] close(3 [pid 5908] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] close(3 [pid 5910] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] <... close resumed>) = 0 [pid 5908] <... open resumed>) = 4 [pid 5908] exit_group(0) = ? [pid 5910] <... write resumed>) = 2097152 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5910] munmap(0x7fde7cbdc000, 138412032 [pid 5908] +++ exited with 0 +++ ./strace-static-x86_64: Process 5911 attached [pid 5910] <... munmap resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5911 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5908, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5911] set_robust_list(0x55558eab2660, 24) = 0 [ 109.701846][ T5910] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 109.727149][ T5910] ntfs3(loop3): ino=1b, mi_enum_attr [ 109.727174][ T5910] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5911] chdir("./15" [pid 5910] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5828] <... umount2 resumed>) = 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5910] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5825] umount2("./14", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5912 attached ) = -1 EINVAL (Invalid argument) [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5912 [pid 5825] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5911] <... chdir resumed>) = 0 [pid 5912] set_robust_list(0x55558eab2660, 24 [pid 5910] close(4 [pid 5825] <... openat resumed>) = 3 [pid 5828] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5912] <... set_robust_list resumed>) = 0 [pid 5911] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(3, "", [pid 5911] <... prctl resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./14/file1", [pid 5911] setpgid(0, 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5912] chdir("./16" [pid 5911] <... setpgid resumed>) = 0 [pid 5828] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5912] <... chdir resumed>) = 0 [pid 5825] getdents64(3, [pid 5912] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5911] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5912] <... prctl resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5911] <... openat resumed>) = 3 [pid 5912] setpgid(0, 0 [pid 5911] write(3, "1000", 4 [pid 5828] <... openat resumed>) = 4 [pid 5912] <... setpgid resumed>) = 0 [pid 5911] <... write resumed>) = 4 [pid 5828] newfstatat(4, "", [pid 5912] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5911] close(3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5911] <... close resumed>) = 0 [pid 5911] symlink("/dev/binderfs", "./binderfs" [pid 5828] getdents64(4, [pid 5912] <... openat resumed>) = 3 [pid 5911] <... symlink resumed>) = 0 executing program [pid 5912] write(3, "1000", 4 [pid 5911] write(1, "executing program\n", 18 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5911] <... write resumed>) = 18 [pid 5828] getdents64(4, [pid 5912] <... write resumed>) = 4 [pid 5912] close(3 [pid 5911] memfd_create("syzkaller", 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5912] <... close resumed>) = 0 [pid 5828] close(4 [pid 5912] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5912] write(1, "executing program\n", 18 [pid 5828] <... close resumed>) = 0 [pid 5912] <... write resumed>) = 18 [pid 5912] memfd_create("syzkaller", 0 [pid 5910] <... close resumed>) = 0 [pid 5912] <... memfd_create resumed>) = 3 [pid 5911] <... memfd_create resumed>) = 3 [pid 5828] rmdir("./14/file1" [pid 5825] <... umount2 resumed>) = 0 [pid 5912] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5910] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5912] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5911] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(AT_FDCWD, "./14/file1", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5825] umount2("./14/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./14/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] unlink("./14/binderfs") = 0 [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] close(3 [pid 5825] getdents64(4, [pid 5828] <... close resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5910] <... open resumed>) = 4 [pid 5828] rmdir("./14" [pid 5825] getdents64(4, [pid 5910] exit_group(0 [pid 5911] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5912] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5910] <... exit_group resumed>) = ? [pid 5828] mkdir("./15", 0777 [pid 5825] close(4) = 0 [pid 5825] rmdir("./14/file1") = 0 [pid 5825] umount2("./14/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./14/binderfs" [pid 5828] <... mkdir resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3) = 0 [pid 5911] <... write resumed>) = 2097152 [pid 5910] +++ exited with 0 +++ [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] rmdir("./14" [pid 5911] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... openat resumed>) = 3 [pid 5825] <... rmdir resumed>) = 0 [pid 5911] <... munmap resumed>) = 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5910, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5828] <... ioctl resumed>) = 0 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] close(3 [pid 5825] mkdir("./15", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5912] <... write resumed>) = 2097152 [pid 5911] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] <... close resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5911] <... openat resumed>) = 4 [pid 5825] <... ioctl resumed>) = 0 [pid 5911] ioctl(4, LOOP_SET_FD, 3 [pid 5825] close(3 [pid 5912] munmap(0x7fde7cbdc000, 138412032 [pid 5911] <... ioctl resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5911] close(3./strace-static-x86_64: Process 5913 attached ) = 0 [pid 5911] close(4) = 0 [pid 5911] mkdir("./file1", 0777 [pid 5827] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5911] <... mkdir resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5911] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5913] set_robust_list(0x55558eab2660, 24 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5913 [pid 5827] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5913] <... set_robust_list resumed>) = 0 [pid 5913] chdir("./15") = 0 [pid 5827] <... openat resumed>) = 3 [pid 5913] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5827] newfstatat(3, "", [pid 5913] setpgid(0, 0) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5913] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5913] write(3, "1000", 4) = 4 [pid 5913] close(3) = 0 [pid 5913] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5913] write(1, "executing program\n", 18) = 18 [pid 5913] memfd_create("syzkaller", 0 [pid 5912] <... munmap resumed>) = 0 [pid 5827] getdents64(3, [pid 5825] <... close resumed>) = 0 [pid 5912] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5912] <... openat resumed>) = 4 [pid 5827] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5912] ioctl(4, LOOP_SET_FD, 3 [pid 5913] <... memfd_create resumed>) = 3 [pid 5912] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5914 attached [pid 5913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5912] close(3) = 0 [pid 5913] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5912] close(4) = 0 [pid 5912] mkdir("./file1", 0777) = 0 [pid 5912] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5914 [pid 5914] set_robust_list(0x55558eab2660, 24) = 0 [pid 5914] chdir("./15") = 0 [pid 5914] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5914] setpgid(0, 0) = 0 [ 109.900388][ T5911] loop2: detected capacity change from 0 to 4096 [ 109.917621][ T5911] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 109.936203][ T5912] loop0: detected capacity change from 0 to 4096 [ 109.947145][ T5912] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5914] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5912] <... mount resumed>) = 0 [pid 5911] <... mount resumed>) = 0 [pid 5911] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5914] <... openat resumed>) = 3 [pid 5911] <... openat resumed>) = 3 [pid 5914] write(3, "1000", 4) = 4 [pid 5914] close(3 [pid 5912] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5911] chdir("./file1" [pid 5912] <... openat resumed>) = 3 [pid 5911] <... chdir resumed>) = 0 [pid 5914] <... close resumed>) = 0 [pid 5911] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5912] chdir("./file1") = 0 [pid 5911] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5912] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5911] unlink("./file0/file0" [pid 5914] symlink("/dev/binderfs", "./binderfs" [pid 5912] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5914] <... symlink resumed>) = 0 [pid 5912] unlink("./file0/file0" [pid 5911] <... unlink resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5914] write(1, "executing program\n", 18) = 18 [pid 5914] memfd_create("syzkaller", 0 [pid 5827] <... umount2 resumed>) = 0 [pid 5914] <... memfd_create resumed>) = 3 [pid 5912] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5911] memfd_create("syzkaller", 0 [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5912] memfd_create("syzkaller", 0 [pid 5914] <... mmap resumed>) = 0x7fde7cbdc000 [ 109.972124][ T5911] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 109.981160][ T5912] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 109.997383][ T5911] ntfs3(loop2): ino=1b, mi_enum_attr [ 109.997410][ T5911] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 110.016148][ T5912] ntfs3(loop0): ino=1b, mi_enum_attr [pid 5912] <... memfd_create resumed>) = 4 [pid 5911] <... memfd_create resumed>) = 4 [pid 5827] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", [pid 5913] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5911] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] getdents64(4, [pid 5912] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5911] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5912] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./15/file1") = 0 [pid 5827] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./15/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [ 110.016175][ T5912] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5827] rmdir("./15") = 0 [pid 5827] mkdir("./16", 0777 [pid 5913] <... write resumed>) = 2097152 [pid 5827] <... mkdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5913] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... openat resumed>) = 3 [pid 5913] <... munmap resumed>) = 0 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5914] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5913] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... ioctl resumed>) = 0 [pid 5911] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] close(3) = 0 [pid 5913] <... openat resumed>) = 4 [pid 5913] ioctl(4, LOOP_SET_FD, 3 [pid 5912] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5913] <... ioctl resumed>) = 0 [pid 5913] close(3) = 0 [pid 5913] close(4) = 0 [pid 5913] mkdir("./file1", 0777) = 0 [pid 5913] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5914] <... write resumed>) = 2097152 [pid 5914] munmap(0x7fde7cbdc000, 138412032 [pid 5911] <... write resumed>) = 2097152 [pid 5914] <... munmap resumed>) = 0 [ 110.121260][ T5913] loop4: detected capacity change from 0 to 4096 [ 110.124055][ T5913] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5914] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5913] <... mount resumed>) = 0 [pid 5912] <... write resumed>) = 2097152 [pid 5911] munmap(0x7fde7cbdc000, 138412032 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5913] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5912] munmap(0x7fde7cbdc000, 138412032./strace-static-x86_64: Process 5915 attached [pid 5914] <... openat resumed>) = 4 [pid 5913] <... openat resumed>) = 3 [pid 5912] <... munmap resumed>) = 0 [pid 5911] <... munmap resumed>) = 0 [pid 5914] ioctl(4, LOOP_SET_FD, 3 [pid 5913] chdir("./file1" [pid 5912] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5915 [pid 5915] set_robust_list(0x55558eab2660, 24 [pid 5914] <... ioctl resumed>) = 0 [pid 5913] <... chdir resumed>) = 0 [pid 5912] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5911] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5915] <... set_robust_list resumed>) = 0 [pid 5911] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5915] chdir("./16" [pid 5913] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5912] close(4 [pid 5911] close(4 [pid 5915] <... chdir resumed>) = 0 [pid 5914] close(3 [pid 5915] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5914] <... close resumed>) = 0 [pid 5915] setpgid(0, 0 [pid 5914] close(4 [pid 5915] <... setpgid resumed>) = 0 [pid 5914] <... close resumed>) = 0 [pid 5915] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5914] mkdir("./file1", 0777 [pid 5915] <... openat resumed>) = 3 [pid 5914] <... mkdir resumed>) = 0 [pid 5913] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5915] write(3, "1000", 4 [pid 5914] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5913] unlink("./file0/file0" [pid 5915] <... write resumed>) = 4 [pid 5915] close(3) = 0 [pid 5915] symlink("/dev/binderfs", "./binderfs" [pid 5913] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5915] <... symlink resumed>) = 0 executing program [pid 5915] write(1, "executing program\n", 18) = 18 [pid 5915] memfd_create("syzkaller", 0) = 3 [ 110.167504][ T5913] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 110.176121][ T5914] loop1: detected capacity change from 0 to 4096 [ 110.198274][ T5914] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5913] memfd_create("syzkaller", 0 [pid 5915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5913] <... memfd_create resumed>) = 4 [pid 5915] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5913] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5912] <... close resumed>) = 0 [pid 5911] <... close resumed>) = 0 [pid 5915] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5912] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5911] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5914] <... mount resumed>) = 0 [pid 5911] <... open resumed>) = 4 [pid 5914] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5914] chdir("./file1") = 0 [pid 5912] exit_group(0 [pid 5911] exit_group(0 [pid 5914] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5912] <... exit_group resumed>) = ? [pid 5911] <... exit_group resumed>) = ? [pid 5914] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5912] +++ exited with 0 +++ [pid 5911] +++ exited with 0 +++ [pid 5914] unlink("./file0/file0" [pid 5913] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5911, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5912, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5826] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5824] <... openat resumed>) = 3 [pid 5914] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5914] memfd_create("syzkaller", 0 [pid 5826] newfstatat(3, "", [ 110.198636][ T5913] ntfs3(loop4): ino=1b, mi_enum_attr [ 110.198658][ T5913] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 110.257381][ T5914] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5824] newfstatat(3, "", [pid 5914] <... memfd_create resumed>) = 4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5914] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5915] <... write resumed>) = 2097152 [pid 5914] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] getdents64(3, [pid 5915] munmap(0x7fde7cbdc000, 138412032 [pid 5824] getdents64(3, [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5915] <... munmap resumed>) = 0 [pid 5915] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5915] ioctl(4, LOOP_SET_FD, 3 [pid 5914] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5913] <... write resumed>) = 2097152 [pid 5915] <... ioctl resumed>) = 0 [pid 5915] close(3) = 0 [pid 5915] close(4) = 0 [pid 5915] mkdir("./file1", 0777 [pid 5826] <... umount2 resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 [pid 5913] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5826] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5913] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5915] <... mkdir resumed>) = 0 [pid 5914] <... write resumed>) = 2097152 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5914] munmap(0x7fde7cbdc000, 138412032 [pid 5915] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5913] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] newfstatat(AT_FDCWD, "./15/file1", [pid 5824] newfstatat(AT_FDCWD, "./16/file1", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5913] close(4 [ 110.298937][ T5914] ntfs3(loop1): ino=1b, mi_enum_attr [ 110.298963][ T5914] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 110.343683][ T5915] loop3: detected capacity change from 0 to 4096 [pid 5826] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5914] <... munmap resumed>) = 0 [pid 5913] <... close resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 4 [pid 5914] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5826] newfstatat(4, "", [pid 5914] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5914] close(4 [pid 5824] <... openat resumed>) = 4 [pid 5826] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, [pid 5824] getdents64(4, [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] close(4 [pid 5914] <... close resumed>) = 0 [pid 5913] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] <... close resumed>) = 0 [pid 5824] getdents64(4, [pid 5826] rmdir("./15/file1" [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5914] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5915] <... mount resumed>) = 0 [pid 5913] <... open resumed>) = 4 [pid 5824] close(4) = 0 [pid 5824] rmdir("./16/file1" [pid 5915] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5915] chdir("./file1" [pid 5913] exit_group(0 [pid 5915] <... chdir resumed>) = 0 [pid 5915] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5913] <... exit_group resumed>) = ? [pid 5915] unlink("./file0/file0" [pid 5914] <... open resumed>) = 4 [pid 5913] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5913, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5828] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5914] exit_group(0 [pid 5828] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5915] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5914] <... exit_group resumed>) = ? [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] <... rmdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5828] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5914] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5914, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5826] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 110.382407][ T5915] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 110.410900][ T5915] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [pid 5824] unlink("./16/binderfs") = 0 [pid 5915] memfd_create("syzkaller", 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... restart_syscall resumed>) = 0 [pid 5824] getdents64(3, [pid 5826] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5915] <... memfd_create resumed>) = 4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] close(3 [pid 5915] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] unlink("./15/binderfs" [pid 5824] <... close resumed>) = 0 [pid 5915] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] umount2("./15", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] rmdir("./16" [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... rmdir resumed>) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5824] mkdir("./17", 0777) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5826] getdents64(3, [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] <... ioctl resumed>) = 0 [pid 5826] close(3 [pid 5824] close(3 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./15") = 0 [pid 5826] mkdir("./16", 0777) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [ 110.432099][ T5915] ntfs3(loop3): ino=1b, mi_enum_attr [ 110.432126][ T5915] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5826] close(3 [pid 5915] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] <... close resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5916 attached , child_tidptr=0x55558eab2650) = 5916 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5917 ./strace-static-x86_64: Process 5917 attached [pid 5916] set_robust_list(0x55558eab2660, 24 [pid 5828] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5917] set_robust_list(0x55558eab2660, 24 [pid 5916] <... set_robust_list resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./15/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5917] <... set_robust_list resumed>) = 0 [pid 5916] chdir("./17" [pid 5828] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5917] chdir("./16" [pid 5916] <... chdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = 0 [pid 5916] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5916] <... prctl resumed>) = 0 [pid 5825] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5916] setpgid(0, 0 [pid 5828] newfstatat(4, "", [pid 5825] newfstatat(AT_FDCWD, "./15/file1", [pid 5916] <... setpgid resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./15/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5916] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] getdents64(4, [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./15/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5917] <... chdir resumed>) = 0 [pid 5916] <... openat resumed>) = 3 [pid 5828] getdents64(4, [pid 5825] <... openat resumed>) = 4 [pid 5916] write(3, "1000", 4 [pid 5917] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5917] <... prctl resumed>) = 0 [pid 5916] <... write resumed>) = 4 [pid 5825] newfstatat(4, "", [pid 5917] setpgid(0, 0 [pid 5828] close(4 [pid 5916] close(3 [pid 5917] <... setpgid resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5917] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5916] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5825] getdents64(4, [pid 5917] <... openat resumed>) = 3 [pid 5916] symlink("/dev/binderfs", "./binderfs" [pid 5828] rmdir("./15/file1" [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, [pid 5828] <... rmdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] close(4 [pid 5916] <... symlink resumed>) = 0 [pid 5915] <... write resumed>) = 2097152 [pid 5828] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... close resumed>) = 0 executing program [pid 5916] write(1, "executing program\n", 18 [pid 5825] rmdir("./15/file1" [pid 5917] write(3, "1000", 4 [pid 5916] <... write resumed>) = 18 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... rmdir resumed>) = 0 [pid 5825] umount2("./15/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./15/binderfs") = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5916] memfd_create("syzkaller", 0 [pid 5917] <... write resumed>) = 4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... close resumed>) = 0 [pid 5916] <... memfd_create resumed>) = 3 [pid 5917] close(3 [pid 5828] unlink("./15/binderfs" [pid 5917] <... close resumed>) = 0 [pid 5825] rmdir("./15" [pid 5917] symlink("/dev/binderfs", "./binderfs" [pid 5916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... unlink resumed>) = 0 [pid 5917] <... symlink resumed>) = 0 [pid 5916] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] getdents64(3, [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] mkdir("./16", 0777 [pid 5828] close(3 [pid 5825] <... mkdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5915] munmap(0x7fde7cbdc000, 138412032 [pid 5828] rmdir("./15" [pid 5917] write(1, "executing program\n", 18 [pid 5828] <... rmdir resumed>) = 0 [pid 5825] <... openat resumed>) = 3 executing program [pid 5917] <... write resumed>) = 18 [pid 5828] mkdir("./16", 0777 [pid 5915] <... munmap resumed>) = 0 [pid 5828] <... mkdir resumed>) = 0 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5917] memfd_create("syzkaller", 0 [pid 5825] close(3 [pid 5915] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5917] <... memfd_create resumed>) = 3 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] <... close resumed>) = 0 [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... openat resumed>) = 3 [pid 5917] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5915] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5915] close(4 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5918 attached [pid 5915] <... close resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5918 [pid 5918] set_robust_list(0x55558eab2660, 24) = 0 executing program [pid 5918] chdir("./16") = 0 [pid 5918] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5918] setpgid(0, 0) = 0 [pid 5918] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5918] write(3, "1000", 4) = 4 [pid 5918] close(3) = 0 [pid 5918] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5918] write(1, "executing program\n", 18) = 18 [pid 5915] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5918] memfd_create("syzkaller", 0 [pid 5915] <... open resumed>) = 4 [pid 5918] <... memfd_create resumed>) = 3 [pid 5915] exit_group(0 [pid 5918] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5915] <... exit_group resumed>) = ? [pid 5916] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5917] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5915] +++ exited with 0 +++ [pid 5828] <... close resumed>) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5915, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5918] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5827] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5919 attached ) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5919 [pid 5827] <... openat resumed>) = 3 [pid 5919] set_robust_list(0x55558eab2660, 24 [pid 5827] newfstatat(3, "", [pid 5919] <... set_robust_list resumed>) = 0 [pid 5919] chdir("./16" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5919] <... chdir resumed>) = 0 [pid 5827] getdents64(3, [pid 5919] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5919] <... prctl resumed>) = 0 [pid 5827] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5919] setpgid(0, 0) = 0 [pid 5919] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5919] write(3, "1000", 4) = 4 [pid 5919] close(3) = 0 [pid 5919] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5919] write(1, "executing program\n", 18) = 18 [pid 5919] memfd_create("syzkaller", 0) = 3 [pid 5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5917] <... write resumed>) = 2097152 [pid 5916] <... write resumed>) = 2097152 [pid 5918] <... write resumed>) = 2097152 [pid 5917] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5916] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5918] munmap(0x7fde7cbdc000, 138412032 [pid 5827] newfstatat(AT_FDCWD, "./16/file1", [pid 5918] <... munmap resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5917] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5827] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5916] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5917] close(3 [pid 5916] <... openat resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5917] <... close resumed>) = 0 [pid 5916] ioctl(4, LOOP_SET_FD, 3 [pid 5827] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5917] close(4 [pid 5916] <... ioctl resumed>) = 0 [pid 5827] <... openat resumed>) = 4 [pid 5917] <... close resumed>) = 0 [pid 5917] mkdir("./file1", 0777 [pid 5916] close(3 [pid 5827] newfstatat(4, "", [pid 5917] <... mkdir resumed>) = 0 [pid 5916] <... close resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5917] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5916] close(4 [pid 5918] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5916] <... close resumed>) = 0 [pid 5919] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5918] <... openat resumed>) = 4 [pid 5916] mkdir("./file1", 0777 [pid 5827] getdents64(4, [pid 5916] <... mkdir resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5918] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5827] getdents64(4, [pid 5918] close(3 [pid 5916] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5918] <... close resumed>) = 0 [pid 5827] close(4 [pid 5918] close(4 [pid 5827] <... close resumed>) = 0 [pid 5918] <... close resumed>) = 0 [pid 5918] mkdir("./file1", 0777 [pid 5827] rmdir("./16/file1" [pid 5918] <... mkdir resumed>) = 0 [pid 5918] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5827] <... rmdir resumed>) = 0 [ 110.718152][ T5917] loop2: detected capacity change from 0 to 4096 [ 110.719861][ T5916] loop0: detected capacity change from 0 to 4096 [ 110.726735][ T5917] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 110.751811][ T5918] loop1: detected capacity change from 0 to 4096 [ 110.764527][ T5916] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5827] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./16/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./16") = 0 [pid 5827] mkdir("./17", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5919] <... write resumed>) = 2097152 [pid 5919] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558eab2650) = 5920 ./strace-static-x86_64: Process 5920 attached [pid 5919] <... munmap resumed>) = 0 [pid 5920] set_robust_list(0x55558eab2660, 24) = 0 [pid 5920] chdir("./17") = 0 [pid 5920] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5920] setpgid(0, 0) = 0 [ 110.767040][ T5918] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5920] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5920] write(3, "1000", 4 [pid 5919] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5920] <... write resumed>) = 4 [pid 5920] close(3 [pid 5919] <... openat resumed>) = 4 [pid 5918] <... mount resumed>) = 0 [pid 5919] ioctl(4, LOOP_SET_FD, 3 [pid 5918] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5920] <... close resumed>) = 0 [pid 5919] <... ioctl resumed>) = 0 [pid 5920] symlink("/dev/binderfs", "./binderfs" [pid 5919] close(3 [pid 5918] <... openat resumed>) = 3 [pid 5919] <... close resumed>) = 0 [pid 5918] chdir("./file1" [pid 5919] close(4 [pid 5918] <... chdir resumed>) = 0 [pid 5920] <... symlink resumed>) = 0 [pid 5919] <... close resumed>) = 0 executing program [pid 5918] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5920] write(1, "executing program\n", 18 [pid 5919] mkdir("./file1", 0777 [pid 5918] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5917] <... mount resumed>) = 0 [pid 5920] <... write resumed>) = 18 [pid 5919] <... mkdir resumed>) = 0 [pid 5918] unlink("./file0/file0" [pid 5919] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5920] memfd_create("syzkaller", 0 [pid 5918] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5917] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5916] <... mount resumed>) = 0 [pid 5920] <... memfd_create resumed>) = 3 [pid 5918] memfd_create("syzkaller", 0 [pid 5917] <... openat resumed>) = 3 [ 110.849731][ T5918] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 110.857581][ T5919] loop4: detected capacity change from 0 to 4096 [ 110.877924][ T5917] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 110.878757][ T5916] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 110.882101][ T5918] ntfs3(loop1): ino=1b, mi_enum_attr [pid 5916] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5917] chdir("./file1" [pid 5920] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5917] <... chdir resumed>) = 0 [pid 5917] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5918] <... memfd_create resumed>) = 4 [pid 5917] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5916] <... openat resumed>) = 3 [pid 5918] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5916] chdir("./file1" [pid 5918] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5917] unlink("./file0/file0" [pid 5916] <... chdir resumed>) = 0 [pid 5917] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5917] memfd_create("syzkaller", 0 [pid 5916] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5917] <... memfd_create resumed>) = 4 [pid 5916] unlink("./file0/file0" [pid 5917] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 110.882123][ T5918] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 110.883221][ T5919] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 110.942866][ T5917] ntfs3(loop2): ino=1b, mi_enum_attr [pid 5919] <... mount resumed>) = 0 [pid 5919] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5919] chdir("./file1" [pid 5916] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5919] <... chdir resumed>) = 0 [pid 5919] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5916] memfd_create("syzkaller", 0 [pid 5919] unlink("./file0/file0" [pid 5920] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5919] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5916] <... memfd_create resumed>) = 4 [pid 5918] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5917] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5916] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5919] memfd_create("syzkaller", 0 [pid 5916] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5919] <... memfd_create resumed>) = 4 [pid 5919] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [ 110.942893][ T5917] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 110.960562][ T5916] ntfs3(loop0): ino=1b, mi_enum_attr [ 110.960588][ T5916] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 110.961571][ T5919] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 110.979600][ T5919] ntfs3(loop4): ino=1b, mi_enum_attr [ 110.979626][ T5919] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5920] <... write resumed>) = 2097152 [pid 5919] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5920] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5920] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5920] close(3) = 0 [pid 5918] <... write resumed>) = 2097152 [pid 5917] <... write resumed>) = 2097152 [pid 5920] close(4) = 0 [pid 5918] munmap(0x7fde7cbdc000, 138412032 [pid 5917] munmap(0x7fde7cbdc000, 138412032 [pid 5920] mkdir("./file1", 0777) = 0 [pid 5918] <... munmap resumed>) = 0 [pid 5920] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5918] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5917] <... munmap resumed>) = 0 [pid 5916] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5917] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5918] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5917] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5918] close(4 [ 111.068227][ T5920] loop3: detected capacity change from 0 to 4096 [ 111.076760][ T5920] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5917] close(4 [pid 5919] <... write resumed>) = 2097152 [pid 5920] <... mount resumed>) = 0 [pid 5917] <... close resumed>) = 0 [pid 5916] <... write resumed>) = 2097152 [pid 5920] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5919] munmap(0x7fde7cbdc000, 138412032 [pid 5918] <... close resumed>) = 0 [pid 5917] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5916] munmap(0x7fde7cbdc000, 138412032 [pid 5920] <... openat resumed>) = 3 [pid 5919] <... munmap resumed>) = 0 [pid 5918] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5916] <... munmap resumed>) = 0 [pid 5920] chdir("./file1") = 0 [pid 5920] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5917] <... open resumed>) = 4 [pid 5916] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5920] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5918] <... open resumed>) = 4 [pid 5917] exit_group(0 [pid 5916] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5920] unlink("./file0/file0" [pid 5918] exit_group(0 [pid 5917] <... exit_group resumed>) = ? [pid 5916] close(4 [pid 5919] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5920] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5919] close(4 [pid 5920] memfd_create("syzkaller", 0 [pid 5918] <... exit_group resumed>) = ? [pid 5917] +++ exited with 0 +++ [pid 5920] <... memfd_create resumed>) = 4 [pid 5919] <... close resumed>) = 0 [pid 5920] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5917, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5918] +++ exited with 0 +++ [pid 5916] <... close resumed>) = 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5916] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5919] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5918, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5826] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5919] <... open resumed>) = 4 [pid 5919] exit_group(0) = ? [pid 5919] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5919, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5916] <... open resumed>) = 4 [pid 5916] exit_group(0) = ? [pid 5828] <... restart_syscall resumed>) = 0 [pid 5828] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./16", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5920] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5916] +++ exited with 0 +++ [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5916, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5824] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5824] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 111.118946][ T5920] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 111.140587][ T5920] ntfs3(loop3): ino=1b, mi_enum_attr [ 111.140613][ T5920] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5824] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5920] <... write resumed>) = 2097152 [pid 5826] <... umount2 resumed>) = 0 [pid 5824] newfstatat(3, "", [pid 5920] munmap(0x7fde7cbdc000, 138412032 [pid 5826] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./16/file1", [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] <... munmap resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5920] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5920] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... openat resumed>) = 4 [pid 5920] close(4 [pid 5826] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] close(4) = 0 [pid 5826] rmdir("./16/file1" [pid 5828] <... umount2 resumed>) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 5920] <... close resumed>) = 0 [pid 5828] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5825] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5920] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(AT_FDCWD, "./16/file1", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./16/file1", [pid 5828] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] umount2("./16/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... openat resumed>) = 4 [pid 5826] unlink("./16/binderfs" [pid 5920] <... open resumed>) = 4 [pid 5828] newfstatat(4, "", [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5920] exit_group(0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... unlink resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./16/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5920] <... exit_group resumed>) = ? [pid 5828] getdents64(4, [pid 5826] getdents64(3, [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... openat resumed>) = 4 [pid 5828] getdents64(4, [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] newfstatat(4, "", [pid 5826] close(3 [pid 5828] close(4) = 0 [pid 5826] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] rmdir("./16/file1" [pid 5826] rmdir("./16" [pid 5920] +++ exited with 0 +++ [pid 5828] <... rmdir resumed>) = 0 [pid 5825] getdents64(4, [pid 5828] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... rmdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5920, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5826] mkdir("./17", 0777 [pid 5825] getdents64(4, [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] unlink("./16/binderfs" [pid 5825] close(4 [pid 5826] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] <... close resumed>) = 0 [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, [pid 5826] <... openat resumed>) = 3 [pid 5825] rmdir("./16/file1" [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./16") = 0 [pid 5827] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... ioctl resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... rmdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] mkdir("./17", 0777 [pid 5827] <... openat resumed>) = 3 [pid 5828] <... mkdir resumed>) = 0 [pid 5827] newfstatat(3, "", [pid 5825] umount2("./16/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] getdents64(3, [pid 5826] close(3 [pid 5824] <... umount2 resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] unlink("./16/binderfs" [pid 5824] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5827] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... unlink resumed>) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(3, [pid 5824] newfstatat(AT_FDCWD, "./17/file1", [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5828] <... ioctl resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] close(3 [pid 5825] <... close resumed>) = 0 [pid 5824] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] rmdir("./16" [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... rmdir resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5824] <... openat resumed>) = 4 [pid 5825] mkdir("./17", 0777 [pid 5824] newfstatat(4, "", [pid 5825] <... mkdir resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(4 [pid 5825] <... openat resumed>) = 3 [pid 5824] <... close resumed>) = 0 [pid 5824] rmdir("./17/file1" [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5825] close(3./strace-static-x86_64: Process 5922 attached ./strace-static-x86_64: Process 5921 attached [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5922 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5921 [pid 5824] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] unlink("./17/binderfs") = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3) = 0 [pid 5824] rmdir("./17" [pid 5922] set_robust_list(0x55558eab2660, 24 [pid 5921] set_robust_list(0x55558eab2660, 24 [pid 5824] <... rmdir resumed>) = 0 [pid 5922] <... set_robust_list resumed>) = 0 [pid 5921] <... set_robust_list resumed>) = 0 [pid 5922] chdir("./17" [pid 5921] chdir("./17" [pid 5824] mkdir("./18", 0777 [pid 5922] <... chdir resumed>) = 0 [pid 5921] <... chdir resumed>) = 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5922] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5921] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5922] <... prctl resumed>) = 0 [pid 5921] <... prctl resumed>) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5922] setpgid(0, 0 [pid 5921] setpgid(0, 0 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5922] <... setpgid resumed>) = 0 [pid 5921] <... setpgid resumed>) = 0 [pid 5824] <... ioctl resumed>) = 0 [pid 5922] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5921] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] close(3 [pid 5922] <... openat resumed>) = 3 [pid 5921] <... openat resumed>) = 3 [pid 5827] <... umount2 resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5922] write(3, "1000", 4) = 4 [pid 5922] close(3) = 0 [pid 5922] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5923 attached ) = 0 [pid 5921] write(3, "1000", 4 [pid 5922] write(1, "executing program\n", 18 [pid 5921] <... write resumed>) = 4 executing program [pid 5921] close(3 [pid 5922] <... write resumed>) = 18 [pid 5921] <... close resumed>) = 0 [pid 5923] set_robust_list(0x55558eab2660, 24 [pid 5921] symlink("/dev/binderfs", "./binderfs" [pid 5827] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5923 [pid 5922] memfd_create("syzkaller", 0 [pid 5921] <... symlink resumed>) = 0 [pid 5922] <... memfd_create resumed>) = 3 [pid 5921] write(1, "executing program\n", 18) = 18 executing program [pid 5922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5921] memfd_create("syzkaller", 0 [pid 5923] <... set_robust_list resumed>) = 0 [pid 5922] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5923] chdir("./17") = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5921] <... memfd_create resumed>) = 3 [pid 5921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5923] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5921] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] newfstatat(AT_FDCWD, "./17/file1", [pid 5923] <... prctl resumed>) = 0 [pid 5923] setpgid(0, 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5923] <... setpgid resumed>) = 0 [pid 5827] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5923] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5923] <... openat resumed>) = 3 [pid 5827] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5923] write(3, "1000", 4) = 4 [pid 5827] <... openat resumed>) = 4 [pid 5923] close(3 [pid 5827] newfstatat(4, "", [pid 5923] <... close resumed>) = 0 [pid 5923] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... close resumed>) = 0 executing program [pid 5923] <... symlink resumed>) = 0 [pid 5922] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] getdents64(4, [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5923] write(1, "executing program\n", 18) = 18 [pid 5923] memfd_create("syzkaller", 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5924 ./strace-static-x86_64: Process 5924 attached [pid 5827] getdents64(4, [pid 5923] <... memfd_create resumed>) = 3 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5924] set_robust_list(0x55558eab2660, 24 [pid 5923] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] close(4 [pid 5924] <... set_robust_list resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5924] chdir("./18" [pid 5827] rmdir("./17/file1" [pid 5924] <... chdir resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5924] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5924] <... prctl resumed>) = 0 [pid 5924] setpgid(0, 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5924] <... setpgid resumed>) = 0 [pid 5924] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5924] <... openat resumed>) = 3 [pid 5924] write(3, "1000", 4 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5924] <... write resumed>) = 4 [pid 5924] close(3) = 0 [pid 5921] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] unlink("./17/binderfs" [pid 5924] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5827] <... unlink resumed>) = 0 executing program [pid 5924] write(1, "executing program\n", 18) = 18 [pid 5924] memfd_create("syzkaller", 0) = 3 [pid 5924] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5922] <... write resumed>) = 2097152 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./17" [pid 5922] munmap(0x7fde7cbdc000, 138412032 [pid 5827] <... rmdir resumed>) = 0 [pid 5827] mkdir("./18", 0777 [pid 5922] <... munmap resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5922] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] <... openat resumed>) = 3 [pid 5922] <... openat resumed>) = 4 [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5922] ioctl(4, LOOP_SET_FD, 3 [pid 5827] <... ioctl resumed>) = 0 [pid 5922] <... ioctl resumed>) = 0 [pid 5827] close(3 [pid 5922] close(3 [pid 5923] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5922] <... close resumed>) = 0 [pid 5922] close(4) = 0 [pid 5922] mkdir("./file1", 0777) = 0 [pid 5922] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5921] <... write resumed>) = 2097152 [pid 5921] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5924] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5923] <... write resumed>) = 2097152 [pid 5827] <... close resumed>) = 0 [pid 5923] munmap(0x7fde7cbdc000, 138412032 [pid 5921] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5921] <... openat resumed>) = 4 [pid 5921] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5921] close(3) = 0 [pid 5921] close(4) = 0 [pid 5921] mkdir("./file1", 0777) = 0 [pid 5923] <... munmap resumed>) = 0 [pid 5921] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, ""./strace-static-x86_64: Process 5925 attached [pid 5922] <... mount resumed>) = 0 [ 111.420850][ T5922] loop4: detected capacity change from 0 to 4096 [ 111.442863][ T5922] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5925] set_robust_list(0x55558eab2660, 24 [pid 5922] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5925] <... set_robust_list resumed>) = 0 [pid 5922] <... openat resumed>) = 3 [pid 5925] chdir("./18") = 0 [pid 5922] chdir("./file1" [pid 5925] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5922] <... chdir resumed>) = 0 [pid 5922] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5925] <... prctl resumed>) = 0 [pid 5922] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5925] setpgid(0, 0 [pid 5922] unlink("./file0/file0" [pid 5925] <... setpgid resumed>) = 0 [pid 5925] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5925] write(3, "1000", 4) = 4 [pid 5925] close(3) = 0 [pid 5922] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5925] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5922] memfd_create("syzkaller", 0executing program [pid 5925] write(1, "executing program\n", 18) = 18 [pid 5925] memfd_create("syzkaller", 0 [pid 5922] <... memfd_create resumed>) = 4 [pid 5925] <... memfd_create resumed>) = 3 [pid 5925] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5925 [pid 5923] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5922] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5923] <... openat resumed>) = 4 [pid 5923] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5923] close(3) = 0 [ 111.482018][ T5921] loop2: detected capacity change from 0 to 4096 [ 111.484147][ T5922] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 111.489584][ T5921] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 111.501553][ T5922] ntfs3(loop4): ino=1b, mi_enum_attr [ 111.501580][ T5922] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5923] close(4 [pid 5921] <... mount resumed>) = 0 [pid 5921] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5921] chdir("./file1" [pid 5923] <... close resumed>) = 0 [pid 5921] <... chdir resumed>) = 0 [pid 5923] mkdir("./file1", 0777 [pid 5921] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5921] unlink("./file0/file0" [pid 5923] <... mkdir resumed>) = 0 [pid 5921] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5921] memfd_create("syzkaller", 0) = 4 [pid 5921] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5923] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5924] <... write resumed>) = 2097152 [pid 5924] munmap(0x7fde7cbdc000, 138412032 [pid 5925] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5924] <... munmap resumed>) = 0 [ 111.535637][ T5923] loop1: detected capacity change from 0 to 4096 [ 111.538999][ T5921] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 111.543957][ T5921] ntfs3(loop2): ino=1b, mi_enum_attr [ 111.543981][ T5921] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 111.567721][ T5923] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5925] <... write resumed>) = 2097152 [pid 5924] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5922] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5921] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5924] <... openat resumed>) = 4 [pid 5924] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5924] close(3) = 0 [pid 5924] close(4) = 0 [pid 5924] mkdir("./file1", 0777) = 0 [pid 5925] munmap(0x7fde7cbdc000, 138412032 [pid 5924] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5925] <... munmap resumed>) = 0 [pid 5925] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5922] <... write resumed>) = 2097152 [pid 5921] <... write resumed>) = 2097152 [pid 5925] <... openat resumed>) = 4 [pid 5925] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5925] close(3 [pid 5921] munmap(0x7fde7cbdc000, 138412032 [pid 5925] <... close resumed>) = 0 [pid 5925] close(4) = 0 [ 111.621839][ T5924] loop0: detected capacity change from 0 to 4096 [ 111.633028][ T5924] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5925] mkdir("./file1", 0777 [pid 5924] <... mount resumed>) = 0 [pid 5922] munmap(0x7fde7cbdc000, 138412032 [pid 5921] <... munmap resumed>) = 0 [pid 5924] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5925] <... mkdir resumed>) = 0 [pid 5924] chdir("./file1") = 0 [pid 5925] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5924] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5924] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5924] memfd_create("syzkaller", 0 [pid 5923] <... mount resumed>) = 0 [pid 5922] <... munmap resumed>) = 0 [pid 5921] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5924] <... memfd_create resumed>) = 4 [pid 5924] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5922] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5924] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5922] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5922] close(4 [pid 5923] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5921] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5923] <... openat resumed>) = 3 [pid 5921] close(4 [pid 5923] chdir("./file1") = 0 [pid 5923] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [ 111.672806][ T5925] loop3: detected capacity change from 0 to 4096 [ 111.675334][ T5924] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 111.687913][ T5924] ntfs3(loop0): ino=1b, mi_enum_attr [ 111.687938][ T5924] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 111.692921][ T5925] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 111.694810][ T5923] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5925] <... mount resumed>) = 0 [pid 5923] unlink("./file0/file0" [pid 5925] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5923] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5925] chdir("./file1" [pid 5923] memfd_create("syzkaller", 0 [pid 5925] <... chdir resumed>) = 0 [pid 5923] <... memfd_create resumed>) = 4 [pid 5923] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5925] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5923] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5925] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5922] <... close resumed>) = 0 [pid 5925] unlink("./file0/file0" [pid 5922] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5925] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5925] memfd_create("syzkaller", 0 [pid 5922] <... open resumed>) = 4 [pid 5925] <... memfd_create resumed>) = 4 [pid 5925] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5922] exit_group(0 [pid 5925] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5922] <... exit_group resumed>) = ? [pid 5922] +++ exited with 0 +++ [pid 5924] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5921] <... close resumed>) = 0 [pid 5921] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5922, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5921] <... open resumed>) = 4 [pid 5828] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", [pid 5921] exit_group(0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5921] <... exit_group resumed>) = ? [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5924] <... write resumed>) = 2097152 [ 111.758338][ T5925] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 111.769143][ T5923] ntfs3(loop1): ino=1b, mi_enum_attr [ 111.769169][ T5923] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 111.805868][ T5925] ntfs3(loop3): ino=1b, mi_enum_attr [ 111.805896][ T5925] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5924] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5921] +++ exited with 0 +++ [pid 5924] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5921, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5924] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5924] close(4) = 0 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5826] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5923] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5925] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5924] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5925] <... write resumed>) = 2097152 [pid 5925] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5924] <... open resumed>) = 4 [pid 5924] exit_group(0 [pid 5828] <... umount2 resumed>) = 0 [pid 5924] <... exit_group resumed>) = ? [pid 5925] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5924] +++ exited with 0 +++ [pid 5923] <... write resumed>) = 2097152 [pid 5828] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5923] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5924, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5828] newfstatat(AT_FDCWD, "./17/file1", [pid 5923] <... munmap resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5828] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5824] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5828] getdents64(4, [pid 5826] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] newfstatat(3, "", [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] getdents64(4, [pid 5826] newfstatat(AT_FDCWD, "./17/file1", [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] getdents64(3, [pid 5925] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5923] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] close(4 [pid 5925] close(4 [pid 5923] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... close resumed>) = 0 [pid 5826] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5923] close(4 [pid 5828] rmdir("./17/file1" [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... openat resumed>) = 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(4, "", [pid 5828] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] getdents64(4, [pid 5828] unlink("./17/binderfs" [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, [pid 5826] getdents64(4, [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] close(3 [pid 5826] close(4 [pid 5828] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5828] rmdir("./17" [pid 5826] rmdir("./17/file1" [pid 5925] <... close resumed>) = 0 [pid 5923] <... close resumed>) = 0 [pid 5925] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... rmdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5828] mkdir("./18", 0777 [pid 5826] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5923] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 5826] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... ioctl resumed>) = 0 [pid 5826] unlink("./17/binderfs" [pid 5925] <... open resumed>) = 4 [pid 5828] close(3 [pid 5923] <... open resumed>) = 4 [pid 5826] <... unlink resumed>) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3 [pid 5925] exit_group(0 [pid 5826] <... close resumed>) = 0 [pid 5925] <... exit_group resumed>) = ? [pid 5923] exit_group(0 [pid 5826] rmdir("./17") = 0 [pid 5826] mkdir("./18", 0777 [pid 5923] <... exit_group resumed>) = ? [pid 5826] <... mkdir resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5826] close(3 [pid 5925] +++ exited with 0 +++ [pid 5923] +++ exited with 0 +++ [pid 5828] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5925, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5923, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=9 /* 0.09 s */} --- [pid 5827] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./17", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] newfstatat(3, "", [pid 5825] <... openat resumed>) = 3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(3, "", [pid 5827] getdents64(3, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] getdents64(3, [pid 5827] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5926 attached , child_tidptr=0x55558eab2650) = 5926 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5926] set_robust_list(0x55558eab2660, 24) = 0 [pid 5926] chdir("./18"./strace-static-x86_64: Process 5927 attached ) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5927 [pid 5926] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5927] set_robust_list(0x55558eab2660, 24 [pid 5926] setpgid(0, 0 [pid 5827] <... umount2 resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 [pid 5827] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5927] <... set_robust_list resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./18/file1", [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] newfstatat(AT_FDCWD, "./18/file1", [pid 5927] chdir("./18" [pid 5827] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5927] <... chdir resumed>) = 0 [pid 5926] <... setpgid resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5927] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5926] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5927] <... prctl resumed>) = 0 [pid 5926] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 4 [pid 5824] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5927] setpgid(0, 0 [pid 5926] write(3, "1000", 4 [pid 5827] newfstatat(4, "", [pid 5824] <... openat resumed>) = 4 [pid 5927] <... setpgid resumed>) = 0 [pid 5926] <... write resumed>) = 4 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 5824] newfstatat(4, "", [pid 5927] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] getdents64(4, [pid 5825] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5927] <... openat resumed>) = 3 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./17/file1", [pid 5824] getdents64(4, [pid 5927] write(3, "1000", 4 [pid 5926] close(3 [pid 5827] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5927] <... write resumed>) = 4 [pid 5926] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] umount2("./17/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5927] close(3 [pid 5926] symlink("/dev/binderfs", "./binderfs" [pid 5827] close(4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] getdents64(4, [pid 5927] <... close resumed>) = 0 [pid 5926] <... symlink resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./17/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5927] symlink("/dev/binderfs", "./binderfs" [pid 5926] write(1, "executing program\n", 18executing program [pid 5827] rmdir("./18/file1" [pid 5825] <... openat resumed>) = 4 [pid 5824] close(4 [pid 5926] <... write resumed>) = 18 [pid 5827] <... rmdir resumed>) = 0 [pid 5825] newfstatat(4, "", [pid 5824] <... close resumed>) = 0 [pid 5927] <... symlink resumed>) = 0 [pid 5926] memfd_create("syzkaller", 0 [pid 5827] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5927] write(1, "executing program\n", 18 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] rmdir("./18/file1" [pid 5926] <... memfd_create resumed>) = 3 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] getdents64(4, [pid 5824] <... rmdir resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] getdents64(4, [pid 5926] <... mmap resumed>) = 0x7fde7cbdc000 executing program [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5927] <... write resumed>) = 18 [pid 5827] unlink("./18/binderfs" [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5827] <... unlink resumed>) = 0 [pid 5825] close(4 [pid 5827] getdents64(3, [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] unlink("./18/binderfs" [pid 5827] close(3 [pid 5927] memfd_create("syzkaller", 0 [pid 5827] <... close resumed>) = 0 [pid 5824] <... unlink resumed>) = 0 [pid 5827] rmdir("./18" [pid 5825] <... close resumed>) = 0 [pid 5927] <... memfd_create resumed>) = 3 [pid 5827] <... rmdir resumed>) = 0 [pid 5825] rmdir("./17/file1" [pid 5824] getdents64(3, [pid 5927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5827] mkdir("./19", 0777 [pid 5825] <... rmdir resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5825] umount2("./17/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] close(3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... close resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5824] rmdir("./18" [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5825] unlink("./17/binderfs" [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5825] <... unlink resumed>) = 0 [pid 5824] mkdir("./19", 0777 [pid 5827] <... ioctl resumed>) = 0 [pid 5825] getdents64(3, [pid 5824] <... mkdir resumed>) = 0 [pid 5827] close(3 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5827] <... close resumed>) = 0 [pid 5825] close(3 [pid 5824] <... openat resumed>) = 3 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... close resumed>) = 0 ./strace-static-x86_64: Process 5928 attached [pid 5825] rmdir("./17" [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5825] <... rmdir resumed>) = 0 [pid 5824] <... ioctl resumed>) = 0 [pid 5824] close(3) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5929 attached [pid 5928] set_robust_list(0x55558eab2660, 24 [pid 5825] mkdir("./18", 0777 [pid 5929] set_robust_list(0x55558eab2660, 24) = 0 [pid 5929] chdir("./19") = 0 [pid 5825] <... mkdir resumed>) = 0 [pid 5929] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5928] <... set_robust_list resumed>) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5928 [pid 5929] <... prctl resumed>) = 0 [pid 5928] chdir("./19" [pid 5929] setpgid(0, 0 [pid 5928] <... chdir resumed>) = 0 [pid 5929] <... setpgid resumed>) = 0 [pid 5928] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5929 [pid 5928] <... prctl resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5929] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5928] setpgid(0, 0 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3 [pid 5928] <... setpgid resumed>) = 0 [pid 5928] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program executing program [pid 5929] <... openat resumed>) = 3 [pid 5928] <... openat resumed>) = 3 [pid 5928] write(3, "1000", 4) = 4 [pid 5928] close(3) = 0 [pid 5928] symlink("/dev/binderfs", "./binderfs" [pid 5929] write(3, "1000", 4 [pid 5928] <... symlink resumed>) = 0 [pid 5929] <... write resumed>) = 4 [pid 5929] close(3) = 0 [pid 5928] write(1, "executing program\n", 18 [pid 5929] symlink("/dev/binderfs", "./binderfs" [pid 5928] <... write resumed>) = 18 [pid 5928] memfd_create("syzkaller", 0 [pid 5929] <... symlink resumed>) = 0 [pid 5929] write(1, "executing program\n", 18) = 18 [pid 5929] memfd_create("syzkaller", 0 [pid 5928] <... memfd_create resumed>) = 3 [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5929] <... memfd_create resumed>) = 3 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5825] <... close resumed>) = 0 [pid 5926] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5927] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5930 attached , child_tidptr=0x55558eab2650) = 5930 [pid 5930] set_robust_list(0x55558eab2660, 24) = 0 [pid 5930] chdir("./18") = 0 [pid 5930] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5930] setpgid(0, 0 [pid 5929] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5927] <... write resumed>) = 2097152 [pid 5926] <... write resumed>) = 2097152 [pid 5930] <... setpgid resumed>) = 0 [pid 5930] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5930] write(3, "1000", 4) = 4 [pid 5930] close(3) = 0 [pid 5930] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5930] write(1, "executing program\n", 18executing program ) = 18 [pid 5930] memfd_create("syzkaller", 0) = 3 [pid 5928] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5926] munmap(0x7fde7cbdc000, 138412032 [pid 5930] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5927] munmap(0x7fde7cbdc000, 138412032 [pid 5930] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5927] <... munmap resumed>) = 0 [pid 5926] <... munmap resumed>) = 0 [pid 5927] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5926] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5926] ioctl(4, LOOP_SET_FD, 3 [pid 5929] <... write resumed>) = 2097152 [pid 5927] <... openat resumed>) = 4 [pid 5927] ioctl(4, LOOP_SET_FD, 3 [pid 5926] <... ioctl resumed>) = 0 [pid 5926] close(3) = 0 [pid 5927] <... ioctl resumed>) = 0 [pid 5926] close(4) = 0 [pid 5927] close(3 [pid 5926] mkdir("./file1", 0777 [pid 5927] <... close resumed>) = 0 [pid 5926] <... mkdir resumed>) = 0 [pid 5926] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5929] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5928] <... write resumed>) = 2097152 [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5928] munmap(0x7fde7cbdc000, 138412032 [pid 5929] <... openat resumed>) = 4 [pid 5929] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5927] close(4 [pid 5929] close(3) = 0 [pid 5929] close(4 [pid 5927] <... close resumed>) = 0 [pid 5929] <... close resumed>) = 0 [pid 5927] mkdir("./file1", 0777 [pid 5929] mkdir("./file1", 0777 [pid 5928] <... munmap resumed>) = 0 [pid 5927] <... mkdir resumed>) = 0 [ 112.248571][ T5926] loop4: detected capacity change from 0 to 4096 [ 112.254064][ T5927] loop2: detected capacity change from 0 to 4096 [ 112.258953][ T5926] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 112.279852][ T5929] loop0: detected capacity change from 0 to 4096 [ 112.285842][ T5926] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 112.289181][ T5928] loop3: detected capacity change from 0 to 4096 [pid 5927] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5929] <... mkdir resumed>) = 0 [pid 5929] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5928] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5926] <... mount resumed>) = 0 [pid 5928] <... openat resumed>) = 4 [pid 5926] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5926] chdir("./file1" [pid 5928] ioctl(4, LOOP_SET_FD, 3 [pid 5926] <... chdir resumed>) = 0 [pid 5928] <... ioctl resumed>) = 0 [pid 5926] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5928] close(3 [pid 5926] unlink("./file0/file0" [pid 5928] <... close resumed>) = 0 [pid 5928] close(4) = 0 [pid 5928] mkdir("./file1", 0777) = 0 [pid 5926] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5928] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5926] memfd_create("syzkaller", 0 [pid 5929] <... mount resumed>) = 0 [pid 5929] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5926] <... memfd_create resumed>) = 4 [pid 5929] <... openat resumed>) = 3 [pid 5926] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5929] chdir("./file1" [pid 5926] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5929] <... chdir resumed>) = 0 [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5929] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5929] memfd_create("syzkaller", 0) = 4 [pid 5929] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5928] <... mount resumed>) = 0 [ 112.290825][ T5929] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 112.291079][ T5926] ntfs3(loop4): ino=1b, mi_enum_attr [ 112.291098][ T5926] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 112.305625][ T5929] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 112.306370][ T5928] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 112.320731][ T5929] ntfs3(loop0): ino=1b, mi_enum_attr [ 112.320759][ T5929] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5928] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5928] chdir("./file1") = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5928] unlink("./file0/file0" [pid 5927] <... mount resumed>) = 0 [pid 5928] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5927] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5928] memfd_create("syzkaller", 0 [pid 5927] <... openat resumed>) = 3 [pid 5927] chdir("./file1") = 0 [pid 5927] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5928] <... memfd_create resumed>) = 4 [pid 5927] unlink("./file0/file0" [pid 5928] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5927] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5928] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5927] memfd_create("syzkaller", 0) = 4 [pid 5927] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5926] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5929] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5930] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5926] <... write resumed>) = 2097152 [ 112.323269][ T5927] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 112.345386][ T5928] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 112.361822][ T5927] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 112.368695][ T5928] ntfs3(loop3): ino=1b, mi_enum_attr [ 112.368721][ T5928] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 112.373689][ T5927] ntfs3(loop2): ino=1b, mi_enum_attr [ 112.373714][ T5927] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5927] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5926] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5928] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5926] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5926] close(4 [pid 5930] <... write resumed>) = 2097152 [pid 5930] munmap(0x7fde7cbdc000, 138412032 [pid 5929] <... write resumed>) = 2097152 [pid 5927] <... write resumed>) = 2097152 [pid 5926] <... close resumed>) = 0 [pid 5930] <... munmap resumed>) = 0 [pid 5929] munmap(0x7fde7cbdc000, 138412032 [pid 5928] <... write resumed>) = 2097152 [pid 5927] munmap(0x7fde7cbdc000, 138412032 [pid 5926] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5930] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5929] <... munmap resumed>) = 0 [pid 5928] munmap(0x7fde7cbdc000, 138412032 [pid 5927] <... munmap resumed>) = 0 [pid 5930] <... openat resumed>) = 4 [pid 5927] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5929] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5930] ioctl(4, LOOP_SET_FD, 3 [pid 5929] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5928] <... munmap resumed>) = 0 [pid 5927] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5929] close(4 [pid 5926] <... open resumed>) = 4 [pid 5930] <... ioctl resumed>) = 0 [pid 5928] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5927] close(4 [pid 5926] exit_group(0 [pid 5930] close(3 [pid 5926] <... exit_group resumed>) = ? [pid 5930] <... close resumed>) = 0 [pid 5930] close(4) = 0 [pid 5930] mkdir("./file1", 0777) = 0 [pid 5930] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5928] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5926] +++ exited with 0 +++ [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5926, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5928] close(4 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5927] <... close resumed>) = 0 [pid 5828] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5929] <... close resumed>) = 0 [pid 5927] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5928] <... close resumed>) = 0 [pid 5927] <... open resumed>) = 4 [pid 5928] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5927] exit_group(0) = ? [pid 5929] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000) = 4 [pid 5928] <... open resumed>) = 4 [pid 5928] exit_group(0 [pid 5929] exit_group(0 [pid 5928] <... exit_group resumed>) = ? [pid 5929] <... exit_group resumed>) = ? [pid 5929] +++ exited with 0 +++ [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5929, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5824] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5928] +++ exited with 0 +++ [pid 5824] <... openat resumed>) = 3 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5928, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [ 112.518689][ T5930] loop1: detected capacity change from 0 to 4096 [ 112.539501][ T5930] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5824] newfstatat(3, "", [pid 5927] +++ exited with 0 +++ [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5927, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... umount2 resumed>) = 0 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5828] newfstatat(AT_FDCWD, "./18/file1", [pid 5827] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", [pid 5930] <... mount resumed>) = 0 [pid 5828] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(3, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5930] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, [pid 5930] <... openat resumed>) = 3 [pid 5828] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] getdents64(3, [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] <... openat resumed>) = 4 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] newfstatat(4, "", [pid 5827] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5930] chdir("./file1" [pid 5828] getdents64(4, [pid 5930] <... chdir resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5930] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5828] getdents64(4, [pid 5930] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5930] unlink("./file0/file0" [pid 5828] close(4 [pid 5930] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5930] memfd_create("syzkaller", 0 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./18/file1") = 0 [pid 5930] <... memfd_create resumed>) = 4 [pid 5828] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5930] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5930] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] newfstatat(AT_FDCWD, "./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./18/binderfs") = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./18") = 0 [pid 5828] mkdir("./19", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5931 attached , child_tidptr=0x55558eab2650) = 5931 [pid 5931] set_robust_list(0x55558eab2660, 24) = 0 [pid 5931] chdir("./19" [pid 5824] <... umount2 resumed>) = 0 [pid 5824] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./19/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5824] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [ 112.618870][ T5930] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 112.649554][ T5930] ntfs3(loop1): ino=1b, mi_enum_attr [ 112.649581][ T5930] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5824] close(4 [pid 5931] <... chdir resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5931] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5824] rmdir("./19/file1" [pid 5931] setpgid(0, 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5931] <... setpgid resumed>) = 0 [pid 5826] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5931] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5931] <... openat resumed>) = 3 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5931] write(3, "1000", 4) = 4 [pid 5827] <... umount2 resumed>) = 0 [pid 5824] unlink("./19/binderfs" [pid 5931] close(3) = 0 [pid 5827] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... unlink resumed>) = 0 [pid 5931] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] getdents64(3, [pid 5931] <... symlink resumed>) = 0 [pid 5827] newfstatat(AT_FDCWD, "./19/file1", [pid 5826] newfstatat(AT_FDCWD, "./18/file1", [pid 5931] write(1, "executing program\n", 18executing program [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5931] <... write resumed>) = 18 [pid 5827] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] close(3 [pid 5827] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... close resumed>) = 0 [pid 5931] memfd_create("syzkaller", 0 [pid 5930] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] rmdir("./19" [pid 5826] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... rmdir resumed>) = 0 [pid 5827] <... openat resumed>) = 4 [pid 5826] <... openat resumed>) = 4 [pid 5824] mkdir("./20", 0777 [pid 5931] <... memfd_create resumed>) = 3 [pid 5827] newfstatat(4, "", [pid 5826] newfstatat(4, "", [pid 5824] <... mkdir resumed>) = 0 [pid 5931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] getdents64(4, [pid 5824] <... openat resumed>) = 3 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5827] getdents64(4, [pid 5826] getdents64(4, [pid 5824] <... ioctl resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(3 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] close(4 [pid 5827] getdents64(4, [pid 5826] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] rmdir("./18/file1") = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./19/file1") = 0 [pid 5931] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5826] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./18/binderfs") = 0 [pid 5827] unlink("./19/binderfs" [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5826] rmdir("./18" [pid 5827] getdents64(3, [pid 5826] <... rmdir resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] mkdir("./19", 0777 [pid 5827] close(3 [pid 5826] <... mkdir resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] rmdir("./19" [pid 5826] <... openat resumed>) = 3 [pid 5827] <... rmdir resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5827] mkdir("./20", 0777 [pid 5826] <... ioctl resumed>) = 0 [pid 5827] <... mkdir resumed>) = 0 [pid 5826] close(3 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558eab2650) = 5932 ./strace-static-x86_64: Process 5932 attached [pid 5931] <... write resumed>) = 2097152 [pid 5930] <... write resumed>) = 2097152 [pid 5826] <... close resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5932] set_robust_list(0x55558eab2660, 24 [pid 5931] munmap(0x7fde7cbdc000, 138412032 [pid 5930] munmap(0x7fde7cbdc000, 138412032 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5932] <... set_robust_list resumed>) = 0 [pid 5931] <... munmap resumed>) = 0 [pid 5930] <... munmap resumed>) = 0 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5932] chdir("./20" [pid 5931] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5933 ./strace-static-x86_64: Process 5934 attached [pid 5932] <... chdir resumed>) = 0 [pid 5932] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5933 attached ) = 0 [pid 5930] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5934 [pid 5934] set_robust_list(0x55558eab2660, 24 [pid 5933] set_robust_list(0x55558eab2660, 24 [pid 5932] setpgid(0, 0 [pid 5930] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5933] <... set_robust_list resumed>) = 0 [pid 5932] <... setpgid resumed>) = 0 [pid 5930] close(4 [pid 5933] chdir("./19" [pid 5932] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5933] <... chdir resumed>) = 0 [pid 5932] write(3, "1000", 4 [pid 5933] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5932] <... write resumed>) = 4 [pid 5931] <... openat resumed>) = 4 [pid 5934] <... set_robust_list resumed>) = 0 [pid 5932] close(3 [pid 5931] ioctl(4, LOOP_SET_FD, 3 [pid 5932] <... close resumed>) = 0 [pid 5931] <... ioctl resumed>) = 0 [pid 5934] chdir("./20" [pid 5932] symlink("/dev/binderfs", "./binderfs" [pid 5931] close(3 [pid 5933] <... prctl resumed>) = 0 [pid 5934] <... chdir resumed>) = 0 [pid 5933] setpgid(0, 0 [pid 5932] <... symlink resumed>) = 0 [pid 5931] <... close resumed>) = 0 [pid 5933] <... setpgid resumed>) = 0 [pid 5934] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5932] write(1, "executing program\n", 18 [pid 5931] close(4 [pid 5933] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5934] <... prctl resumed>) = 0 [pid 5931] <... close resumed>) = 0 [pid 5933] <... openat resumed>) = 3 [pid 5933] write(3, "1000", 4) = 4 [pid 5933] close(3executing program [pid 5934] setpgid(0, 0 [pid 5933] <... close resumed>) = 0 [pid 5932] <... write resumed>) = 18 [pid 5931] mkdir("./file1", 0777 [pid 5934] <... setpgid resumed>) = 0 [pid 5934] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5933] symlink("/dev/binderfs", "./binderfs" [pid 5932] memfd_create("syzkaller", 0 [pid 5931] <... mkdir resumed>) = 0 [pid 5930] <... close resumed>) = 0 [pid 5934] <... openat resumed>) = 3 [pid 5933] <... symlink resumed>) = 0 [pid 5931] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, ""executing program [pid 5933] write(1, "executing program\n", 18) = 18 [pid 5934] write(3, "1000", 4) = 4 [pid 5933] memfd_create("syzkaller", 0 [pid 5934] close(3) = 0 [pid 5934] symlink("/dev/binderfs", "./binderfs" [pid 5933] <... memfd_create resumed>) = 3 [pid 5934] <... symlink resumed>) = 0 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5934] write(1, "executing program\n", 18executing program [pid 5933] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5934] <... write resumed>) = 18 [pid 5932] <... memfd_create resumed>) = 3 [pid 5930] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5934] memfd_create("syzkaller", 0 [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5930] <... open resumed>) = 4 [pid 5934] <... memfd_create resumed>) = 3 [pid 5932] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5930] exit_group(0) = ? [pid 5930] +++ exited with 0 +++ [pid 5934] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5930, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5825] umount2("./18", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 112.877946][ T5931] loop4: detected capacity change from 0 to 4096 [ 112.897722][ T5931] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 112.910235][ T37] kauditd_printk_skb: 24 callbacks suppressed [pid 5825] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5933] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5931] <... mount resumed>) = 0 [pid 5931] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5931] chdir("./file1") = 0 [pid 5931] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5931] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5931] memfd_create("syzkaller", 0) = 4 [pid 5931] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5934] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... umount2 resumed>) = 0 [pid 5933] <... write resumed>) = 2097152 [pid 5932] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5933] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 112.910249][ T37] audit: type=1800 audit(1753942243.850:97): pid=5930 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [ 112.962563][ T5931] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 112.969901][ T5931] ntfs3(loop4): ino=1b, mi_enum_attr [ 112.969928][ T5931] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5933] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5932] <... write resumed>) = 2097152 [pid 5825] newfstatat(AT_FDCWD, "./18/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5933] <... openat resumed>) = 4 [pid 5825] umount2("./18/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5933] ioctl(4, LOOP_SET_FD, 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5933] <... ioctl resumed>) = 0 [pid 5933] close(3) = 0 [pid 5933] close(4) = 0 [pid 5933] mkdir("./file1", 0777 [pid 5934] <... write resumed>) = 2097152 [pid 5933] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./18/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5933] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5934] munmap(0x7fde7cbdc000, 138412032 [pid 5932] munmap(0x7fde7cbdc000, 138412032 [pid 5825] getdents64(4, [pid 5931] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, [pid 5934] <... munmap resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] close(4 [pid 5934] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5932] <... munmap resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5934] <... openat resumed>) = 4 [pid 5825] rmdir("./18/file1" [pid 5934] ioctl(4, LOOP_SET_FD, 3 [pid 5825] <... rmdir resumed>) = 0 [pid 5934] <... ioctl resumed>) = 0 [pid 5825] umount2("./18/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5934] close(3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5934] <... close resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./18/binderfs", [ 113.030355][ T5933] loop2: detected capacity change from 0 to 4096 [ 113.038404][ T5933] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [pid 5934] close(4) = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5934] mkdir("./file1", 0777 [pid 5825] unlink("./18/binderfs") = 0 [pid 5932] <... openat resumed>) = 4 [pid 5932] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5932] close(3) = 0 [pid 5932] close(4) = 0 [pid 5932] mkdir("./file1", 0777) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5932] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5825] close(3) = 0 [pid 5825] rmdir("./18" [pid 5934] <... mkdir resumed>) = 0 [pid 5933] <... mount resumed>) = 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5934] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5933] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] mkdir("./19", 0777 [pid 5933] <... openat resumed>) = 3 [pid 5825] <... mkdir resumed>) = 0 [pid 5933] chdir("./file1" [pid 5931] <... write resumed>) = 2097152 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5933] <... chdir resumed>) = 0 [pid 5933] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5933] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5825] <... ioctl resumed>) = 0 [pid 5933] unlink("./file0/file0" [pid 5825] close(3 [pid 5932] <... mount resumed>) = 0 [pid 5931] munmap(0x7fde7cbdc000, 138412032 [pid 5932] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5931] <... munmap resumed>) = 0 [pid 5932] <... openat resumed>) = 3 [pid 5932] chdir("./file1") = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5933] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5932] <... openat resumed>) = -1 EBUSY (Device or resource busy) [ 113.081239][ T5934] loop0: detected capacity change from 0 to 4096 [ 113.087264][ T5933] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 113.094850][ T5932] loop3: detected capacity change from 0 to 4096 [ 113.104574][ T5932] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 113.120199][ T5934] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5932] unlink("./file0/file0" [pid 5933] memfd_create("syzkaller", 0 [pid 5932] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5932] memfd_create("syzkaller", 0 [pid 5931] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5932] <... memfd_create resumed>) = 4 [pid 5931] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5932] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5931] close(4 [pid 5932] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5931] <... close resumed>) = 0 [pid 5933] <... memfd_create resumed>) = 4 [pid 5825] <... close resumed>) = 0 [pid 5933] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5933] <... mmap resumed>) = 0x7fde7cbdc000 ./strace-static-x86_64: Process 5935 attached [pid 5931] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5935 [pid 5931] <... open resumed>) = 4 [pid 5934] <... mount resumed>) = 0 [pid 5934] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5935] set_robust_list(0x55558eab2660, 24) = 0 [pid 5935] chdir("./19" [pid 5934] chdir("./file1" [pid 5935] <... chdir resumed>) = 0 [pid 5934] <... chdir resumed>) = 0 [ 113.139416][ T5932] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 113.143837][ T5933] ntfs3(loop2): ino=1b, mi_enum_attr [ 113.143864][ T5933] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 113.145792][ T5932] ntfs3(loop3): ino=1b, mi_enum_attr [ 113.145816][ T5932] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5931] exit_group(0 [pid 5934] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5931] <... exit_group resumed>) = ? [pid 5934] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5931] +++ exited with 0 +++ [pid 5935] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5934] unlink("./file0/file0" [pid 5935] <... prctl resumed>) = 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5931, si_uid=0, si_status=0, si_utime=5 /* 0.05 s */, si_stime=6 /* 0.06 s */} --- [pid 5935] setpgid(0, 0 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5935] <... setpgid resumed>) = 0 [pid 5934] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... restart_syscall resumed>) = 0 [pid 5935] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5934] memfd_create("syzkaller", 0 [pid 5828] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5935] write(3, "1000", 4 [pid 5828] <... openat resumed>) = 3 [pid 5934] <... memfd_create resumed>) = 4 [pid 5934] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5935] <... write resumed>) = 4 [pid 5934] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5935] close(3 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5935] <... close resumed>) = 0 [pid 5828] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5935] symlink("/dev/binderfs", "./binderfs" [pid 5932] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5935] <... symlink resumed>) = 0 executing program [pid 5935] write(1, "executing program\n", 18) = 18 [ 113.220812][ T5934] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 113.221644][ T37] audit: type=1800 audit(1753942244.160:98): pid=5931 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 113.232775][ T5934] ntfs3(loop0): ino=1b, mi_enum_attr [ 113.232801][ T5934] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5935] memfd_create("syzkaller", 0) = 3 [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5933] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5935] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5932] <... write resumed>) = 2097152 [pid 5932] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5828] <... umount2 resumed>) = 0 [pid 5932] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5828] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5932] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5932] close(4 [pid 5828] newfstatat(AT_FDCWD, "./19/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5935] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5932] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5934] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./19/file1" [pid 5933] <... write resumed>) = 2097152 [pid 5828] <... rmdir resumed>) = 0 [pid 5828] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./19/binderfs") = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./19" [pid 5932] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... rmdir resumed>) = 0 [pid 5933] munmap(0x7fde7cbdc000, 138412032 [pid 5932] <... open resumed>) = 4 [pid 5828] mkdir("./20", 0777 [pid 5933] <... munmap resumed>) = 0 [pid 5932] exit_group(0 [pid 5828] <... mkdir resumed>) = 0 [pid 5932] <... exit_group resumed>) = ? [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5933] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5933] close(4 [pid 5932] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5932, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5936 ./strace-static-x86_64: Process 5936 attached [pid 5827] <... restart_syscall resumed>) = 0 [pid 5936] set_robust_list(0x55558eab2660, 24) = 0 [pid 5936] chdir("./20" [pid 5827] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5936] <... chdir resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5936] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5936] <... prctl resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5936] setpgid(0, 0 [pid 5827] newfstatat(3, "", [pid 5936] <... setpgid resumed>) = 0 [pid 5934] <... write resumed>) = 2097152 [pid 5936] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5936] <... openat resumed>) = 3 [pid 5936] write(3, "1000", 4 [pid 5827] getdents64(3, [pid 5936] <... write resumed>) = 4 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5936] close(3 [pid 5827] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5936] <... close resumed>) = 0 [pid 5936] symlink("/dev/binderfs", "./binderfs" [pid 5934] munmap(0x7fde7cbdc000, 138412032 [pid 5936] <... symlink resumed>) = 0 [pid 5936] write(1, "executing program\n", 18executing program ) = 18 [pid 5934] <... munmap resumed>) = 0 [pid 5933] <... close resumed>) = 0 [pid 5934] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5936] memfd_create("syzkaller", 0 [pid 5935] <... write resumed>) = 2097152 [pid 5933] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5936] <... memfd_create resumed>) = 3 [pid 5935] munmap(0x7fde7cbdc000, 138412032 [pid 5934] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 113.409135][ T37] audit: type=1800 audit(1753942244.350:99): pid=5932 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [pid 5934] close(4 [pid 5936] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5935] <... munmap resumed>) = 0 [pid 5934] <... close resumed>) = 0 [pid 5935] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5933] <... open resumed>) = 4 [pid 5935] ioctl(4, LOOP_SET_FD, 3 [pid 5933] exit_group(0) = ? [pid 5933] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5933, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... umount2 resumed>) = 0 [pid 5827] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... restart_syscall resumed>) = 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./20/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5826] <... openat resumed>) = 3 [pid 5827] newfstatat(4, "", [pid 5826] newfstatat(3, "", [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5826] getdents64(3, [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] getdents64(4, [pid 5826] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./20/file1" [pid 5935] <... ioctl resumed>) = 0 [pid 5827] <... rmdir resumed>) = 0 [pid 5935] close(3 [pid 5827] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./20/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./20/binderfs" [pid 5935] <... close resumed>) = 0 [pid 5827] <... unlink resumed>) = 0 [pid 5935] close(4 [pid 5827] getdents64(3, [pid 5935] <... close resumed>) = 0 [pid 5934] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5934] <... open resumed>) = 4 [pid 5827] close(3) = 0 [pid 5827] rmdir("./20") = 0 [pid 5827] mkdir("./21", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3) = 0 [ 113.494473][ T37] audit: type=1800 audit(1753942244.430:100): pid=5933 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [ 113.521194][ T5935] loop1: detected capacity change from 0 to 4096 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5935] mkdir("./file1", 0777) = 0 [pid 5934] exit_group(0./strace-static-x86_64: Process 5937 attached [pid 5936] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5935] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5934] <... exit_group resumed>) = ? [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5937 [pid 5826] <... umount2 resumed>) = 0 [pid 5937] set_robust_list(0x55558eab2660, 24 [pid 5934] +++ exited with 0 +++ [pid 5826] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5937] <... set_robust_list resumed>) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5934, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5937] chdir("./21" [pid 5826] newfstatat(AT_FDCWD, "./19/file1", [pid 5937] <... chdir resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5937] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5826] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5937] <... prctl resumed>) = 0 [pid 5937] setpgid(0, 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5937] <... setpgid resumed>) = 0 [ 113.533648][ T37] audit: type=1800 audit(1753942244.470:101): pid=5934 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [pid 5826] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5937] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5937] <... openat resumed>) = 3 [pid 5826] <... openat resumed>) = 4 [pid 5824] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5937] write(3, "1000", 4 [pid 5826] newfstatat(4, "", [pid 5937] <... write resumed>) = 4 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5937] close(3) = 0 [pid 5826] getdents64(4, [pid 5824] newfstatat(3, "", [pid 5937] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 executing program [pid 5937] write(1, "executing program\n", 18 [pid 5826] getdents64(4, [pid 5824] getdents64(3, [pid 5937] <... write resumed>) = 18 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5937] memfd_create("syzkaller", 0 [pid 5826] close(4 [pid 5824] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./19/file1") = 0 [pid 5826] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5937] <... memfd_create resumed>) = 3 [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] newfstatat(AT_FDCWD, "./19/binderfs", [pid 5937] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./19/binderfs") = 0 [pid 5826] getdents64(3, [pid 5936] <... write resumed>) = 2097152 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5936] munmap(0x7fde7cbdc000, 138412032 [pid 5824] <... umount2 resumed>) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./19") = 0 [pid 5826] mkdir("./20", 0777) = 0 [pid 5936] <... munmap resumed>) = 0 [pid 5824] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5936] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... openat resumed>) = 3 [pid 5824] newfstatat(AT_FDCWD, "./20/file1", [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 113.571949][ T5935] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5826] <... ioctl resumed>) = 0 [pid 5824] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] close(3 [pid 5824] <... openat resumed>) = 4 [pid 5824] newfstatat(4, "", [pid 5937] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, [pid 5936] <... openat resumed>) = 4 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5936] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5824] close(4) = 0 [pid 5824] rmdir("./20/file1" [pid 5936] close(3 [pid 5935] <... mount resumed>) = 0 [pid 5824] <... rmdir resumed>) = 0 [pid 5936] <... close resumed>) = 0 [pid 5936] close(4) = 0 [pid 5936] mkdir("./file1", 0777 [pid 5824] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5936] <... mkdir resumed>) = 0 [pid 5936] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5935] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5824] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5935] <... openat resumed>) = 3 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... close resumed>) = 0 [pid 5824] unlink("./20/binderfs" [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5935] chdir("./file1" [pid 5824] <... unlink resumed>) = 0 [pid 5935] <... chdir resumed>) = 0 [pid 5824] getdents64(3, [pid 5935] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5935] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] close(3 [pid 5935] unlink("./file0/file0" [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5938 [pid 5824] <... close resumed>) = 0 [pid 5824] rmdir("./20"./strace-static-x86_64: Process 5938 attached ) = 0 [pid 5935] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5824] mkdir("./21", 0777 [pid 5935] memfd_create("syzkaller", 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5938] set_robust_list(0x55558eab2660, 24) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5938] chdir("./20" [pid 5937] <... write resumed>) = 2097152 [pid 5935] <... memfd_create resumed>) = 4 [pid 5938] <... chdir resumed>) = 0 [pid 5935] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5938] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5935] <... mmap resumed>) = 0x7fde7cbdc000 [ 113.648184][ T5936] loop4: detected capacity change from 0 to 4096 [ 113.650329][ T5935] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 113.678102][ T5936] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 113.687847][ T5935] ntfs3(loop1): ino=1b, mi_enum_attr [pid 5938] <... prctl resumed>) = 0 [pid 5938] setpgid(0, 0) = 0 [pid 5938] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5824] <... openat resumed>) = 3 [pid 5938] <... openat resumed>) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5938] write(3, "1000", 4 [pid 5824] <... ioctl resumed>) = 0 [pid 5938] <... write resumed>) = 4 [pid 5824] close(3 [pid 5938] close(3) = 0 [pid 5938] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5938] write(1, "executing program\n", 18) = 18 [pid 5938] memfd_create("syzkaller", 0 [pid 5937] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5938] <... memfd_create resumed>) = 3 [pid 5938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [ 113.687874][ T5935] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5937] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5824] <... close resumed>) = 0 [pid 5938] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5937] <... openat resumed>) = 4 [pid 5937] ioctl(4, LOOP_SET_FD, 3 [pid 5935] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5939 attached [pid 5937] <... ioctl resumed>) = 0 [pid 5937] close(3) = 0 [pid 5937] close(4 [pid 5939] set_robust_list(0x55558eab2660, 24 [pid 5937] <... close resumed>) = 0 [pid 5939] <... set_robust_list resumed>) = 0 [pid 5937] mkdir("./file1", 0777 [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5939 [pid 5939] chdir("./21" [pid 5937] <... mkdir resumed>) = 0 [pid 5939] <... chdir resumed>) = 0 [pid 5937] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5939] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5939] setpgid(0, 0) = 0 [pid 5939] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5936] <... mount resumed>) = 0 [pid 5936] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5939] write(3, "1000", 4 [pid 5936] <... openat resumed>) = 3 [pid 5939] <... write resumed>) = 4 [pid 5936] chdir("./file1" [pid 5939] close(3 [pid 5936] <... chdir resumed>) = 0 [pid 5939] <... close resumed>) = 0 [pid 5936] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5939] symlink("/dev/binderfs", "./binderfs" [pid 5936] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5939] <... symlink resumed>) = 0 [pid 5936] unlink("./file0/file0"executing program [pid 5939] write(1, "executing program\n", 18) = 18 [pid 5939] memfd_create("syzkaller", 0 [pid 5936] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5939] <... memfd_create resumed>) = 3 [pid 5939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5936] memfd_create("syzkaller", 0 [pid 5939] <... mmap resumed>) = 0x7fde7cbdc000 [ 113.757267][ T5937] loop3: detected capacity change from 0 to 4096 [ 113.771680][ T5937] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 113.777639][ T5936] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5936] <... memfd_create resumed>) = 4 [pid 5936] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5935] <... write resumed>) = 2097152 [pid 5935] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5935] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5935] close(4 [pid 5937] <... mount resumed>) = 0 [pid 5937] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5937] chdir("./file1") = 0 [pid 5937] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5938] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5937] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5937] memfd_create("syzkaller", 0) = 4 [pid 5935] <... close resumed>) = 0 [pid 5937] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5939] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5936] <... mmap resumed>) = 0x7fde7cbdc000 [ 113.808796][ T5936] ntfs3(loop4): ino=1b, mi_enum_attr [ 113.808822][ T5936] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 113.843488][ T5937] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 113.854490][ T5937] ntfs3(loop3): ino=1b, mi_enum_attr [ 113.854515][ T5937] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5939] <... write resumed>) = 2097152 [pid 5939] munmap(0x7fde7cbdc000, 138412032 [pid 5938] <... write resumed>) = 2097152 [pid 5935] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5939] <... munmap resumed>) = 0 [pid 5938] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5938] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5935] <... open resumed>) = 4 [pid 5935] exit_group(0 [pid 5939] <... openat resumed>) = 4 [pid 5938] <... openat resumed>) = 4 [pid 5939] ioctl(4, LOOP_SET_FD, 3 [pid 5935] <... exit_group resumed>) = ? [pid 5935] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5935, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=5 /* 0.05 s */} --- [pid 5939] <... ioctl resumed>) = 0 [pid 5938] ioctl(4, LOOP_SET_FD, 3 [pid 5825] umount2("./19", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5939] close(3 [pid 5938] <... ioctl resumed>) = 0 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5939] <... close resumed>) = 0 [pid 5938] close(3 [pid 5825] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5939] close(4 [pid 5938] <... close resumed>) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5938] close(4 [pid 5825] newfstatat(3, "", [pid 5939] <... close resumed>) = 0 [pid 5938] <... close resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5939] mkdir("./file1", 0777 [pid 5938] mkdir("./file1", 0777 [pid 5825] getdents64(3, [pid 5937] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5939] <... mkdir resumed>) = 0 [pid 5938] <... mkdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5938] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [ 113.916431][ T37] audit: type=1800 audit(1753942244.850:102): pid=5935 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop1" ino=33 res=0 errno=0 [ 113.940168][ T5939] loop0: detected capacity change from 0 to 4096 [ 113.942144][ T5938] loop2: detected capacity change from 0 to 4096 [pid 5939] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5936] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [pid 5936] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5936] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] <... umount2 resumed>) = 0 [ 113.973388][ T5939] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 113.977239][ T5938] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [pid 5936] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5936] close(4 [pid 5825] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5936] <... close resumed>) = 0 [pid 5825] newfstatat(AT_FDCWD, "./19/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./19/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./19/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5939] <... mount resumed>) = 0 [pid 5825] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./19/file1" [pid 5939] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] <... rmdir resumed>) = 0 [pid 5825] umount2("./19/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5939] <... openat resumed>) = 3 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./19/binderfs") = 0 [pid 5939] chdir("./file1" [pid 5825] getdents64(3, [pid 5939] <... chdir resumed>) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5825] close(3 [pid 5939] unlink("./file0/file0" [pid 5825] <... close resumed>) = 0 [pid 5939] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5825] rmdir("./19") = 0 [pid 5825] mkdir("./20", 0777) = 0 [pid 5939] memfd_create("syzkaller", 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5936] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5938] <... mount resumed>) = 0 [pid 5937] <... write resumed>) = 2097152 [pid 5825] <... openat resumed>) = 3 [pid 5939] <... memfd_create resumed>) = 4 [pid 5938] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5937] munmap(0x7fde7cbdc000, 138412032 [pid 5939] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5938] <... openat resumed>) = 3 [pid 5825] <... ioctl resumed>) = 0 [pid 5939] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5938] chdir("./file1" [pid 5825] close(3 [pid 5938] <... chdir resumed>) = 0 [pid 5937] <... munmap resumed>) = 0 [pid 5938] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5938] unlink("./file0/file0" [pid 5937] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5936] <... open resumed>) = 4 [pid 5938] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5937] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5936] exit_group(0 [pid 5937] close(4 [pid 5936] <... exit_group resumed>) = ? [pid 5936] +++ exited with 0 +++ [ 114.053642][ T5939] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 114.064768][ T5939] ntfs3(loop0): ino=1b, mi_enum_attr [ 114.064794][ T5939] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 114.066452][ T5938] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5938] memfd_create("syzkaller", 0 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5936, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=5 /* 0.05 s */} --- [pid 5828] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5938] <... memfd_create resumed>) = 4 [pid 5938] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5938] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", [pid 5825] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5940 attached , child_tidptr=0x55558eab2650) = 5940 [pid 5940] set_robust_list(0x55558eab2660, 24) = 0 [pid 5937] <... close resumed>) = 0 [pid 5940] chdir("./20" [pid 5937] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5940] <... chdir resumed>) = 0 [pid 5937] <... open resumed>) = 4 [pid 5828] <... umount2 resumed>) = 0 [pid 5940] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5937] exit_group(0 [pid 5940] setpgid(0, 0 [pid 5937] <... exit_group resumed>) = ? [pid 5940] <... setpgid resumed>) = 0 [pid 5940] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [ 114.110457][ T5938] ntfs3(loop2): ino=1b, mi_enum_attr [ 114.110483][ T5938] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 114.112398][ T37] audit: type=1800 audit(1753942245.050:103): pid=5936 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop4" ino=33 res=0 errno=0 [pid 5828] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5940] write(3, "1000", 4 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5940] <... write resumed>) = 4 [pid 5828] newfstatat(AT_FDCWD, "./20/file1", [pid 5940] close(3 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5940] <... close resumed>) = 0 [pid 5940] symlink("/dev/binderfs", "./binderfs" [pid 5828] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5940] <... symlink resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) executing program [pid 5940] write(1, "executing program\n", 18 [pid 5828] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", [pid 5940] <... write resumed>) = 18 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5940] memfd_create("syzkaller", 0 [pid 5828] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5940] <... memfd_create resumed>) = 3 [pid 5937] +++ exited with 0 +++ [pid 5828] getdents64(4, [pid 5940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5939] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5940] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] close(4 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5937, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5828] <... close resumed>) = 0 [pid 5827] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] rmdir("./20/file1" [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... rmdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] newfstatat(3, "", [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5827] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./20/binderfs" [pid 5938] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... unlink resumed>) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [ 114.183978][ T37] audit: type=1800 audit(1753942245.120:104): pid=5937 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop3" ino=33 res=0 errno=0 [pid 5828] rmdir("./20") = 0 [pid 5828] mkdir("./21", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558eab2650) = 5941 [pid 5939] <... write resumed>) = 2097152 [pid 5939] munmap(0x7fde7cbdc000, 138412032 [pid 5938] <... write resumed>) = 2097152 [pid 5938] munmap(0x7fde7cbdc000, 138412032./strace-static-x86_64: Process 5941 attached [pid 5939] <... munmap resumed>) = 0 [pid 5827] <... umount2 resumed>) = 0 [pid 5941] set_robust_list(0x55558eab2660, 24 [pid 5940] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5939] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5938] <... munmap resumed>) = 0 [pid 5827] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5941] <... set_robust_list resumed>) = 0 [pid 5939] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5941] chdir("./21" [pid 5939] close(4 [pid 5827] newfstatat(AT_FDCWD, "./21/file1", [pid 5941] <... chdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5938] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", [pid 5941] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5938] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5941] <... prctl resumed>) = 0 [pid 5938] close(4 [pid 5827] getdents64(4, [pid 5941] setpgid(0, 0) = 0 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5941] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] getdents64(4, [pid 5941] <... openat resumed>) = 3 [pid 5941] write(3, "1000", 4 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5941] <... write resumed>) = 4 [pid 5939] <... close resumed>) = 0 [pid 5941] close(3 [pid 5939] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] close(4 [pid 5941] <... close resumed>) = 0 [pid 5941] symlink("/dev/binderfs", "./binderfs"executing program ) = 0 [pid 5940] <... write resumed>) = 2097152 [pid 5938] <... close resumed>) = 0 [pid 5941] write(1, "executing program\n", 18 [pid 5940] munmap(0x7fde7cbdc000, 138412032 [pid 5941] <... write resumed>) = 18 [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./21/file1" [pid 5939] <... open resumed>) = 4 [pid 5827] <... rmdir resumed>) = 0 [pid 5941] memfd_create("syzkaller", 0 [pid 5827] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5941] <... memfd_create resumed>) = 3 [pid 5939] exit_group(0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5939] <... exit_group resumed>) = ? [pid 5827] unlink("./21/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5941] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] close(3) = 0 [pid 5827] rmdir("./21") = 0 [pid 5827] mkdir("./22", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5940] <... munmap resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5940] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5939] +++ exited with 0 +++ [pid 5938] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5940] <... openat resumed>) = 4 [pid 5938] <... open resumed>) = 4 [pid 5940] ioctl(4, LOOP_SET_FD, 3 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5939, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5940] <... ioctl resumed>) = 0 [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5940] close(3 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5940] <... close resumed>) = 0 [pid 5938] exit_group(0) = ? [pid 5940] close(4 [pid 5938] +++ exited with 0 +++ [pid 5824] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5940] <... close resumed>) = 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5938, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=4 /* 0.04 s */} --- [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5940] mkdir("./file1", 0777 [pid 5824] <... openat resumed>) = 3 [pid 5940] <... mkdir resumed>) = 0 [pid 5826] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] newfstatat(3, "", [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5940] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] getdents64(3, [pid 5826] <... openat resumed>) = 3 [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] newfstatat(3, "", [pid 5824] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 114.348423][ T37] audit: type=1800 audit(1753942245.280:105): pid=5939 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop0" ino=33 res=0 errno=0 [ 114.371230][ T37] audit: type=1800 audit(1753942245.310:106): pid=5938 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor103" name="bus" dev="loop2" ino=33 res=0 errno=0 [ 114.372249][ T5940] loop1: detected capacity change from 0 to 4096 [pid 5826] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5942 attached [pid 5942] set_robust_list(0x55558eab2660, 24 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5942 [pid 5942] <... set_robust_list resumed>) = 0 [pid 5942] chdir("./22") = 0 [pid 5941] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5942] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5942] setpgid(0, 0) = 0 [pid 5942] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5942] write(3, "1000", 4) = 4 [pid 5942] close(3) = 0 [pid 5942] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5942] write(1, "executing program\n", 18executing program ) = 18 [pid 5940] <... mount resumed>) = 0 [pid 5942] memfd_create("syzkaller", 0 [pid 5940] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5942] <... memfd_create resumed>) = 3 [ 114.404840][ T5940] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5940] chdir("./file1" [pid 5942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5940] <... chdir resumed>) = 0 [pid 5940] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5942] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5940] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5940] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5940] memfd_create("syzkaller", 0) = 4 [ 114.455532][ T5940] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [pid 5940] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5941] <... write resumed>) = 2097152 [pid 5824] <... umount2 resumed>) = 0 [pid 5824] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./21/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5824] newfstatat(4, "", [pid 5826] <... umount2 resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] getdents64(4, [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] newfstatat(AT_FDCWD, "./20/file1", [pid 5940] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] getdents64(4, [pid 5826] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] close(4 [pid 5942] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5941] munmap(0x7fde7cbdc000, 138412032 [pid 5826] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... close resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5824] rmdir("./21/file1" [pid 5826] newfstatat(4, "", [pid 5824] <... rmdir resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(4, [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5826] getdents64(4, [pid 5824] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 114.498454][ T5940] ntfs3(loop1): ino=1b, mi_enum_attr [ 114.498481][ T5940] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5941] <... munmap resumed>) = 0 [pid 5826] close(4 [pid 5824] unlink("./21/binderfs" [pid 5826] <... close resumed>) = 0 [pid 5824] <... unlink resumed>) = 0 [pid 5826] rmdir("./20/file1") = 0 [pid 5824] getdents64(3, [pid 5826] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] close(3 [pid 5826] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5824] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] rmdir("./21" [pid 5941] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5942] <... write resumed>) = 2097152 [pid 5941] <... openat resumed>) = 4 [pid 5940] <... write resumed>) = 2097152 [pid 5826] unlink("./20/binderfs" [pid 5824] <... rmdir resumed>) = 0 [pid 5941] ioctl(4, LOOP_SET_FD, 3 [pid 5942] munmap(0x7fde7cbdc000, 138412032 [pid 5940] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... unlink resumed>) = 0 [pid 5941] <... ioctl resumed>) = 0 [pid 5824] mkdir("./22", 0777 [pid 5941] close(3 [pid 5826] getdents64(3, [pid 5942] <... munmap resumed>) = 0 [pid 5941] <... close resumed>) = 0 [pid 5940] <... munmap resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] <... mkdir resumed>) = 0 [pid 5941] close(4 [pid 5826] close(3 [pid 5940] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5942] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5941] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5941] mkdir("./file1", 0777 [pid 5826] rmdir("./20" [pid 5940] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] <... rmdir resumed>) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5941] <... mkdir resumed>) = 0 [pid 5826] mkdir("./21", 0777 [pid 5942] <... openat resumed>) = 4 [pid 5941] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5940] close(4 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5942] ioctl(4, LOOP_SET_FD, 3 [pid 5826] <... mkdir resumed>) = 0 [pid 5942] <... ioctl resumed>) = 0 [pid 5940] <... close resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] <... ioctl resumed>) = 0 [pid 5942] close(3) = 0 [pid 5826] <... openat resumed>) = 3 [pid 5824] close(3 [pid 5942] close(4 [ 114.577459][ T5941] loop4: detected capacity change from 0 to 4096 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5824] <... close resumed>) = 0 [pid 5940] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5942] <... close resumed>) = 0 [pid 5826] <... ioctl resumed>) = 0 [pid 5942] mkdir("./file1", 0777) = 0 [pid 5826] close(3 [pid 5940] <... open resumed>) = 4 [pid 5940] exit_group(0) = ? [pid 5940] +++ exited with 0 +++ [pid 5942] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5940, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=10 /* 0.10 s */} --- [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] umount2("./20", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5825] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5825] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5943 ./strace-static-x86_64: Process 5943 attached [pid 5826] <... close resumed>) = 0 [pid 5943] set_robust_list(0x55558eab2660, 24) = 0 [pid 5941] <... mount resumed>) = 0 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5941] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5944 [pid 5943] chdir("./22" [pid 5941] chdir("./file1"./strace-static-x86_64: Process 5944 attached [pid 5943] <... chdir resumed>) = 0 [pid 5941] <... chdir resumed>) = 0 [pid 5943] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5941] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5944] set_robust_list(0x55558eab2660, 24 [pid 5943] <... prctl resumed>) = 0 [ 114.608004][ T5941] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 114.608432][ T5942] loop3: detected capacity change from 0 to 4096 [ 114.654634][ T5942] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5941] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5944] <... set_robust_list resumed>) = 0 [pid 5943] setpgid(0, 0 [pid 5941] unlink("./file0/file0" [pid 5943] <... setpgid resumed>) = 0 [pid 5943] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5944] chdir("./21" [pid 5943] <... openat resumed>) = 3 [pid 5941] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5944] <... chdir resumed>) = 0 [pid 5943] write(3, "1000", 4 [pid 5944] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5943] <... write resumed>) = 4 [pid 5941] memfd_create("syzkaller", 0 [pid 5825] <... umount2 resumed>) = 0 [pid 5944] <... prctl resumed>) = 0 [pid 5943] close(3 [pid 5944] setpgid(0, 0 [pid 5943] <... close resumed>) = 0 [pid 5943] symlink("/dev/binderfs", "./binderfs" [pid 5944] <... setpgid resumed>) = 0 [pid 5825] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5943] <... symlink resumed>) = 0 [pid 5944] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5944] <... openat resumed>) = 3 [pid 5825] newfstatat(AT_FDCWD, "./20/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 executing program [pid 5825] umount2("./20/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./20/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5943] write(1, "executing program\n", 18 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5943] <... write resumed>) = 18 [pid 5825] getdents64(4, [pid 5943] memfd_create("syzkaller", 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5944] write(3, "1000", 4) = 4 [pid 5942] <... mount resumed>) = 0 [pid 5941] <... memfd_create resumed>) = 4 [pid 5825] getdents64(4, [ 114.687916][ T5941] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 114.708571][ T5941] ntfs3(loop4): ino=1b, mi_enum_attr [ 114.708598][ T5941] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5944] close(3executing program ) = 0 [pid 5943] <... memfd_create resumed>) = 3 [pid 5941] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5944] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5825] close(4 [pid 5944] write(1, "executing program\n", 18 [pid 5941] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5944] <... write resumed>) = 18 [pid 5825] <... close resumed>) = 0 [pid 5944] memfd_create("syzkaller", 0 [pid 5825] rmdir("./20/file1" [pid 5943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5942] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5942] chdir("./file1") = 0 [pid 5943] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5942] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] umount2("./20/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5942] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./20/binderfs", [pid 5942] unlink("./file0/file0" [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5944] <... memfd_create resumed>) = 3 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5825] unlink("./20/binderfs") = 0 [pid 5944] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5942] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./20" [pid 5942] memfd_create("syzkaller", 0 [pid 5825] <... rmdir resumed>) = 0 [pid 5942] <... memfd_create resumed>) = 4 [pid 5825] mkdir("./21", 0777) = 0 [pid 5942] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3 [pid 5944] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 114.738453][ T5942] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 114.761590][ T5942] ntfs3(loop3): ino=1b, mi_enum_attr [ 114.761617][ T5942] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5943] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5942] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5944] <... write resumed>) = 2097152 [pid 5943] <... write resumed>) = 2097152 [pid 5942] <... write resumed>) = 2097152 [pid 5941] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... close resumed>) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5942] munmap(0x7fde7cbdc000, 138412032./strace-static-x86_64: Process 5945 attached [pid 5944] munmap(0x7fde7cbdc000, 138412032 [pid 5943] munmap(0x7fde7cbdc000, 138412032 [pid 5942] <... munmap resumed>) = 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5945 [pid 5942] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5942] close(4 [pid 5943] <... munmap resumed>) = 0 [pid 5944] <... munmap resumed>) = 0 [pid 5945] set_robust_list(0x55558eab2660, 24 [pid 5944] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5943] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5945] <... set_robust_list resumed>) = 0 [pid 5945] chdir("./21") = 0 [pid 5944] <... openat resumed>) = 4 [pid 5943] ioctl(4, LOOP_SET_FD, 3 [pid 5945] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5944] ioctl(4, LOOP_SET_FD, 3 [pid 5943] <... ioctl resumed>) = 0 [pid 5944] <... ioctl resumed>) = 0 [pid 5945] <... prctl resumed>) = 0 [pid 5945] setpgid(0, 0 [pid 5944] close(3 [pid 5943] close(3 [pid 5945] <... setpgid resumed>) = 0 [pid 5944] <... close resumed>) = 0 [pid 5943] <... close resumed>) = 0 [pid 5945] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5944] close(4 [pid 5943] close(4) = 0 [pid 5944] <... close resumed>) = 0 [pid 5943] mkdir("./file1", 0777 [pid 5944] mkdir("./file1", 0777 [pid 5945] <... openat resumed>) = 3 [pid 5945] write(3, "1000", 4 [pid 5944] <... mkdir resumed>) = 0 [pid 5943] <... mkdir resumed>) = 0 [pid 5945] <... write resumed>) = 4 [pid 5944] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5943] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5941] <... write resumed>) = 2097152 [pid 5945] close(3 [pid 5942] <... close resumed>) = 0 [pid 5942] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5941] munmap(0x7fde7cbdc000, 138412032 [pid 5945] <... close resumed>) = 0 [pid 5942] <... open resumed>) = 4 [pid 5945] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5945] write(1, "executing program\n", 18 [pid 5942] exit_group(0executing program [pid 5945] <... write resumed>) = 18 [pid 5942] <... exit_group resumed>) = ? [ 114.889840][ T5943] loop0: detected capacity change from 0 to 4096 [ 114.892586][ T5944] loop2: detected capacity change from 0 to 4096 [ 114.919081][ T5943] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 114.919929][ T5944] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [pid 5945] memfd_create("syzkaller", 0) = 3 [pid 5943] <... mount resumed>) = 0 [pid 5942] +++ exited with 0 +++ [pid 5941] <... munmap resumed>) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5942, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5945] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5943] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5941] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5827] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5944] <... mount resumed>) = 0 [pid 5943] <... openat resumed>) = 3 [pid 5941] close(4 [pid 5827] <... openat resumed>) = 3 [pid 5943] chdir("./file1" [pid 5827] newfstatat(3, "", [pid 5943] <... chdir resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5944] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5943] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5944] <... openat resumed>) = 3 [pid 5943] unlink("./file0/file0" [pid 5944] chdir("./file1") = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5944] unlink("./file0/file0" [pid 5941] <... close resumed>) = 0 [pid 5943] <... unlink resumed>) = -1 EINVAL (Invalid argument) [ 114.950785][ T5943] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 114.965656][ T5944] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5941] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5944] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5943] memfd_create("syzkaller", 0 [pid 5944] memfd_create("syzkaller", 0 [pid 5941] <... open resumed>) = 4 [pid 5944] <... memfd_create resumed>) = 4 [pid 5941] exit_group(0 [pid 5944] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5943] <... memfd_create resumed>) = 4 [pid 5941] <... exit_group resumed>) = ? [ 114.993324][ T5943] ntfs3(loop0): ino=1b, mi_enum_attr [ 114.993352][ T5943] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 114.996901][ T5944] ntfs3(loop2): ino=1b, mi_enum_attr [ 114.996924][ T5944] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5945] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5944] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5943] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5941] +++ exited with 0 +++ [pid 5827] <... umount2 resumed>) = 0 [pid 5943] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5941, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5827] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./22/file1", [pid 5828] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 3 [pid 5827] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", [pid 5828] newfstatat(3, "", [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5827] getdents64(4, [pid 5828] getdents64(3, [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5827] getdents64(4, [pid 5828] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./22/file1") = 0 [pid 5827] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./22/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./22") = 0 [pid 5827] mkdir("./23", 0777) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5945] <... write resumed>) = 2097152 [pid 5945] munmap(0x7fde7cbdc000, 138412032) = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5944] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] <... close resumed>) = 0 [pid 5945] <... openat resumed>) = 4 [pid 5943] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] <... umount2 resumed>) = 0 [pid 5945] ioctl(4, LOOP_SET_FD, 3 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5945] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5946 attached [pid 5828] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5945] close(3) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5945] close(4 [pid 5828] newfstatat(AT_FDCWD, "./21/file1", [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5946 [pid 5946] set_robust_list(0x55558eab2660, 24 [pid 5945] <... close resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5946] <... set_robust_list resumed>) = 0 [pid 5946] chdir("./23" [pid 5828] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5946] <... chdir resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5946] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5945] mkdir("./file1", 0777 [pid 5946] <... prctl resumed>) = 0 [pid 5945] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5945] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5946] setpgid(0, 0 [pid 5828] <... openat resumed>) = 4 [pid 5946] <... setpgid resumed>) = 0 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5946] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] getdents64(4, [pid 5943] <... write resumed>) = 2097152 [pid 5946] <... openat resumed>) = 3 [pid 5944] <... write resumed>) = 2097152 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5946] write(3, "1000", 4 [pid 5944] munmap(0x7fde7cbdc000, 138412032 [pid 5943] munmap(0x7fde7cbdc000, 138412032 [pid 5828] getdents64(4, [pid 5946] <... write resumed>) = 4 [pid 5944] <... munmap resumed>) = 0 [pid 5943] <... munmap resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5946] close(3 [pid 5828] close(4 [pid 5946] <... close resumed>) = 0 [pid 5828] <... close resumed>) = 0 [pid 5828] rmdir("./21/file1" [pid 5946] symlink("/dev/binderfs", "./binderfs" [pid 5828] <... rmdir resumed>) = 0 [pid 5944] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5946] <... symlink resumed>) = 0 [ 115.170648][ T5945] loop1: detected capacity change from 0 to 4096 [ 115.187037][ T5945] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5828] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5944] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5946] write(1, "executing program\n", 18 [pid 5943] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5946] <... write resumed>) = 18 [pid 5943] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5943] close(4 [pid 5946] memfd_create("syzkaller", 0 [pid 5945] <... mount resumed>) = 0 [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5945] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5828] unlink("./21/binderfs") = 0 [pid 5946] <... memfd_create resumed>) = 3 [pid 5945] <... openat resumed>) = 3 [pid 5944] close(4 [pid 5828] getdents64(3, [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5945] chdir("./file1" [pid 5944] <... close resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5945] <... chdir resumed>) = 0 [pid 5828] close(3 [pid 5946] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] <... close resumed>) = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5828] rmdir("./21" [pid 5945] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5944] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5943] <... close resumed>) = 0 [pid 5828] <... rmdir resumed>) = 0 [pid 5828] mkdir("./22", 0777 [pid 5945] memfd_create("syzkaller", 0 [pid 5943] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... mkdir resumed>) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5945] <... memfd_create resumed>) = 4 [pid 5944] <... open resumed>) = 4 [pid 5943] <... open resumed>) = 4 [pid 5828] <... openat resumed>) = 3 [pid 5944] exit_group(0) = ? [pid 5943] exit_group(0 [pid 5944] +++ exited with 0 +++ [pid 5943] <... exit_group resumed>) = ? [pid 5945] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] ioctl(3, LOOP_CLR_FD [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5944, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5945] <... mmap resumed>) = 0x7fde7cbdc000 [ 115.243399][ T5945] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 115.278668][ T5945] ntfs3(loop1): ino=1b, mi_enum_attr [pid 5828] <... ioctl resumed>) = 0 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5943] +++ exited with 0 +++ [pid 5828] close(3 [pid 5826] <... restart_syscall resumed>) = 0 [pid 5946] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5943, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5826] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] <... openat resumed>) = 3 [pid 5826] newfstatat(3, "", [pid 5824] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] newfstatat(3, "", [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 115.278695][ T5945] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5826] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] <... close resumed>) = 0 [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5946] <... write resumed>) = 2097152 ./strace-static-x86_64: Process 5947 attached [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5947 [pid 5947] set_robust_list(0x55558eab2660, 24 [pid 5946] munmap(0x7fde7cbdc000, 138412032 [pid 5947] <... set_robust_list resumed>) = 0 [pid 5947] chdir("./22") = 0 [pid 5945] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5947] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5946] <... munmap resumed>) = 0 [pid 5947] <... prctl resumed>) = 0 [pid 5947] setpgid(0, 0 [pid 5946] openat(AT_FDCWD, "/dev/loop3", O_RDWRexecuting program [pid 5947] <... setpgid resumed>) = 0 [pid 5947] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5946] <... openat resumed>) = 4 [pid 5947] <... openat resumed>) = 3 [pid 5947] write(3, "1000", 4 [pid 5946] ioctl(4, LOOP_SET_FD, 3 [pid 5947] <... write resumed>) = 4 [pid 5946] <... ioctl resumed>) = 0 [pid 5947] close(3) = 0 [pid 5947] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5946] close(3) = 0 [pid 5946] close(4) = 0 [pid 5946] mkdir("./file1", 0777 [pid 5947] write(1, "executing program\n", 18 [pid 5946] <... mkdir resumed>) = 0 [pid 5947] <... write resumed>) = 18 [pid 5946] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5947] memfd_create("syzkaller", 0) = 3 [pid 5947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5945] <... write resumed>) = 2097152 [pid 5945] munmap(0x7fde7cbdc000, 138412032 [pid 5824] <... umount2 resumed>) = 0 [pid 5824] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./22/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] <... umount2 resumed>) = 0 [pid 5824] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5826] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... openat resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./21/file1", [pid 5824] newfstatat(4, "", [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(4) = 0 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] rmdir("./22/file1" [pid 5945] <... munmap resumed>) = 0 [pid 5945] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5826] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... rmdir resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5824] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] newfstatat(4, "", [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] newfstatat(AT_FDCWD, "./22/binderfs", [pid 5945] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5945] close(4 [ 115.360143][ T5946] loop3: detected capacity change from 0 to 4096 [ 115.364658][ T5946] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5824] unlink("./22/binderfs" [pid 5946] <... mount resumed>) = 0 [pid 5826] getdents64(4, [pid 5824] <... unlink resumed>) = 0 [pid 5946] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5946] chdir("./file1") = 0 [pid 5946] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(3, [pid 5946] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5826] getdents64(4, [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] <... close resumed>) = 0 [pid 5826] close(4 [pid 5946] unlink("./file0/file0" [pid 5826] <... close resumed>) = 0 [pid 5824] rmdir("./22" [pid 5946] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5947] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5945] <... close resumed>) = 0 [pid 5826] rmdir("./21/file1" [pid 5824] <... rmdir resumed>) = 0 [pid 5826] <... rmdir resumed>) = 0 [pid 5824] mkdir("./23", 0777 [pid 5945] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5946] memfd_create("syzkaller", 0 [pid 5945] <... open resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... mkdir resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5945] exit_group(0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5826] unlink("./21/binderfs" [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5946] <... memfd_create resumed>) = 4 [pid 5945] <... exit_group resumed>) = ? [pid 5824] <... ioctl resumed>) = 0 [pid 5946] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5824] close(3 [pid 5946] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5945] +++ exited with 0 +++ [pid 5826] <... unlink resumed>) = 0 [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5945, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5825] restart_syscall(<... resuming interrupted clone ...> [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] <... restart_syscall resumed>) = 0 [pid 5826] close(3 [pid 5947] <... write resumed>) = 2097152 [pid 5826] <... close resumed>) = 0 [pid 5826] rmdir("./21" [pid 5947] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... rmdir resumed>) = 0 [pid 5825] umount2("./21", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5946] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] mkdir("./22", 0777 [pid 5825] newfstatat(3, "", [pid 5947] <... munmap resumed>) = 0 [pid 5826] <... mkdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] <... close resumed>) = 0 [pid 5825] getdents64(3, [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [ 115.423181][ T5946] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 115.438370][ T5946] ntfs3(loop3): ino=1b, mi_enum_attr [ 115.438406][ T5946] ntfs3(loop3): Mark volume as dirty due to NTFS errors ./strace-static-x86_64: Process 5948 attached [pid 5825] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5947] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5948 [pid 5948] set_robust_list(0x55558eab2660, 24 [pid 5826] <... openat resumed>) = 3 [pid 5948] <... set_robust_list resumed>) = 0 [pid 5826] ioctl(3, LOOP_CLR_FD [pid 5948] chdir("./23" [pid 5826] <... ioctl resumed>) = 0 [pid 5947] <... openat resumed>) = 4 [pid 5947] ioctl(4, LOOP_SET_FD, 3 [pid 5826] close(3 [pid 5947] <... ioctl resumed>) = 0 [pid 5948] <... chdir resumed>) = 0 [pid 5947] close(3 [pid 5948] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5947] <... close resumed>) = 0 [pid 5948] <... prctl resumed>) = 0 [pid 5947] close(4 [pid 5946] <... write resumed>) = 2097152 [pid 5947] <... close resumed>) = 0 [pid 5946] munmap(0x7fde7cbdc000, 138412032 [pid 5948] setpgid(0, 0 [pid 5946] <... munmap resumed>) = 0 [pid 5948] <... setpgid resumed>) = 0 [pid 5947] mkdir("./file1", 0777) = 0 [pid 5947] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5948] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5948] write(3, "1000", 4executing program ) = 4 [pid 5948] close(3) = 0 [pid 5948] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5948] write(1, "executing program\n", 18) = 18 [pid 5948] memfd_create("syzkaller", 0 [pid 5946] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5946] close(4 [pid 5825] <... umount2 resumed>) = 0 [pid 5948] <... memfd_create resumed>) = 3 [pid 5946] <... close resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5825] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5946] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5825] newfstatat(AT_FDCWD, "./21/file1", [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5946] <... open resumed>) = 4 [pid 5825] umount2("./21/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5948] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5949 attached [pid 5946] exit_group(0 [pid 5825] openat(AT_FDCWD, "./21/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5946] <... exit_group resumed>) = ? [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] getdents64(4, [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5949 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [ 115.516470][ T5947] loop4: detected capacity change from 0 to 4096 [ 115.547309][ T5947] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5825] getdents64(4, [pid 5949] set_robust_list(0x55558eab2660, 24 [pid 5947] <... mount resumed>) = 0 [pid 5946] +++ exited with 0 +++ [pid 5949] <... set_robust_list resumed>) = 0 [pid 5947] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5949] chdir("./22" [pid 5947] <... openat resumed>) = 3 [pid 5949] <... chdir resumed>) = 0 [pid 5825] close(4 [pid 5949] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5947] chdir("./file1" [pid 5825] <... close resumed>) = 0 [pid 5949] <... prctl resumed>) = 0 [pid 5947] <... chdir resumed>) = 0 [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5946, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5949] setpgid(0, 0 [pid 5947] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5825] rmdir("./21/file1" [pid 5949] <... setpgid resumed>) = 0 [pid 5947] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5825] <... rmdir resumed>) = 0 [pid 5949] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5825] umount2("./21/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5949] write(3, "1000", 4 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5949] <... write resumed>) = 4 [pid 5947] unlink("./file0/file0" [pid 5825] newfstatat(AT_FDCWD, "./21/binderfs", [pid 5949] close(3 [pid 5947] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5827] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5949] <... close resumed>) = 0 [pid 5947] memfd_create("syzkaller", 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] unlink("./21/binderfs" [pid 5949] symlink("/dev/binderfs", "./binderfs" [pid 5827] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... unlink resumed>) = 0 [pid 5949] <... symlink resumed>) = 0 [pid 5827] <... openat resumed>) = 3 [pid 5825] getdents64(3, executing program [pid 5949] write(1, "executing program\n", 18 [pid 5947] <... memfd_create resumed>) = 4 [pid 5827] newfstatat(3, "", [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5949] <... write resumed>) = 18 [pid 5947] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] close(3 [pid 5949] memfd_create("syzkaller", 0 [pid 5827] getdents64(3, [pid 5825] <... close resumed>) = 0 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5949] <... memfd_create resumed>) = 3 [pid 5949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5948] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5947] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5827] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] rmdir("./21") = 0 [pid 5825] mkdir("./22", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [ 115.599522][ T5947] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 115.613785][ T5947] ntfs3(loop4): ino=1b, mi_enum_attr [ 115.613812][ T5947] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5825] close(3) = 0 [pid 5949] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5948] <... write resumed>) = 2097152 [pid 5947] <... write resumed>) = 2097152 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5950 attached , child_tidptr=0x55558eab2650) = 5950 [pid 5950] set_robust_list(0x55558eab2660, 24 [pid 5947] munmap(0x7fde7cbdc000, 138412032 [pid 5950] <... set_robust_list resumed>) = 0 [pid 5950] chdir("./22" [pid 5827] <... umount2 resumed>) = 0 [pid 5950] <... chdir resumed>) = 0 [pid 5827] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5950] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5950] <... prctl resumed>) = 0 [pid 5948] munmap(0x7fde7cbdc000, 138412032 [pid 5827] newfstatat(AT_FDCWD, "./23/file1", [pid 5950] setpgid(0, 0 [pid 5948] <... munmap resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5950] <... setpgid resumed>) = 0 [pid 5947] <... munmap resumed>) = 0 [pid 5827] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5950] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5950] <... openat resumed>) = 3 [pid 5948] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5947] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5827] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5950] write(3, "1000", 4) = 4 [pid 5948] <... openat resumed>) = 4 [pid 5947] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] <... openat resumed>) = 4 [pid 5950] close(3) = 0 [pid 5827] newfstatat(4, "", [pid 5950] symlink("/dev/binderfs", "./binderfs" [pid 5948] ioctl(4, LOOP_SET_FD, 3 [pid 5947] close(4 [pid 5950] <... symlink resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5950] write(1, "executing program\n", 18executing program ) = 18 [pid 5948] <... ioctl resumed>) = 0 [pid 5950] memfd_create("syzkaller", 0 [pid 5949] <... write resumed>) = 2097152 [pid 5827] getdents64(4, [pid 5948] close(3) = 0 [pid 5948] close(4 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5950] <... memfd_create resumed>) = 3 [pid 5948] <... close resumed>) = 0 [pid 5950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5948] mkdir("./file1", 0777 [pid 5950] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5948] <... mkdir resumed>) = 0 [pid 5949] munmap(0x7fde7cbdc000, 138412032 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4 [pid 5949] <... munmap resumed>) = 0 [pid 5948] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5947] <... close resumed>) = 0 [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./23/file1" [pid 5949] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5827] <... rmdir resumed>) = 0 [pid 5827] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5949] <... openat resumed>) = 4 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 115.727503][ T5948] loop0: detected capacity change from 0 to 4096 [ 115.765360][ T5948] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5949] ioctl(4, LOOP_SET_FD, 3 [pid 5827] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5949] <... ioctl resumed>) = 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5949] close(3 [pid 5827] unlink("./23/binderfs" [pid 5949] <... close resumed>) = 0 [pid 5947] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] <... unlink resumed>) = 0 [pid 5949] close(4) = 0 [pid 5827] getdents64(3, [pid 5949] mkdir("./file1", 0777 [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5949] <... mkdir resumed>) = 0 [pid 5827] close(3 [pid 5949] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5947] <... open resumed>) = 4 [pid 5827] <... close resumed>) = 0 [pid 5827] rmdir("./23") = 0 [pid 5947] exit_group(0) = ? [ 115.770496][ T5949] loop2: detected capacity change from 0 to 4096 [pid 5950] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5947] +++ exited with 0 +++ [pid 5827] mkdir("./24", 0777 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5947, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=8 /* 0.08 s */} --- [pid 5827] <... mkdir resumed>) = 0 [pid 5828] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5828] newfstatat(3, "", [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, [pid 5827] <... openat resumed>) = 3 [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] ioctl(3, LOOP_CLR_FD) = 0 [pid 5827] close(3 [pid 5948] <... mount resumed>) = 0 [pid 5948] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5948] chdir("./file1") = 0 [pid 5948] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [ 115.800963][ T5949] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 115.826631][ T5948] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [pid 5948] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5950] <... write resumed>) = 2097152 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5951 attached [pid 5948] memfd_create("syzkaller", 0 [pid 5951] set_robust_list(0x55558eab2660, 24) = 0 [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5951 [pid 5951] chdir("./24" [pid 5950] munmap(0x7fde7cbdc000, 138412032 [pid 5949] <... mount resumed>) = 0 [pid 5948] <... memfd_create resumed>) = 4 [pid 5828] <... umount2 resumed>) = 0 [pid 5951] <... chdir resumed>) = 0 [pid 5949] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5948] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5951] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5949] <... openat resumed>) = 3 [pid 5948] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5951] <... prctl resumed>) = 0 [pid 5950] <... munmap resumed>) = 0 [pid 5949] chdir("./file1" [pid 5828] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5951] setpgid(0, 0 [pid 5950] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5951] <... setpgid resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5951] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5950] <... openat resumed>) = 4 [pid 5949] <... chdir resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./22/file1", [pid 5951] <... openat resumed>) = 3 [pid 5949] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5951] write(3, "1000", 4 [pid 5949] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5951] <... write resumed>) = 4 [pid 5950] ioctl(4, LOOP_SET_FD, 3 [pid 5949] unlink("./file0/file0" [pid 5828] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5951] close(3 [pid 5950] <... ioctl resumed>) = 0 [pid 5951] <... close resumed>) = 0 [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5951] symlink("/dev/binderfs", "./binderfs") = 0 executing program [pid 5951] write(1, "executing program\n", 18 [pid 5950] close(3 [pid 5951] <... write resumed>) = 18 [pid 5950] <... close resumed>) = 0 [ 115.848600][ T5948] ntfs3(loop0): ino=1b, mi_enum_attr [ 115.848626][ T5948] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 115.883266][ T5949] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [pid 5828] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5951] memfd_create("syzkaller", 0 [pid 5950] close(4 [pid 5949] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... openat resumed>) = 4 [pid 5951] <... memfd_create resumed>) = 3 [pid 5950] <... close resumed>) = 0 [pid 5949] memfd_create("syzkaller", 0 [pid 5828] newfstatat(4, "", [pid 5951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5950] mkdir("./file1", 0777 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5951] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5950] <... mkdir resumed>) = 0 [pid 5828] getdents64(4, [pid 5949] <... memfd_create resumed>) = 4 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5950] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5949] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5828] getdents64(4, [pid 5949] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5828] close(4) = 0 [pid 5828] rmdir("./22/file1") = 0 [pid 5948] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5828] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] unlink("./22/binderfs" [pid 5948] <... write resumed>) = 2097152 [pid 5948] munmap(0x7fde7cbdc000, 138412032 [pid 5828] <... unlink resumed>) = 0 [pid 5948] <... munmap resumed>) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5828] rmdir("./22") = 0 [pid 5828] mkdir("./23", 0777) = 0 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [ 115.902703][ T5950] loop1: detected capacity change from 0 to 4096 [ 115.906594][ T5949] ntfs3(loop2): ino=1b, mi_enum_attr [ 115.906621][ T5949] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 115.929120][ T5950] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5828] close(3 [pid 5951] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5948] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5948] close(4) = 0 [pid 5950] <... mount resumed>) = 0 [pid 5950] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5950] chdir("./file1") = 0 [pid 5949] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5950] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5948] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... close resumed>) = 0 [pid 5950] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5952 attached [pid 5950] unlink("./file0/file0") = -1 EINVAL (Invalid argument) [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5952 [pid 5952] set_robust_list(0x55558eab2660, 24) = 0 [pid 5952] chdir("./23") = 0 [pid 5950] memfd_create("syzkaller", 0 [pid 5952] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5952] setpgid(0, 0) = 0 [pid 5950] <... memfd_create resumed>) = 4 [pid 5952] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5950] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5952] <... openat resumed>) = 3 [pid 5950] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5952] write(3, "1000", 4 [pid 5951] <... write resumed>) = 2097152 [pid 5948] <... open resumed>) = 4 [pid 5948] exit_group(0 [pid 5951] munmap(0x7fde7cbdc000, 138412032 [pid 5948] <... exit_group resumed>) = ? executing program [pid 5952] <... write resumed>) = 4 [pid 5952] close(3) = 0 [pid 5952] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5952] write(1, "executing program\n", 18) = 18 [pid 5952] memfd_create("syzkaller", 0 [pid 5951] <... munmap resumed>) = 0 [pid 5949] <... write resumed>) = 2097152 [pid 5952] <... memfd_create resumed>) = 3 [pid 5948] +++ exited with 0 +++ [pid 5949] munmap(0x7fde7cbdc000, 138412032 [pid 5951] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5948, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5951] <... openat resumed>) = 4 [pid 5949] <... munmap resumed>) = 0 [pid 5824] restart_syscall(<... resuming interrupted clone ...> [pid 5951] ioctl(4, LOOP_SET_FD, 3 [pid 5824] <... restart_syscall resumed>) = 0 [pid 5951] <... ioctl resumed>) = 0 [ 116.006364][ T5950] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 116.035866][ T5950] ntfs3(loop1): ino=1b, mi_enum_attr [ 116.035893][ T5950] ntfs3(loop1): Mark volume as dirty due to NTFS errors [pid 5949] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5951] close(3 [pid 5949] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5824] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5951] <... close resumed>) = 0 [pid 5949] close(4 [pid 5824] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5951] close(4) = 0 [pid 5951] mkdir("./file1", 0777) = 0 [pid 5951] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5950] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5949] <... close resumed>) = 0 [pid 5949] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5952] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5949] <... open resumed>) = 4 [pid 5949] exit_group(0) = ? [pid 5949] +++ exited with 0 +++ [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5949, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5826] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5826] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... umount2 resumed>) = 0 [pid 5824] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./23/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5951] <... mount resumed>) = 0 [pid 5824] <... openat resumed>) = 4 [pid 5824] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(4, 0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5824] close(4) = 0 [pid 5824] rmdir("./23/file1") = 0 [pid 5824] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5824] unlink("./23/binderfs" [pid 5951] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5824] <... unlink resumed>) = 0 [pid 5951] <... openat resumed>) = 3 [pid 5824] getdents64(3, [pid 5951] chdir("./file1" [pid 5824] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5951] <... chdir resumed>) = 0 [pid 5824] close(3 [ 116.068822][ T5951] loop3: detected capacity change from 0 to 4096 [ 116.103987][ T5951] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [pid 5951] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5950] <... write resumed>) = 2097152 [pid 5824] <... close resumed>) = 0 [pid 5951] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5824] rmdir("./23" [pid 5951] unlink("./file0/file0" [pid 5824] <... rmdir resumed>) = 0 [pid 5951] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5951] memfd_create("syzkaller", 0 [pid 5824] mkdir("./24", 0777 [pid 5951] <... memfd_create resumed>) = 4 [pid 5824] <... mkdir resumed>) = 0 [pid 5951] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5950] munmap(0x7fde7cbdc000, 138412032 [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5950] <... munmap resumed>) = 0 [pid 5824] <... openat resumed>) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD) = 0 [pid 5824] close(3 [pid 5950] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5950] close(4) = 0 [pid 5824] <... close resumed>) = 0 [pid 5952] <... write resumed>) = 2097152 [pid 5951] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5950] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5952] munmap(0x7fde7cbdc000, 138412032 [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x55558eab2650) = 5953 ./strace-static-x86_64: Process 5953 attached [pid 5952] <... munmap resumed>) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5950] <... open resumed>) = 4 [pid 5953] set_robust_list(0x55558eab2660, 24) = 0 [pid 5952] ioctl(4, LOOP_SET_FD, 3 [pid 5953] chdir("./24") = 0 [pid 5953] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5952] <... ioctl resumed>) = 0 [pid 5952] close(3 [pid 5950] exit_group(0 [pid 5952] <... close resumed>) = 0 [ 116.151593][ T5951] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 116.159273][ T5951] ntfs3(loop3): ino=1b, mi_enum_attr [ 116.159299][ T5951] ntfs3(loop3): Mark volume as dirty due to NTFS errors [pid 5953] setpgid(0, 0 [pid 5950] <... exit_group resumed>) = ? [pid 5950] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5950, si_uid=0, si_status=0, si_utime=4 /* 0.04 s */, si_stime=4 /* 0.04 s */} --- [pid 5953] <... setpgid resumed>) = 0 [pid 5953] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5952] close(4 [pid 5826] <... umount2 resumed>) = 0 [pid 5953] <... openat resumed>) = 3 [pid 5952] <... close resumed>) = 0 [pid 5952] mkdir("./file1", 0777 [pid 5953] write(3, "1000", 4 [pid 5826] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5953] <... write resumed>) = 4 [pid 5952] <... mkdir resumed>) = 0 [pid 5826] newfstatat(AT_FDCWD, "./22/file1", [pid 5952] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] umount2("./22", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5953] close(3 [pid 5826] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5953] <... close resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5825] openat(AT_FDCWD, "./22", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5953] symlink("/dev/binderfs", "./binderfs" [pid 5826] newfstatat(4, "", [pid 5825] <... openat resumed>) = 3 [pid 5953] <... symlink resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] newfstatat(3, "", [pid 5953] write(1, "executing program\n", 18 [pid 5826] getdents64(4, [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(3, [pid 5826] getdents64(4, [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] close(4) = 0 [pid 5826] rmdir("./22/file1"executing program ) = 0 [pid 5826] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5953] <... write resumed>) = 18 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5953] memfd_create("syzkaller", 0 [pid 5826] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5953] <... memfd_create resumed>) = 3 [pid 5826] unlink("./22/binderfs" [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] <... unlink resumed>) = 0 [pid 5953] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./22") = 0 [pid 5951] <... write resumed>) = 2097152 [pid 5826] mkdir("./23", 0777 [pid 5951] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... mkdir resumed>) = 0 [pid 5951] <... munmap resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5826] close(3 [pid 5825] <... umount2 resumed>) = 0 [pid 5951] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5951] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./22/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./22/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] openat(AT_FDCWD, "./22/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5825] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5951] close(4 [pid 5825] getdents64(4, [pid 5953] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5825] close(4) = 0 [pid 5825] rmdir("./22/file1") = 0 [pid 5825] umount2("./22/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 116.216964][ T5952] loop4: detected capacity change from 0 to 4096 [ 116.237724][ T5952] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [pid 5825] newfstatat(AT_FDCWD, "./22/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] unlink("./22/binderfs") = 0 [pid 5825] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5826] <... close resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5825] rmdir("./22") = 0 [pid 5825] mkdir("./23", 0777) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD) = 0 [pid 5825] close(3 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5954 attached [pid 5954] set_robust_list(0x55558eab2660, 24 [pid 5953] <... write resumed>) = 2097152 [pid 5951] <... close resumed>) = 0 [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5954 [pid 5954] <... set_robust_list resumed>) = 0 [pid 5954] chdir("./23" [pid 5953] munmap(0x7fde7cbdc000, 138412032 [pid 5954] <... chdir resumed>) = 0 [pid 5951] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5954] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5954] setpgid(0, 0) = 0 [pid 5954] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5953] <... munmap resumed>) = 0 [pid 5954] <... openat resumed>) = 3 [pid 5954] write(3, "1000", 4) = 4 [pid 5954] close(3) = 0 [pid 5954] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5954] write(1, "executing program\n", 18executing program ) = 18 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5953] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5954] memfd_create("syzkaller", 0 [pid 5951] <... open resumed>) = 4 [pid 5953] close(3) = 0 [pid 5953] close(4 [pid 5954] <... memfd_create resumed>) = 3 [pid 5825] <... close resumed>) = 0 [pid 5953] <... close resumed>) = 0 [pid 5951] exit_group(0 [pid 5954] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5951] <... exit_group resumed>) = ? [pid 5954] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5953] mkdir("./file1", 0777 [pid 5951] +++ exited with 0 +++ [pid 5827] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5951, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=9 /* 0.09 s */} --- [pid 5827] restart_syscall(<... resuming interrupted clone ...> [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5953] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5955 attached [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5955 [pid 5827] <... restart_syscall resumed>) = 0 [pid 5955] set_robust_list(0x55558eab2660, 24 [pid 5953] mount("/dev/loop0", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5952] <... mount resumed>) = 0 [pid 5955] <... set_robust_list resumed>) = 0 [pid 5955] chdir("./23") = 0 [pid 5952] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5955] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5952] <... openat resumed>) = 3 [pid 5827] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5955] <... prctl resumed>) = 0 [pid 5952] chdir("./file1" [pid 5955] setpgid(0, 0 [pid 5827] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5955] <... setpgid resumed>) = 0 [pid 5952] <... chdir resumed>) = 0 [pid 5827] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5955] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5952] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5955] <... openat resumed>) = 3 [pid 5827] <... openat resumed>) = 3 [pid 5955] write(3, "1000", 4 [pid 5952] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] newfstatat(3, "", [pid 5955] <... write resumed>) = 4 [pid 5952] unlink("./file0/file0" [pid 5955] close(3 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5955] <... close resumed>) = 0 [pid 5827] getdents64(3, [pid 5955] symlink("/dev/binderfs", "./binderfs" [pid 5827] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5955] <... symlink resumed>) = 0 [ 116.363296][ T5953] loop0: detected capacity change from 0 to 4096 [ 116.389135][ T5952] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 116.406414][ T5953] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [pid 5827] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOWexecuting program [pid 5955] write(1, "executing program\n", 18) = 18 [pid 5952] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5955] memfd_create("syzkaller", 0 [pid 5952] memfd_create("syzkaller", 0) = 4 [pid 5952] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5955] <... memfd_create resumed>) = 3 [pid 5955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5954] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5952] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152) = 2097152 [ 116.416616][ T5952] ntfs3(loop4): ino=1b, mi_enum_attr [ 116.416643][ T5952] ntfs3(loop4): Mark volume as dirty due to NTFS errors [pid 5952] munmap(0x7fde7cbdc000, 138412032 [pid 5955] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5953] <... mount resumed>) = 0 [pid 5953] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY) = 3 [pid 5827] <... umount2 resumed>) = 0 [pid 5953] chdir("./file1") = 0 [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5953] unlink("./file0/file0" [pid 5952] <... munmap resumed>) = 0 [pid 5952] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5953] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5952] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5827] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5952] close(4 [pid 5827] newfstatat(AT_FDCWD, "./24/file1", [pid 5953] memfd_create("syzkaller", 0 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5827] newfstatat(4, "", [pid 5953] <... memfd_create resumed>) = 4 [pid 5827] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5953] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5827] getdents64(4, [pid 5953] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5827] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5955] <... write resumed>) = 2097152 [pid 5952] <... close resumed>) = 0 [pid 5827] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5827] close(4) = 0 [pid 5827] rmdir("./24/file1") = 0 [pid 5955] munmap(0x7fde7cbdc000, 138412032 [pid 5952] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5827] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5827] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5827] unlink("./24/binderfs") = 0 [pid 5827] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5827] close(3) = 0 [pid 5827] rmdir("./24" [pid 5954] <... write resumed>) = 2097152 [pid 5952] <... open resumed>) = 4 [pid 5827] <... rmdir resumed>) = 0 [pid 5954] munmap(0x7fde7cbdc000, 138412032 [pid 5952] exit_group(0) = ? [pid 5954] <... munmap resumed>) = 0 [pid 5952] +++ exited with 0 +++ [pid 5955] <... munmap resumed>) = 0 [pid 5954] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5955] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5954] <... openat resumed>) = 4 [pid 5828] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5952, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5827] mkdir("./25", 0777 [pid 5955] <... openat resumed>) = 4 [pid 5954] ioctl(4, LOOP_SET_FD, 3 [pid 5828] restart_syscall(<... resuming interrupted clone ...> [pid 5827] <... mkdir resumed>) = 0 [ 116.483482][ T5953] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 116.495192][ T5953] ntfs3(loop0): ino=1b, mi_enum_attr [ 116.495217][ T5953] ntfs3(loop0): Mark volume as dirty due to NTFS errors [pid 5955] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5954] <... ioctl resumed>) = 0 [pid 5827] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5955] close(3 [pid 5954] close(3 [pid 5955] <... close resumed>) = 0 [pid 5954] <... close resumed>) = 0 [pid 5955] close(4 [pid 5954] close(4 [pid 5955] <... close resumed>) = 0 [pid 5954] <... close resumed>) = 0 [pid 5828] <... restart_syscall resumed>) = 0 [pid 5955] mkdir("./file1", 0777 [pid 5954] mkdir("./file1", 0777 [pid 5953] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5955] <... mkdir resumed>) = 0 [pid 5954] <... mkdir resumed>) = 0 [pid 5828] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5827] <... openat resumed>) = 3 [pid 5955] mount("/dev/loop1", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5954] mount("/dev/loop2", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] ioctl(3, LOOP_CLR_FD [pid 5828] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5827] <... ioctl resumed>) = 0 [pid 5828] <... openat resumed>) = 3 [pid 5827] close(3 [pid 5828] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5828] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5828] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = 0 [pid 5953] <... write resumed>) = 2097152 [pid 5953] munmap(0x7fde7cbdc000, 138412032) = 0 [ 116.540013][ T5954] loop2: detected capacity change from 0 to 4096 [ 116.540506][ T5955] loop1: detected capacity change from 0 to 4096 [ 116.576471][ T5954] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 116.581318][ T5955] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [pid 5828] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5953] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = -1 EBUSY (Device or resource busy) [pid 5828] newfstatat(AT_FDCWD, "./23/file1", [pid 5953] close(4 [pid 5828] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5828] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5828] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5828] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5955] <... mount resumed>) = 0 [pid 5828] getdents64(4, [pid 5955] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5827] <... close resumed>) = 0 [pid 5827] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5955] <... openat resumed>) = 3 [pid 5828] getdents64(4, ./strace-static-x86_64: Process 5956 attached [pid 5954] <... mount resumed>) = 0 [pid 5828] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5955] chdir("./file1" [pid 5828] close(4 [pid 5955] <... chdir resumed>) = 0 [pid 5954] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5828] <... close resumed>) = 0 [pid 5955] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5954] <... openat resumed>) = 3 [pid 5828] rmdir("./23/file1" [pid 5955] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5954] chdir("./file1" [pid 5828] <... rmdir resumed>) = 0 [pid 5955] unlink("./file0/file0" [pid 5954] <... chdir resumed>) = 0 [pid 5828] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5954] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5828] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5827] <... clone resumed>, child_tidptr=0x55558eab2650) = 5956 [pid 5956] set_robust_list(0x55558eab2660, 24 [pid 5954] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5953] <... close resumed>) = 0 [pid 5828] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5956] <... set_robust_list resumed>) = 0 [pid 5954] unlink("./file0/file0" [pid 5956] chdir("./25" [pid 5955] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5956] <... chdir resumed>) = 0 [pid 5955] memfd_create("syzkaller", 0 [pid 5954] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5828] unlink("./23/binderfs") = 0 [pid 5956] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5956] setpgid(0, 0) = 0 [pid 5828] getdents64(3, [pid 5956] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5828] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5828] close(3) = 0 [pid 5956] <... openat resumed>) = 3 [pid 5828] rmdir("./23" [pid 5955] <... memfd_create resumed>) = 4 [pid 5828] <... rmdir resumed>) = 0 [pid 5955] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5956] write(3, "1000", 4 [pid 5955] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5828] mkdir("./24", 0777) = 0 [ 116.642108][ T5955] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 116.651746][ T5954] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 116.668395][ T5955] ntfs3(loop1): ino=1b, mi_enum_attr [ 116.668420][ T5955] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 116.669463][ T5954] ntfs3(loop2): ino=1b, mi_enum_attr executing program [pid 5956] <... write resumed>) = 4 [pid 5828] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5956] close(3) = 0 [pid 5956] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5956] write(1, "executing program\n", 18) = 18 [pid 5956] memfd_create("syzkaller", 0 [pid 5953] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5828] <... openat resumed>) = 3 [pid 5828] ioctl(3, LOOP_CLR_FD) = 0 [pid 5828] close(3 [pid 5956] <... memfd_create resumed>) = 3 [pid 5953] <... open resumed>) = 4 [pid 5956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5954] memfd_create("syzkaller", 0) = 4 [pid 5954] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5953] exit_group(0) = ? [ 116.669484][ T5954] ntfs3(loop2): Mark volume as dirty due to NTFS errors [pid 5954] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5953] +++ exited with 0 +++ [pid 5828] <... close resumed>) = 0 [pid 5955] write(4, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x40\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00\x0f\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\xf4\x00\x00\x00\x5c\xdb\x3c\x27\x8b\x67\x89\x70\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5954] <... write resumed>) = 2097152 [pid 5824] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5953, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5824] umount2("./24", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5954] munmap(0x7fde7cbdc000, 138412032 [pid 5824] openat(AT_FDCWD, "./24", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5824] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5824] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5828] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5954] <... munmap resumed>) = 0 [pid 5954] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5957 attached ) = -1 EBUSY (Device or resource busy) [pid 5954] close(4 [pid 5828] <... clone resumed>, child_tidptr=0x55558eab2650) = 5957 [pid 5957] set_robust_list(0x55558eab2660, 24) = 0 [pid 5957] chdir("./24") = 0 [pid 5957] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5957] setpgid(0, 0) = 0 [pid 5957] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5956] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5957] <... openat resumed>) = 3 [pid 5957] write(3, "1000", 4 [pid 5955] <... write resumed>) = 2097152 [pid 5954] <... close resumed>) = 0 [pid 5824] <... umount2 resumed>) = 0 executing program [pid 5957] <... write resumed>) = 4 [pid 5955] munmap(0x7fde7cbdc000, 138412032 [pid 5954] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5824] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5957] close(3) = 0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5957] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5824] newfstatat(AT_FDCWD, "./24/file1", [pid 5957] write(1, "executing program\n", 18) = 18 [pid 5955] <... munmap resumed>) = 0 [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5957] memfd_create("syzkaller", 0 [pid 5955] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5954] <... open resumed>) = 4 [pid 5824] umount2("./24/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5955] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5954] exit_group(0 [pid 5824] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5954] <... exit_group resumed>) = ? [pid 5955] close(4 [pid 5824] openat(AT_FDCWD, "./24/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5957] <... memfd_create resumed>) = 3 [pid 5954] +++ exited with 0 +++ [pid 5824] newfstatat(4, "", [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5826] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5954, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5824] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5957] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5826] restart_syscall(<... resuming interrupted clone ...> [pid 5824] getdents64(4, [pid 5826] <... restart_syscall resumed>) = 0 [pid 5824] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5824] getdents64(4, 0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5826] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] close(4 [pid 5826] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5955] <... close resumed>) = 0 [pid 5955] open("./bus", O_RDONLY|O_CREAT|O_TRUNC|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME|0x3c, 000 [pid 5826] <... openat resumed>) = 3 [pid 5824] <... close resumed>) = 0 [pid 5826] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5824] rmdir("./24/file1" [pid 5826] getdents64(3, [pid 5824] <... rmdir resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] umount2("./24/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5824] newfstatat(AT_FDCWD, "./24/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5955] <... open resumed>) = 4 [pid 5955] exit_group(0 [pid 5824] unlink("./24/binderfs" [pid 5955] <... exit_group resumed>) = ? [pid 5824] <... unlink resumed>) = 0 [pid 5824] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5824] close(3) = 0 [pid 5824] rmdir("./24") = 0 [pid 5955] +++ exited with 0 +++ [pid 5825] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5955, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5956] <... write resumed>) = 2097152 [pid 5824] mkdir("./25", 0777 [pid 5957] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x01\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x78\x5f\xaa\x3b\xd7\x0e\xce\x68\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5956] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... umount2 resumed>) = 0 [pid 5825] umount2("./23", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5824] <... mkdir resumed>) = 0 [pid 5956] <... munmap resumed>) = 0 [pid 5826] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./23/file1", [pid 5825] openat(AT_FDCWD, "./23", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5824] <... openat resumed>) = 3 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] <... openat resumed>) = 3 [pid 5824] ioctl(3, LOOP_CLR_FD [pid 5956] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5826] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5825] newfstatat(3, "", [pid 5956] <... openat resumed>) = 4 [pid 5826] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5824] <... ioctl resumed>) = 0 [pid 5956] ioctl(4, LOOP_SET_FD, 3 [pid 5826] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5956] <... ioctl resumed>) = 0 [pid 5826] <... openat resumed>) = 4 [pid 5824] close(3 [pid 5956] close(3 [pid 5825] getdents64(3, [pid 5826] newfstatat(4, "", [pid 5956] <... close resumed>) = 0 [pid 5826] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 4 entries */, 32768) = 112 [pid 5826] getdents64(4, [pid 5956] close(4 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5825] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5826] getdents64(4, [pid 5956] <... close resumed>) = 0 [pid 5826] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5956] mkdir("./file1", 0777 [pid 5826] close(4 [pid 5956] <... mkdir resumed>) = 0 [pid 5826] <... close resumed>) = 0 [pid 5956] mount("/dev/loop3", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] rmdir("./23/file1") = 0 [pid 5826] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5826] newfstatat(AT_FDCWD, "./23/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5826] unlink("./23/binderfs") = 0 [pid 5826] getdents64(3, 0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5826] close(3) = 0 [pid 5826] rmdir("./23") = 0 [pid 5957] <... write resumed>) = 2097152 [pid 5826] mkdir("./24", 0777 [pid 5957] munmap(0x7fde7cbdc000, 138412032 [pid 5826] <... mkdir resumed>) = 0 [pid 5824] <... close resumed>) = 0 [pid 5957] <... munmap resumed>) = 0 [pid 5826] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5957] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5824] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5957] <... openat resumed>) = 4 [pid 5826] <... openat resumed>) = 3 [pid 5826] ioctl(3, LOOP_CLR_FD) = 0 [pid 5826] close(3 [pid 5957] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5957] close(3) = 0 [pid 5957] close(4) = 0 [pid 5957] mkdir("./file1", 0777) = 0 [pid 5957] mount("/dev/loop4", "./file1", "ntfs3", MS_SYNCHRONOUS|MS_MANDLOCK|MS_NODIRATIME|MS_REC|MS_STRICTATIME, "" [pid 5826] <... close resumed>) = 0 [ 116.893137][ T5956] loop3: detected capacity change from 0 to 4096 [ 116.900963][ T5956] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 116.937076][ T5957] loop4: detected capacity change from 0 to 4096 [pid 5826] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5958 attached [pid 5956] <... mount resumed>) = 0 [pid 5825] <... umount2 resumed>) = 0 [pid 5825] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5825] newfstatat(AT_FDCWD, "./23/file1", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5825] umount2("./23/file1", MNT_FORCE|UMOUNT_NOFOLLOW [pid 5958] set_robust_list(0x55558eab2660, 24 [pid 5825] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5958] <... set_robust_list resumed>) = 0 [pid 5825] openat(AT_FDCWD, "./23/file1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5958] chdir("./25" [pid 5825] <... openat resumed>) = 4 [pid 5825] newfstatat(4, "", [pid 5958] <... chdir resumed>) = 0 [pid 5825] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5958] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5825] getdents64(4, [pid 5824] <... clone resumed>, child_tidptr=0x55558eab2650) = 5958 [pid 5958] <... prctl resumed>) = 0 [pid 5956] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 2 entries */, 32768) = 48 [pid 5958] setpgid(0, 0 [pid 5956] <... openat resumed>) = 3 [pid 5825] getdents64(4, [pid 5956] chdir("./file1" [pid 5826] <... clone resumed>, child_tidptr=0x55558eab2650) = 5959 [pid 5956] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5959 attached [pid 5958] <... setpgid resumed>) = 0 [pid 5956] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5825] <... getdents64 resumed>0x55558eabb730 /* 0 entries */, 32768) = 0 [pid 5958] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5956] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5825] close(4) = 0 [pid 5825] rmdir("./23/file1") = 0 [pid 5825] umount2("./23/binderfs", MNT_FORCE|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5958] write(3, "1000", 4 [pid 5825] newfstatat(AT_FDCWD, "./23/binderfs", [pid 5958] <... write resumed>) = 4 [pid 5825] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5958] close(3) = 0 [pid 5956] unlink("./file0/file0" [pid 5825] unlink("./23/binderfs" [pid 5958] symlink("/dev/binderfs", "./binderfs" [pid 5959] set_robust_list(0x55558eab2660, 24 [pid 5958] <... symlink resumed>) = 0 [pid 5825] <... unlink resumed>) = 0 executing program [pid 5959] <... set_robust_list resumed>) = 0 [pid 5958] write(1, "executing program\n", 18 [pid 5959] chdir("./24" [pid 5958] <... write resumed>) = 18 [pid 5825] getdents64(3, [pid 5958] memfd_create("syzkaller", 0 [pid 5825] <... getdents64 resumed>0x55558eab36f0 /* 0 entries */, 32768) = 0 [pid 5825] close(3 [pid 5957] <... mount resumed>) = 0 [pid 5825] <... close resumed>) = 0 [pid 5959] <... chdir resumed>) = 0 [pid 5957] openat(AT_FDCWD, "./file1", O_RDONLY|O_DIRECTORY [pid 5825] rmdir("./23" [pid 5959] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5958] <... memfd_create resumed>) = 3 [pid 5957] <... openat resumed>) = 3 [pid 5825] <... rmdir resumed>) = 0 [pid 5959] <... prctl resumed>) = 0 [pid 5958] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5957] chdir("./file1" [pid 5825] mkdir("./24", 0777 [pid 5959] setpgid(0, 0 [pid 5958] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5957] <... chdir resumed>) = 0 [pid 5956] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5825] <... mkdir resumed>) = 0 [pid 5825] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5825] ioctl(3, LOOP_CLR_FD [pid 5956] memfd_create("syzkaller", 0 [pid 5825] <... ioctl resumed>) = 0 [pid 5959] <... setpgid resumed>) = 0 [pid 5957] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 116.955007][ T5956] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 116.955006][ T5957] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 116.986035][ T5956] ntfs3(loop3): ino=1b, mi_enum_attr [ 116.986061][ T5956] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 116.990806][ T5957] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [pid 5825] close(3 [pid 5959] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5957] <... openat resumed>) = -1 EBUSY (Device or resource busy) [pid 5956] <... memfd_create resumed>) = 4 [pid 5956] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fde7cbdc000 [pid 5957] unlink("./file0/file0" [pid 5959] <... openat resumed>) = 3 [pid 5959] write(3, "1000", 4 [pid 5825] <... close resumed>) = 0 [pid 5959] <... write resumed>) = 4 [pid 5959] close(3) = 0 [pid 5825] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5959] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5959] write(1, "executing program\n", 18executing program [pid 5957] <... unlink resumed>) = -1 EINVAL (Invalid argument) [pid 5959] <... write resumed>) = 18 [pid 5959] memfd_create("syzkaller", 0 [pid 5825] <... clone resumed>, child_tidptr=0x55558eab2650) = 5960 [pid 5957] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5960 attached ) = 4 [pid 5959] <... memfd_create resumed>) = 3 [pid 5959] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5960] set_robust_list(0x55558eab2660, 24 [pid 5957] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5959] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5957] <... mmap resumed>) = 0x7fde7cbdc000 [pid 5960] <... set_robust_list resumed>) = 0 [pid 5960] chdir("./24"