./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor1097610588 <...> forked to background, child pid 4646 [ 32.693548][ T4647] 8021q: adding VLAN 0 to HW filter on device bond0 [ 32.716097][ T4647] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: [ 33.325940][ T4741] sshd (4741) used greatest stack depth: 15824 bytes left OK syzkaller Warning: Permanently added '10.128.1.12' (ECDSA) to the list of known hosts. execve("./syz-executor1097610588", ["./syz-executor1097610588"], 0x7ffe01d84190 /* 10 vars */) = 0 brk(NULL) = 0x5555557a1000 brk(0x5555557a1c40) = 0x5555557a1c40 arch_prctl(ARCH_SET_FS, 0x5555557a1300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor1097610588", 4096) = 28 brk(0x5555557c2c40) = 0x5555557c2c40 brk(0x5555557c3000) = 0x5555557c3000 mprotect(0x7f014e7cf000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5071 attached , child_tidptr=0x5555557a15d0) = 5071 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] getpid() = 5071 [pid 5070] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5072 [pid 5071] mkdir("./syzkaller.FIMRtE", 0700 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5073 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5073 attached ./strace-static-x86_64: Process 5072 attached [pid 5071] chmod("./syzkaller.FIMRtE", 0777 [pid 5072] getpid( [pid 5070] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5074 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... chmod resumed>) = 0 [pid 5071] chdir("./syzkaller.FIMRtE" [pid 5072] <... getpid resumed>) = 5072 [pid 5072] mkdir("./syzkaller.i0bF3K", 0700 [pid 5071] <... chdir resumed>) = 0 [pid 5071] mkdir("./0", 0777 [pid 5070] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5075 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5076 ./strace-static-x86_64: Process 5075 attached [pid 5072] chmod("./syzkaller.i0bF3K", 0777 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] getpid() = 5075 [pid 5075] mkdir("./syzkaller.sY6HQV", 0700 [pid 5072] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5074 attached [pid 5071] <... openat resumed>) = 3 [pid 5072] chdir("./syzkaller.i0bF3K" [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5073] getpid( [pid 5074] getpid() = 5074 [pid 5075] <... mkdir resumed>) = 0 [pid 5074] mkdir("./syzkaller.G28MHS", 0700 [pid 5075] chmod("./syzkaller.sY6HQV", 0777 [pid 5072] <... chdir resumed>) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5075] <... chmod resumed>) = 0 [pid 5072] mkdir("./0", 0777 [pid 5071] close(3 [pid 5075] chdir("./syzkaller.sY6HQV" [pid 5074] <... mkdir resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5075] <... chdir resumed>) = 0 [pid 5075] mkdir("./0", 0777 [pid 5071] <... close resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5074] chmod("./syzkaller.G28MHS", 0777) = 0 [pid 5074] chdir("./syzkaller.G28MHS") = 0 [pid 5074] mkdir("./0", 0777 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5074] <... mkdir resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... openat resumed>) = 3 [pid 5072] <... openat resumed>) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5074] close(3) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5073] <... getpid resumed>) = 5073 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5078 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5077 [pid 5072] close(3 [pid 5073] mkdir("./syzkaller.LqpPeP", 0700 [pid 5072] <... close resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... mkdir resumed>) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5079 ./strace-static-x86_64: Process 5077 attached [pid 5077] chdir("./0" [pid 5073] chmod("./syzkaller.LqpPeP", 0777 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5080 [pid 5073] <... chmod resumed>) = 0 ./strace-static-x86_64: Process 5076 attached [pid 5073] chdir("./syzkaller.LqpPeP" [pid 5077] <... chdir resumed>) = 0 [pid 5073] <... chdir resumed>) = 0 [pid 5073] mkdir("./0", 0777 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5077] setpgid(0, 0) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5076] getpid() = 5076 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] close(3) = 0 [pid 5076] mkdir("./syzkaller.u9Me50", 0700 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] <... openat resumed>) = 3 [pid 5077] write(3, "1000", 4) = 4 [pid 5077] close(3) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5077] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5080 attached [pid 5076] chmod("./syzkaller.u9Me50", 0777./strace-static-x86_64: Process 5079 attached ./strace-static-x86_64: Process 5078 attached [pid 5080] chdir("./0" [pid 5079] chdir("./0" [pid 5078] chdir("./0" [pid 5077] <... symlink resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5081 [pid 5080] <... chdir resumed>) = 0 [pid 5079] <... chdir resumed>) = 0 [pid 5078] <... chdir resumed>) = 0 [pid 5077] memfd_create("syzkaller", 0 [pid 5076] <... chmod resumed>) = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5078] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... prctl resumed>) = 0 [pid 5078] <... prctl resumed>) = 0 [pid 5077] <... memfd_create resumed>) = 3 [pid 5080] <... prctl resumed>) = 0 [pid 5079] setpgid(0, 0 [pid 5078] setpgid(0, 0 [pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] chdir("./syzkaller.u9Me50" [pid 5079] <... setpgid resumed>) = 0 [pid 5078] <... setpgid resumed>) = 0 [pid 5077] <... mmap resumed>) = 0x7f01462f5000 ./strace-static-x86_64: Process 5081 attached [pid 5080] setpgid(0, 0 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5078] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... chdir resumed>) = 0 [pid 5081] chdir("./0" [pid 5080] <... setpgid resumed>) = 0 [pid 5079] <... openat resumed>) = 3 [pid 5078] <... openat resumed>) = 3 [pid 5079] write(3, "1000", 4 [pid 5078] write(3, "1000", 4 [pid 5076] mkdir("./0", 0777 [pid 5081] <... chdir resumed>) = 0 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... write resumed>) = 4 [pid 5078] <... write resumed>) = 4 [pid 5079] close(3 [pid 5078] close(3 [pid 5081] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5079] <... close resumed>) = 0 [pid 5078] <... close resumed>) = 0 [pid 5081] <... prctl resumed>) = 0 [pid 5079] symlink("/dev/binderfs", "./binderfs" [pid 5078] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... mkdir resumed>) = 0 [pid 5081] setpgid(0, 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] <... symlink resumed>) = 0 [pid 5078] <... symlink resumed>) = 0 [pid 5081] <... setpgid resumed>) = 0 [pid 5080] write(3, "1000", 4 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5081] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5080] <... write resumed>) = 4 [pid 5079] memfd_create("syzkaller", 0 [pid 5078] memfd_create("syzkaller", 0 [pid 5076] <... openat resumed>) = 3 [pid 5081] <... openat resumed>) = 3 [pid 5080] close(3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5079] <... memfd_create resumed>) = 3 [pid 5078] <... memfd_create resumed>) = 3 [pid 5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5078] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5081] write(3, "1000", 4 [pid 5080] <... close resumed>) = 0 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5081] <... write resumed>) = 4 [pid 5080] symlink("/dev/binderfs", "./binderfs" [pid 5076] close(3 [pid 5081] close(3 [pid 5080] <... symlink resumed>) = 0 [pid 5079] <... mmap resumed>) = 0x7f01462f5000 [pid 5078] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] <... close resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5081] symlink("/dev/binderfs", "./binderfs" [pid 5080] memfd_create("syzkaller", 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5081] <... symlink resumed>) = 0 [pid 5081] memfd_create("syzkaller", 0 [pid 5080] <... memfd_create resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5083 [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5081] <... memfd_create resumed>) = 3 [pid 5080] <... mmap resumed>) = 0x7f01462f5000 [pid 5081] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 ./strace-static-x86_64: Process 5083 attached [pid 5083] chdir("./0") = 0 [pid 5083] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5083] setpgid(0, 0) = 0 [pid 5083] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5077] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5083] <... openat resumed>) = 3 [pid 5083] write(3, "1000", 4) = 4 [pid 5083] close(3 [pid 5080] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5083] <... close resumed>) = 0 [pid 5083] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5083] memfd_create("syzkaller", 0) = 3 [pid 5083] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5081] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5079] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5078] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5083] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5081] <... write resumed>) = 2097152 [pid 5080] <... write resumed>) = 2097152 [pid 5077] <... write resumed>) = 2097152 [pid 5077] munmap(0x7f01462f5000, 2097152 [pid 5080] munmap(0x7f01462f5000, 2097152) = 0 [pid 5081] munmap(0x7f01462f5000, 2097152 [pid 5080] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5077] <... munmap resumed>) = 0 [pid 5080] ioctl(4, LOOP_SET_FD, 3 [pid 5077] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5077] ioctl(4, LOOP_SET_FD, 3 [pid 5081] <... munmap resumed>) = 0 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] <... write resumed>) = 2097152 [pid 5079] munmap(0x7f01462f5000, 2097152 [pid 5081] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5081] ioctl(4, LOOP_SET_FD, 3 [pid 5083] <... write resumed>) = 2097152 [pid 5081] <... ioctl resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5079] <... munmap resumed>) = 0 [pid 5078] <... write resumed>) = 2097152 [pid 5077] close(3 [pid 5083] munmap(0x7f01462f5000, 2097152 [pid 5081] close(3 [pid 5080] close(3 [pid 5079] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5078] munmap(0x7f01462f5000, 2097152 [pid 5077] <... close resumed>) = 0 [pid 5083] <... munmap resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5080] <... close resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [pid 5078] <... munmap resumed>) = 0 [pid 5077] mkdir("./file0", 0777 [pid 5083] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5081] mkdir("./file0", 0777 syzkaller login: [ 54.226498][ T5077] loop4: detected capacity change from 0 to 4096 [ 54.233388][ T5080] loop1: detected capacity change from 0 to 4096 [ 54.249578][ T5081] loop2: detected capacity change from 0 to 4096 [pid 5080] mkdir("./file0", 0777 [pid 5079] ioctl(4, LOOP_SET_FD, 3 [pid 5078] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5077] <... mkdir resumed>) = 0 [pid 5083] <... openat resumed>) = 4 [pid 5081] <... mkdir resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5078] <... openat resumed>) = 4 [pid 5077] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5083] ioctl(4, LOOP_SET_FD, 3 [ 54.287891][ T5079] loop3: detected capacity change from 0 to 4096 [ 54.298759][ T5077] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 54.309705][ T5083] loop5: detected capacity change from 0 to 4096 [ 54.318912][ T5081] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5081] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5080] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5078] ioctl(4, LOOP_SET_FD, 3 [pid 5083] <... ioctl resumed>) = 0 [pid 5078] <... ioctl resumed>) = 0 [pid 5083] close(3 [pid 5078] close(3 [pid 5083] <... close resumed>) = 0 [pid 5079] close(3 [pid 5078] <... close resumed>) = 0 [pid 5083] mkdir("./file0", 0777 [pid 5079] <... close resumed>) = 0 [pid 5078] mkdir("./file0", 0777 [pid 5083] <... mkdir resumed>) = 0 [pid 5079] mkdir("./file0", 0777 [pid 5078] <... mkdir resumed>) = 0 [pid 5083] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5079] <... mkdir resumed>) = 0 [ 54.330185][ T5080] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 54.340126][ T5078] loop0: detected capacity change from 0 to 4096 [ 54.360856][ T5083] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 54.372312][ T5078] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5078] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5079] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5077] <... mount resumed>) = 0 [pid 5081] <... mount resumed>) = 0 [pid 5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5081] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... openat resumed>) = 3 [pid 5081] <... openat resumed>) = 3 [ 54.373885][ T5079] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5077] chdir("./file0" [pid 5081] chdir("./file0" [pid 5077] <... chdir resumed>) = 0 [pid 5081] <... chdir resumed>) = 0 [pid 5077] ioctl(4, LOOP_CLR_FD [pid 5081] ioctl(4, LOOP_CLR_FD [pid 5077] <... ioctl resumed>) = 0 [pid 5081] <... ioctl resumed>) = 0 [pid 5077] close(4 [pid 5081] close(4 [pid 5077] <... close resumed>) = 0 [pid 5081] <... close resumed>) = 0 [pid 5077] exit_group(0 [pid 5081] exit_group(0 [pid 5077] <... exit_group resumed>) = ? [pid 5081] <... exit_group resumed>) = ? [pid 5077] +++ exited with 0 +++ [pid 5081] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5081, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5073] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5073] <... openat resumed>) = 3 [pid 5073] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(3, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5083] <... mount resumed>) = 0 [pid 5080] <... mount resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5083] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5083] <... openat resumed>) = 3 [pid 5080] <... openat resumed>) = 3 [pid 5075] fstat(3, [pid 5073] lstat("./0/binderfs", [pid 5083] chdir("./file0" [pid 5080] chdir("./file0" [pid 5078] <... mount resumed>) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5083] <... chdir resumed>) = 0 [pid 5080] <... chdir resumed>) = 0 [pid 5078] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] getdents64(3, [pid 5073] unlink("./0/binderfs" [pid 5083] ioctl(4, LOOP_CLR_FD [pid 5080] ioctl(4, LOOP_CLR_FD [pid 5078] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5080] <... ioctl resumed>) = 0 [pid 5078] chdir("./file0" [pid 5075] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5083] <... ioctl resumed>) = 0 [pid 5080] close(4 [pid 5078] <... chdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... unlink resumed>) = 0 [pid 5083] close(4 [pid 5080] <... close resumed>) = 0 [pid 5079] <... mount resumed>) = 0 [pid 5078] ioctl(4, LOOP_CLR_FD [pid 5075] lstat("./0/binderfs", [pid 5083] <... close resumed>) = 0 [pid 5080] exit_group(0 [pid 5078] <... ioctl resumed>) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5083] exit_group(0 [pid 5080] <... exit_group resumed>) = ? [pid 5078] close(4 [pid 5075] unlink("./0/binderfs" [pid 5083] <... exit_group resumed>) = ? [pid 5080] +++ exited with 0 +++ [pid 5079] <... openat resumed>) = 3 [pid 5078] <... close resumed>) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5078] exit_group(0 [pid 5075] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5083] +++ exited with 0 +++ [pid 5079] chdir("./file0" [pid 5078] <... exit_group resumed>) = ? [pid 5073] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5079] <... chdir resumed>) = 0 [pid 5078] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5083, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5079] ioctl(4, LOOP_CLR_FD [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5078, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5079] <... ioctl resumed>) = 0 [pid 5073] lstat("./0/file0", [pid 5079] close(4 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5079] <... close resumed>) = 0 [pid 5073] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] exit_group(0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... exit_group resumed>) = ? [pid 5076] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] +++ exited with 0 +++ [pid 5076] <... openat resumed>) = 3 [pid 5073] <... openat resumed>) = 4 [pid 5076] fstat(3, [pid 5073] fstat(4, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... openat resumed>) = 3 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] fstat(3, [pid 5076] getdents64(3, [pid 5074] restart_syscall(<... resuming interrupted clone ...> [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... restart_syscall resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] lstat("./0/binderfs", [pid 5075] <... umount2 resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] fstat(3, [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(4, [pid 5071] getdents64(3, [pid 5076] unlink("./0/binderfs" [pid 5075] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] close(4 [pid 5072] getdents64(3, [pid 5071] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] lstat("./0/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5074] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5075] fstat(4, [pid 5074] fstat(3, [pid 5073] rmdir("./0/file0" [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] lstat("./0/binderfs", [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] close(4 [pid 5074] getdents64(3, [pid 5073] getdents64(3, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] unlink("./0/binderfs" [pid 5075] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] lstat("./0/binderfs", [pid 5075] rmdir("./0/file0" [pid 5074] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(3 [pid 5071] <... unlink resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] <... close resumed>) = 0 [pid 5076] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, [pid 5074] lstat("./0/binderfs", [pid 5073] rmdir("./0" [pid 5072] unlink("./0/binderfs" [pid 5071] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] lstat("./0/file0", [pid 5075] close(3 [pid 5073] <... rmdir resumed>) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] unlink("./0/binderfs" [pid 5072] <... unlink resumed>) = 0 [pid 5076] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] rmdir("./0" [pid 5073] mkdir("./1", 0777 [pid 5071] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... rmdir resumed>) = 0 [pid 5074] <... unlink resumed>) = 0 [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] mkdir("./1", 0777 [pid 5074] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... mkdir resumed>) = 0 [pid 5071] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 4 [pid 5075] <... mkdir resumed>) = 0 [pid 5076] fstat(4, [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5074] <... umount2 resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] getdents64(4, [pid 5075] close(3 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5076] close(4 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./0/file0" [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5088 [pid 5076] <... rmdir resumed>) = 0 [pid 5074] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... openat resumed>) = 3 [pid 5071] lstat("./0/file0", [pid 5076] getdents64(3, [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] lstat("./0/file0", [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... close resumed>) = 0 [pid 5074] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(3 [pid 5071] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] rmdir("./0" [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5088 attached [pid 5076] <... rmdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5088] chdir("./1" [pid 5076] mkdir("./1", 0777 [pid 5074] <... openat resumed>) = 4 [pid 5088] <... chdir resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5074] fstat(4, [pid 5071] <... openat resumed>) = 4 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5089 ./strace-static-x86_64: Process 5089 attached [pid 5088] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5074] getdents64(4, [pid 5071] fstat(4, [pid 5088] setpgid(0, 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5089] chdir("./1" [pid 5088] <... setpgid resumed>) = 0 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] close(3 [pid 5074] getdents64(4, [pid 5071] getdents64(4, [pid 5089] <... chdir resumed>) = 0 [pid 5088] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5088] write(3, "1000", 4 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] close(4 [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5089] <... prctl resumed>) = 0 [pid 5088] <... write resumed>) = 4 [pid 5074] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] getdents64(4, [pid 5089] setpgid(0, 0 [pid 5088] close(3 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5090 [pid 5074] rmdir("./0/file0" [pid 5072] lstat("./0/file0", [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5089] <... setpgid resumed>) = 0 [pid 5088] <... close resumed>) = 0 [pid 5088] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... rmdir resumed>) = 0 [pid 5071] close(4./strace-static-x86_64: Process 5090 attached [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5088] <... symlink resumed>) = 0 [pid 5074] getdents64(3, [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... close resumed>) = 0 [pid 5090] chdir("./1" [pid 5089] <... openat resumed>) = 3 [pid 5088] memfd_create("syzkaller", 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] rmdir("./0/file0" [pid 5090] <... chdir resumed>) = 0 [pid 5089] write(3, "1000", 4 [pid 5088] <... memfd_create resumed>) = 3 [pid 5074] close(3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5089] <... write resumed>) = 4 [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] <... close resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... rmdir resumed>) = 0 [pid 5090] <... prctl resumed>) = 0 [pid 5089] close(3 [pid 5088] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] rmdir("./0" [pid 5090] setpgid(0, 0 [pid 5089] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5071] getdents64(3, [pid 5090] <... setpgid resumed>) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... rmdir resumed>) = 0 [pid 5072] fstat(4, [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5090] write(3, "1000", 4 [pid 5089] <... symlink resumed>) = 0 [pid 5074] mkdir("./1", 0777 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] close(3 [pid 5090] <... write resumed>) = 4 [pid 5090] close(3 [pid 5089] memfd_create("syzkaller", 0 [pid 5090] <... close resumed>) = 0 [pid 5089] <... memfd_create resumed>) = 3 [pid 5074] <... mkdir resumed>) = 0 [pid 5072] getdents64(4, [pid 5071] <... close resumed>) = 0 [pid 5090] symlink("/dev/binderfs", "./binderfs" [pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5090] <... symlink resumed>) = 0 [pid 5089] <... mmap resumed>) = 0x7f01462f5000 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] rmdir("./0" [pid 5090] memfd_create("syzkaller", 0 [pid 5074] <... openat resumed>) = 3 [pid 5090] <... memfd_create resumed>) = 3 [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5072] getdents64(4, [pid 5071] <... rmdir resumed>) = 0 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] close(3 [pid 5072] close(4 [pid 5071] mkdir("./1", 0777 [pid 5074] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] rmdir("./0/file0" [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] <... rmdir resumed>) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5092 [pid 5072] getdents64(3, [pid 5071] <... openat resumed>) = 3 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5072] close(3) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] rmdir("./0" [pid 5071] close(3 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5072] mkdir("./1", 0777 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5092 attached [pid 5072] <... mkdir resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5092] chdir("./1" [pid 5072] <... openat resumed>) = 3 [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5093 [pid 5092] <... chdir resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5092] setpgid(0, 0 [pid 5072] close(3./strace-static-x86_64: Process 5093 attached [pid 5092] <... setpgid resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5093] chdir("./1" [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5093] <... chdir resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5092] write(3, "1000", 4 [pid 5090] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 5094 attached [pid 5093] setpgid(0, 0 [pid 5092] <... write resumed>) = 4 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5094 [pid 5094] chdir("./1" [pid 5093] <... setpgid resumed>) = 0 [pid 5092] close(3 [pid 5094] <... chdir resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5092] <... close resumed>) = 0 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] <... openat resumed>) = 3 [pid 5092] symlink("/dev/binderfs", "./binderfs" [pid 5094] <... prctl resumed>) = 0 [pid 5093] write(3, "1000", 4 [pid 5092] <... symlink resumed>) = 0 [pid 5094] setpgid(0, 0 [pid 5093] <... write resumed>) = 4 [pid 5093] close(3 [pid 5094] <... setpgid resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] memfd_create("syzkaller", 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] symlink("/dev/binderfs", "./binderfs" [pid 5092] <... memfd_create resumed>) = 3 [pid 5089] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5094] <... openat resumed>) = 3 [pid 5093] <... symlink resumed>) = 0 [pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] write(3, "1000", 4 [pid 5093] memfd_create("syzkaller", 0 [pid 5092] <... mmap resumed>) = 0x7f01462f5000 [pid 5094] <... write resumed>) = 4 [pid 5093] <... memfd_create resumed>) = 3 [pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5094] close(3) = 0 [pid 5094] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5094] memfd_create("syzkaller", 0) = 3 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5090] <... write resumed>) = 2097152 [pid 5088] <... write resumed>) = 2097152 [pid 5088] munmap(0x7f01462f5000, 2097152 [pid 5093] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5088] <... munmap resumed>) = 0 [pid 5089] <... write resumed>) = 2097152 [pid 5088] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5094] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] munmap(0x7f01462f5000, 2097152 [pid 5088] <... openat resumed>) = 4 [pid 5090] munmap(0x7f01462f5000, 2097152) = 0 [pid 5089] <... munmap resumed>) = 0 [pid 5088] ioctl(4, LOOP_SET_FD, 3 [pid 5089] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5090] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5090] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... openat resumed>) = 4 [pid 5089] ioctl(4, LOOP_SET_FD, 3 [pid 5088] <... ioctl resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] close(3 [pid 5089] close(3 [pid 5088] <... close resumed>) = 0 [pid 5092] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5089] <... close resumed>) = 0 [pid 5088] mkdir("./file0", 0777 [pid 5089] mkdir("./file0", 0777 [pid 5088] <... mkdir resumed>) = 0 [pid 5089] <... mkdir resumed>) = 0 [pid 5088] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5089] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5093] <... write resumed>) = 2097152 [pid 5090] <... ioctl resumed>) = 0 [pid 5090] close(3) = 0 [ 54.921134][ T5088] loop4: detected capacity change from 0 to 4096 [ 54.927728][ T5090] loop5: detected capacity change from 0 to 4096 [ 54.936351][ T5089] loop2: detected capacity change from 0 to 4096 [ 54.956365][ T5088] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5090] mkdir("./file0", 0777) = 0 [pid 5090] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5094] <... write resumed>) = 2097152 [pid 5093] munmap(0x7f01462f5000, 2097152) = 0 [pid 5094] munmap(0x7f01462f5000, 2097152) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5093] ioctl(4, LOOP_SET_FD, 3 [pid 5094] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5092] <... write resumed>) = 2097152 [pid 5094] <... openat resumed>) = 4 [ 54.967149][ T5089] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 54.979026][ T5090] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 55.010260][ T5093] loop0: detected capacity change from 0 to 4096 [pid 5094] ioctl(4, LOOP_SET_FD, 3 [pid 5093] <... ioctl resumed>) = 0 [pid 5092] munmap(0x7f01462f5000, 2097152 [pid 5089] <... mount resumed>) = 0 [pid 5088] <... mount resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5092] <... munmap resumed>) = 0 [pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5094] close(3 [pid 5092] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5089] <... openat resumed>) = 3 [pid 5088] <... openat resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5093] close(3 [pid 5092] <... openat resumed>) = 4 [pid 5089] chdir("./file0" [pid 5088] chdir("./file0" [pid 5094] mkdir("./file0", 0777 [pid 5093] <... close resumed>) = 0 [pid 5092] ioctl(4, LOOP_SET_FD, 3 [pid 5090] <... mount resumed>) = 0 [pid 5089] <... chdir resumed>) = 0 [pid 5088] <... chdir resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5093] mkdir("./file0", 0777 [pid 5094] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5093] <... mkdir resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] ioctl(4, LOOP_CLR_FD [pid 5088] ioctl(4, LOOP_CLR_FD [pid 5092] close(3 [pid 5090] <... openat resumed>) = 3 [pid 5089] <... ioctl resumed>) = 0 [pid 5088] <... ioctl resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5090] chdir("./file0" [pid 5089] close(4 [pid 5088] close(4 [pid 5093] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5092] mkdir("./file0", 0777 [pid 5090] <... chdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5088] <... close resumed>) = 0 [ 55.020857][ T5094] loop1: detected capacity change from 0 to 4096 [ 55.040247][ T5092] loop3: detected capacity change from 0 to 4096 [ 55.046312][ T5094] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 55.059496][ T5093] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5092] <... mkdir resumed>) = 0 [pid 5090] ioctl(4, LOOP_CLR_FD [pid 5089] exit_group(0 [pid 5088] exit_group(0 [pid 5092] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5090] <... ioctl resumed>) = 0 [pid 5089] <... exit_group resumed>) = ? [pid 5088] <... exit_group resumed>) = ? [pid 5090] close(4 [pid 5089] +++ exited with 0 +++ [pid 5088] +++ exited with 0 +++ [pid 5090] <... close resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5090] exit_group(0) = ? [pid 5090] +++ exited with 0 +++ [pid 5073] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] fstat(3, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] getdents64(3, [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5075] <... openat resumed>) = 3 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] fstat(3, [pid 5073] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] getdents64(3, [pid 5073] lstat("./1/binderfs", [pid 5076] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] fstat(3, [pid 5075] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] unlink("./1/binderfs" [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... unlink resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] lstat("./1/binderfs", [pid 5073] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] unlink("./1/binderfs" [pid 5073] <... umount2 resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] lstat("./1/binderfs", [pid 5075] <... unlink resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] lstat("./1/file0", [pid 5076] unlink("./1/binderfs" [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5073] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] <... umount2 resumed>) = 0 [pid 5073] fstat(4, [pid 5075] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] getdents64(4, [pid 5075] lstat("./1/file0", [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(4, [pid 5075] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] close(4 [pid 5075] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... close resumed>) = 0 [pid 5075] <... openat resumed>) = 4 [pid 5073] rmdir("./1/file0" [pid 5075] fstat(4, [pid 5073] <... rmdir resumed>) = 0 [pid 5094] <... mount resumed>) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(3, [pid 5094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [ 55.071676][ T5092] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5075] getdents64(4, [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5094] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] close(3 [pid 5094] chdir("./file0" [pid 5076] <... umount2 resumed>) = 0 [pid 5075] getdents64(4, [pid 5073] <... close resumed>) = 0 [pid 5094] <... chdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] rmdir("./1" [pid 5094] ioctl(4, LOOP_CLR_FD [pid 5076] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(4 [pid 5073] <... rmdir resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5073] mkdir("./2", 0777 [pid 5094] close(4 [pid 5076] lstat("./1/file0", [pid 5075] rmdir("./1/file0" [pid 5073] <... mkdir resumed>) = 0 [pid 5092] <... mount resumed>) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... openat resumed>) = 3 [pid 5092] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... rmdir resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5092] chdir("./file0" [pid 5076] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] getdents64(3, [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] exit_group(0 [pid 5092] <... chdir resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(3 [pid 5094] <... exit_group resumed>) = ? [pid 5092] ioctl(4, LOOP_CLR_FD [pid 5076] fstat(4, [pid 5075] close(3 [pid 5073] <... close resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5094] +++ exited with 0 +++ [pid 5092] close(4 [pid 5076] getdents64(4, [pid 5075] rmdir("./1" [pid 5092] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5095 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5092] exit_group(0 [pid 5076] getdents64(4, [pid 5075] <... rmdir resumed>) = 0 [pid 5092] <... exit_group resumed>) = ? [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] mkdir("./2", 0777 [pid 5092] +++ exited with 0 +++ [pid 5076] close(4./strace-static-x86_64: Process 5095 attached [pid 5075] <... mkdir resumed>) = 0 [pid 5095] chdir("./2" [pid 5076] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5095] <... chdir resumed>) = 0 [pid 5076] rmdir("./1/file0" [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3 [pid 5095] <... prctl resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5074] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] setpgid(0, 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5095] <... setpgid resumed>) = 0 [pid 5076] close(3 [pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... close resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5096 [pid 5074] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... openat resumed>) = 3 [pid 5095] <... openat resumed>) = 3 [pid 5076] rmdir("./1" [pid 5074] <... openat resumed>) = 3 [pid 5072] fstat(3, [pid 5095] write(3, "1000", 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5074] fstat(3, [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5095] <... write resumed>) = 4 [pid 5076] mkdir("./2", 0777 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(3, [pid 5095] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 5074] getdents64(3, [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5095] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5095] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... openat resumed>) = 3 [pid 5074] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5095] <... symlink resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./1/binderfs", [pid 5095] memfd_create("syzkaller", 0 [pid 5093] <... mount resumed>) = 0 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] lstat("./1/binderfs", [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5095] <... memfd_create resumed>) = 3 [pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] unlink("./1/binderfs"./strace-static-x86_64: Process 5096 attached [pid 5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5093] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5074] unlink("./1/binderfs" [pid 5072] <... unlink resumed>) = 0 [pid 5096] chdir("./2" [pid 5095] <... mmap resumed>) = 0x7f01462f5000 [pid 5093] chdir("./file0" [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... unlink resumed>) = 0 [pid 5072] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] <... chdir resumed>) = 0 [pid 5093] <... chdir resumed>) = 0 [pid 5074] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5093] ioctl(4, LOOP_CLR_FD [pid 5096] <... prctl resumed>) = 0 [pid 5093] <... ioctl resumed>) = 0 [pid 5096] setpgid(0, 0 [pid 5093] close(4 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5097 [pid 5096] <... setpgid resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5093] exit_group(0 [pid 5096] <... openat resumed>) = 3 [pid 5093] <... exit_group resumed>) = ? [pid 5096] write(3, "1000", 4 [pid 5093] +++ exited with 0 +++ [pid 5096] <... write resumed>) = 4 [pid 5096] close(3 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5096] <... close resumed>) = 0 [pid 5096] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5096] memfd_create("syzkaller", 0 [pid 5071] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5096] <... memfd_create resumed>) = 3 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5096] <... mmap resumed>) = 0x7f01462f5000 ./strace-static-x86_64: Process 5097 attached [pid 5074] <... umount2 resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5097] chdir("./2" [pid 5074] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] fstat(3, [pid 5097] <... chdir resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] lstat("./1/file0", [pid 5072] lstat("./1/file0", [pid 5071] getdents64(3, [pid 5097] <... prctl resumed>) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5097] setpgid(0, 0 [pid 5074] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5097] <... setpgid resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5097] <... openat resumed>) = 3 [pid 5074] <... openat resumed>) = 4 [pid 5097] write(3, "1000", 4 [pid 5074] fstat(4, [pid 5072] <... openat resumed>) = 4 [pid 5071] lstat("./1/binderfs", [pid 5097] <... write resumed>) = 4 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] fstat(4, [pid 5097] close(3 [pid 5074] getdents64(4, [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5097] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, [pid 5071] unlink("./1/binderfs" [pid 5097] symlink("/dev/binderfs", "./binderfs" [pid 5095] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] getdents64(4, [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5097] <... symlink resumed>) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] getdents64(4, [pid 5071] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] memfd_create("syzkaller", 0 [pid 5074] close(4 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] <... close resumed>) = 0 [pid 5074] rmdir("./1/file0" [pid 5097] <... memfd_create resumed>) = 3 [pid 5072] close(4 [pid 5071] <... umount2 resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5074] getdents64(3, [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] rmdir("./1/file0" [pid 5071] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5072] getdents64(3, [pid 5074] close(3 [pid 5097] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] rmdir("./1" [pid 5072] close(3 [pid 5071] lstat("./1/file0", [pid 5074] <... rmdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5074] mkdir("./2", 0777 [pid 5072] rmdir("./1" [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5074] <... mkdir resumed>) = 0 [pid 5072] mkdir("./2", 0777 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5071] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... openat resumed>) = 3 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5072] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 4 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] fstat(4, [pid 5074] close(3 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... close resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] close(3 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5098 [pid 5072] <... close resumed>) = 0 [pid 5071] getdents64(4, [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(4 [pid 5096] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5099 [pid 5071] <... close resumed>) = 0 ./strace-static-x86_64: Process 5098 attached [pid 5098] chdir("./2" [pid 5071] rmdir("./1/file0" [pid 5098] <... chdir resumed>) = 0 [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5099 attached [pid 5098] <... prctl resumed>) = 0 [pid 5071] getdents64(3, [pid 5099] chdir("./2" [pid 5098] setpgid(0, 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3 [pid 5099] <... chdir resumed>) = 0 [pid 5098] <... setpgid resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] rmdir("./1" [pid 5099] <... prctl resumed>) = 0 [pid 5098] <... openat resumed>) = 3 [pid 5098] write(3, "1000", 4 [pid 5099] setpgid(0, 0 [pid 5098] <... write resumed>) = 4 [pid 5071] <... rmdir resumed>) = 0 [pid 5099] <... setpgid resumed>) = 0 [pid 5098] close(3 [pid 5071] mkdir("./2", 0777 [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5098] <... close resumed>) = 0 [pid 5098] symlink("/dev/binderfs", "./binderfs" [pid 5071] <... mkdir resumed>) = 0 [pid 5099] <... openat resumed>) = 3 [pid 5098] <... symlink resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5099] write(3, "1000", 4 [pid 5098] memfd_create("syzkaller", 0 [pid 5099] <... write resumed>) = 4 [pid 5098] <... memfd_create resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5099] close(3 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5099] <... close resumed>) = 0 [pid 5098] <... mmap resumed>) = 0x7f01462f5000 [pid 5096] <... write resumed>) = 2097152 [pid 5095] <... write resumed>) = 2097152 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5099] symlink("/dev/binderfs", "./binderfs" [pid 5097] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5095] munmap(0x7f01462f5000, 2097152 [pid 5071] close(3 [pid 5099] <... symlink resumed>) = 0 [pid 5095] <... munmap resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5099] memfd_create("syzkaller", 0 [pid 5096] munmap(0x7f01462f5000, 2097152 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5096] <... munmap resumed>) = 0 [pid 5096] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5100 [pid 5099] <... memfd_create resumed>) = 3 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5095] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5099] <... mmap resumed>) = 0x7f01462f5000 [pid 5095] <... openat resumed>) = 4 [pid 5095] ioctl(4, LOOP_SET_FD, 3 [pid 5096] <... openat resumed>) = 4 [pid 5096] ioctl(4, LOOP_SET_FD, 3 [pid 5098] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 5100 attached [pid 5100] chdir("./2") = 0 [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] <... ioctl resumed>) = 0 [pid 5100] <... prctl resumed>) = 0 [pid 5095] close(3 [pid 5100] setpgid(0, 0) = 0 [pid 5095] <... close resumed>) = 0 [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] mkdir("./file0", 0777 [pid 5100] <... openat resumed>) = 3 [pid 5100] write(3, "1000", 4 [pid 5095] <... mkdir resumed>) = 0 [pid 5100] <... write resumed>) = 4 [pid 5096] <... ioctl resumed>) = 0 [pid 5095] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5100] close(3 [pid 5096] close(3 [pid 5100] <... close resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5100] symlink("/dev/binderfs", "./binderfs" [pid 5096] mkdir("./file0", 0777 [pid 5100] <... symlink resumed>) = 0 [pid 5096] <... mkdir resumed>) = 0 [pid 5100] memfd_create("syzkaller", 0 [ 55.422344][ T5095] loop2: detected capacity change from 0 to 4096 [ 55.424396][ T5096] loop4: detected capacity change from 0 to 4096 [ 55.462042][ T5095] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5096] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5100] <... memfd_create resumed>) = 3 [pid 5097] <... write resumed>) = 2097152 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5097] munmap(0x7f01462f5000, 2097152) = 0 [pid 5097] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5099] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5097] <... openat resumed>) = 4 [pid 5097] ioctl(4, LOOP_SET_FD, 3 [pid 5100] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5098] <... write resumed>) = 2097152 [pid 5097] <... ioctl resumed>) = 0 [pid 5097] close(3) = 0 [pid 5097] mkdir("./file0", 0777 [pid 5095] <... mount resumed>) = 0 [pid 5097] <... mkdir resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5099] <... write resumed>) = 2097152 [pid 5097] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5095] <... openat resumed>) = 3 [ 55.482382][ T5096] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 55.513044][ T5097] loop5: detected capacity change from 0 to 4096 [pid 5099] munmap(0x7f01462f5000, 2097152 [pid 5098] munmap(0x7f01462f5000, 2097152) = 0 [pid 5096] <... mount resumed>) = 0 [pid 5095] chdir("./file0") = 0 [pid 5095] ioctl(4, LOOP_CLR_FD) = 0 [pid 5095] close(4 [pid 5098] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5095] <... close resumed>) = 0 [pid 5098] <... openat resumed>) = 4 [pid 5096] <... openat resumed>) = 3 [pid 5098] ioctl(4, LOOP_SET_FD, 3 [pid 5095] exit_group(0 [pid 5096] chdir("./file0" [pid 5099] <... munmap resumed>) = 0 [pid 5096] <... chdir resumed>) = 0 [pid 5095] <... exit_group resumed>) = ? [pid 5096] ioctl(4, LOOP_CLR_FD [pid 5099] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5096] <... ioctl resumed>) = 0 [pid 5099] <... openat resumed>) = 4 [pid 5096] close(4 [pid 5095] +++ exited with 0 +++ [pid 5099] ioctl(4, LOOP_SET_FD, 3 [pid 5096] <... close resumed>) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5096] exit_group(0) = ? [pid 5096] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5075] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5073] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5073] <... openat resumed>) = 3 [pid 5098] <... ioctl resumed>) = 0 [pid 5075] fstat(3, [pid 5073] fstat(3, [pid 5098] close(3 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5098] <... close resumed>) = 0 [pid 5075] getdents64(3, [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5098] mkdir("./file0", 0777 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] getdents64(3, [pid 5098] <... mkdir resumed>) = 0 [pid 5075] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5099] <... ioctl resumed>) = 0 [pid 5098] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5097] <... mount resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 55.557084][ T5097] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 55.577045][ T5098] loop3: detected capacity change from 0 to 4096 [ 55.592104][ T5099] loop1: detected capacity change from 0 to 4096 [pid 5073] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] <... write resumed>) = 2097152 [pid 5099] close(3 [pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] lstat("./2/binderfs", [pid 5099] <... close resumed>) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5099] mkdir("./file0", 0777 [pid 5097] <... openat resumed>) = 3 [pid 5100] munmap(0x7f01462f5000, 2097152 [pid 5075] unlink("./2/binderfs" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... mkdir resumed>) = 0 [pid 5097] chdir("./file0" [pid 5075] <... unlink resumed>) = 0 [pid 5073] lstat("./2/binderfs", [pid 5100] <... munmap resumed>) = 0 [pid 5099] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5097] <... chdir resumed>) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5100] <... openat resumed>) = 4 [pid 5097] ioctl(4, LOOP_CLR_FD [pid 5073] unlink("./2/binderfs" [pid 5100] ioctl(4, LOOP_SET_FD, 3 [pid 5097] <... ioctl resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5097] close(4 [pid 5073] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] <... close resumed>) = 0 [pid 5075] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5097] exit_group(0) = ? [pid 5100] <... ioctl resumed>) = 0 [pid 5097] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./2/file0", [pid 5076] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5100] close(3 [pid 5076] fstat(3, [pid 5075] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... mount resumed>) = 0 [pid 5076] getdents64(3, [ 55.623195][ T5098] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 55.644801][ T5099] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 55.645997][ T5100] loop0: detected capacity change from 0 to 4096 [pid 5075] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] <... openat resumed>) = 4 [pid 5100] <... close resumed>) = 0 [pid 5099] <... openat resumed>) = 3 [pid 5076] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] fstat(4, [pid 5100] mkdir("./file0", 0777 [pid 5099] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5099] <... chdir resumed>) = 0 [pid 5076] lstat("./2/binderfs", [pid 5075] getdents64(4, [pid 5073] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5100] <... mkdir resumed>) = 0 [pid 5099] ioctl(4, LOOP_CLR_FD [pid 5098] <... mount resumed>) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5100] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5099] <... ioctl resumed>) = 0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] unlink("./2/binderfs" [pid 5075] getdents64(4, [pid 5073] lstat("./2/file0", [pid 5099] close(4 [pid 5098] <... openat resumed>) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5099] <... close resumed>) = 0 [pid 5098] chdir("./file0" [pid 5076] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(4 [pid 5073] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5099] exit_group(0 [pid 5098] <... chdir resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5099] <... exit_group resumed>) = ? [pid 5098] ioctl(4, LOOP_CLR_FD [pid 5073] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5099] +++ exited with 0 +++ [pid 5098] <... ioctl resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5098] close(4 [pid 5073] fstat(4, [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5098] <... close resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5098] exit_group(0 [pid 5073] getdents64(4, [pid 5098] <... exit_group resumed>) = ? [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5098] +++ exited with 0 +++ [pid 5073] getdents64(4, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] close(4 [pid 5072] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5072] fstat(3, [pid 5075] rmdir("./2/file0" [pid 5073] rmdir("./2/file0" [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5073] <... rmdir resumed>) = 0 [pid 5072] getdents64(3, [pid 5075] getdents64(3, [pid 5074] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(3, [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3 [pid 5074] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] close(3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5072] lstat("./2/binderfs", [pid 5076] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] rmdir("./2" [pid 5074] fstat(3, [pid 5073] rmdir("./2" [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... rmdir resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] unlink("./2/binderfs" [pid 5076] lstat("./2/file0", [pid 5075] mkdir("./3", 0777 [pid 5074] getdents64(3, [pid 5073] mkdir("./3", 0777 [pid 5072] <... unlink resumed>) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] <... mkdir resumed>) = 0 [pid 5072] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5074] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... openat resumed>) = 3 [pid 5072] <... umount2 resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5074] lstat("./2/binderfs", [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 4 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] fstat(4, [pid 5075] close(3 [pid 5074] unlink("./2/binderfs" [pid 5073] close(3 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... close resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5076] getdents64(4, [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... unlink resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] getdents64(4, [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5102 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5101 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./2/file0") = 0 [pid 5076] getdents64(3, ./strace-static-x86_64: Process 5102 attached 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] chdir("./3" [pid 5076] close(3 [pid 5102] <... chdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] rmdir("./2" [pid 5072] lstat("./2/file0", [pid 5102] <... prctl resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 ./strace-static-x86_64: Process 5101 attached [pid 5102] setpgid(0, 0 [pid 5076] mkdir("./3", 0777 [pid 5072] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] <... setpgid resumed>) = 0 [pid 5101] chdir("./3" [pid 5076] <... mkdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5101] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5072] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5102] <... openat resumed>) = 3 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... openat resumed>) = 3 [pid 5072] <... openat resumed>) = 4 [pid 5102] write(3, "1000", 4 [pid 5101] <... prctl resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5072] fstat(4, [pid 5102] <... write resumed>) = 4 [pid 5101] setpgid(0, 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5102] close(3 [pid 5101] <... setpgid resumed>) = 0 [pid 5076] close(3 [pid 5072] getdents64(4, [pid 5102] <... close resumed>) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5102] symlink("/dev/binderfs", "./binderfs" [pid 5101] <... openat resumed>) = 3 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] getdents64(4, [pid 5102] <... symlink resumed>) = 0 [ 55.711810][ T5100] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5101] write(3, "1000", 4 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5102] memfd_create("syzkaller", 0 [pid 5101] <... write resumed>) = 4 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5103 [pid 5072] close(4 [pid 5102] <... memfd_create resumed>) = 3 [pid 5101] close(3 [pid 5072] <... close resumed>) = 0 [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5101] <... close resumed>) = 0 [pid 5072] rmdir("./2/file0" [pid 5102] <... mmap resumed>) = 0x7f01462f5000 [pid 5101] symlink("/dev/binderfs", "./binderfs" [pid 5072] <... rmdir resumed>) = 0 [pid 5101] <... symlink resumed>) = 0 [pid 5074] <... umount2 resumed>) = 0 [pid 5072] getdents64(3, [pid 5101] memfd_create("syzkaller", 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5101] <... memfd_create resumed>) = 3 [pid 5072] close(3 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... close resumed>) = 0 [pid 5101] <... mmap resumed>) = 0x7f01462f5000 [pid 5072] rmdir("./2") = 0 [pid 5072] mkdir("./3", 0777) = 0 ./strace-static-x86_64: Process 5103 attached [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5103] chdir("./3" [pid 5072] <... openat resumed>) = 3 [pid 5103] <... chdir resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5103] <... prctl resumed>) = 0 [pid 5072] close(3 [pid 5103] setpgid(0, 0 [pid 5072] <... close resumed>) = 0 [pid 5103] <... setpgid resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5104 [pid 5103] write(3, "1000", 4) = 4 [pid 5103] close(3) = 0 [pid 5103] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5103] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5104 attached ) = 3 [pid 5074] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5104] chdir("./3" [pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5104] <... chdir resumed>) = 0 [pid 5103] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] lstat("./2/file0", [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5104] <... prctl resumed>) = 0 [pid 5074] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5104] setpgid(0, 0 [pid 5100] <... mount resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5104] <... setpgid resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] <... openat resumed>) = 4 [pid 5104] <... openat resumed>) = 3 [pid 5074] fstat(4, [pid 5104] write(3, "1000", 4 [pid 5100] <... openat resumed>) = 3 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5104] <... write resumed>) = 4 [pid 5074] getdents64(4, [pid 5104] close(3 [pid 5100] chdir("./file0" [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5104] <... close resumed>) = 0 [pid 5074] getdents64(4, [pid 5104] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5104] <... symlink resumed>) = 0 [pid 5100] <... chdir resumed>) = 0 [pid 5074] close(4 [pid 5104] memfd_create("syzkaller", 0 [pid 5100] ioctl(4, LOOP_CLR_FD [pid 5074] <... close resumed>) = 0 [pid 5104] <... memfd_create resumed>) = 3 [pid 5074] rmdir("./2/file0" [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5100] <... ioctl resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5104] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] getdents64(3, [pid 5100] close(4 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] close(3 [pid 5100] <... close resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5074] rmdir("./2" [pid 5100] exit_group(0 [pid 5074] <... rmdir resumed>) = 0 [pid 5100] <... exit_group resumed>) = ? [pid 5074] mkdir("./3", 0777 [pid 5100] +++ exited with 0 +++ [pid 5074] <... mkdir resumed>) = 0 [pid 5102] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5074] <... openat resumed>) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5101] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... close resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... openat resumed>) = 3 [pid 5071] fstat(3, [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5105 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5105 attached [pid 5071] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5105] chdir("./3" [pid 5071] lstat("./2/binderfs", [pid 5105] <... chdir resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] unlink("./2/binderfs" [pid 5105] <... prctl resumed>) = 0 [pid 5103] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5071] <... unlink resumed>) = 0 [pid 5105] setpgid(0, 0 [pid 5071] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5105] <... setpgid resumed>) = 0 [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5105] write(3, "1000", 4) = 4 [pid 5105] close(3) = 0 [pid 5105] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5105] memfd_create("syzkaller", 0 [pid 5102] <... write resumed>) = 2097152 [pid 5105] <... memfd_create resumed>) = 3 [pid 5071] <... umount2 resumed>) = 0 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5104] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5105] <... mmap resumed>) = 0x7f01462f5000 [pid 5101] <... write resumed>) = 2097152 [pid 5102] munmap(0x7f01462f5000, 2097152 [pid 5071] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./2/file0", [pid 5102] <... munmap resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] fstat(4, [pid 5101] munmap(0x7f01462f5000, 2097152) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5102] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] getdents64(4, [pid 5102] <... openat resumed>) = 4 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5102] ioctl(4, LOOP_SET_FD, 3 [pid 5071] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(4) = 0 [pid 5071] rmdir("./2/file0" [pid 5101] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5071] <... rmdir resumed>) = 0 [pid 5101] <... openat resumed>) = 4 [pid 5071] getdents64(3, [pid 5101] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5103] <... write resumed>) = 2097152 [pid 5071] close(3) = 0 [pid 5071] rmdir("./2" [pid 5104] <... write resumed>) = 2097152 [pid 5071] <... rmdir resumed>) = 0 [pid 5071] mkdir("./3", 0777) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5071] close(3) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5106 [pid 5102] <... ioctl resumed>) = 0 [pid 5102] close(3) = 0 [pid 5102] mkdir("./file0", 0777./strace-static-x86_64: Process 5106 attached ) = 0 [pid 5106] chdir("./3") = 0 [pid 5102] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5101] <... ioctl resumed>) = 0 [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5101] close(3 [pid 5106] <... prctl resumed>) = 0 [pid 5101] <... close resumed>) = 0 [pid 5106] setpgid(0, 0 [pid 5104] munmap(0x7f01462f5000, 2097152 [pid 5101] mkdir("./file0", 0777 [pid 5106] <... setpgid resumed>) = 0 [pid 5104] <... munmap resumed>) = 0 [pid 5103] munmap(0x7f01462f5000, 2097152 [pid 5101] <... mkdir resumed>) = 0 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 55.980393][ T5102] loop4: detected capacity change from 0 to 4096 [ 55.991472][ T5101] loop2: detected capacity change from 0 to 4096 [ 56.018950][ T5102] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5101] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5106] <... openat resumed>) = 3 [pid 5106] write(3, "1000", 4 [pid 5105] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5103] <... munmap resumed>) = 0 [pid 5106] <... write resumed>) = 4 [pid 5104] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5106] close(3 [pid 5104] <... openat resumed>) = 4 [pid 5106] <... close resumed>) = 0 [pid 5104] ioctl(4, LOOP_SET_FD, 3 [pid 5103] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5106] symlink("/dev/binderfs", "./binderfs" [pid 5103] <... openat resumed>) = 4 [pid 5106] <... symlink resumed>) = 0 [pid 5103] ioctl(4, LOOP_SET_FD, 3 [pid 5106] memfd_create("syzkaller", 0) = 3 [pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5103] <... ioctl resumed>) = 0 [pid 5103] close(3) = 0 [pid 5103] mkdir("./file0", 0777 [pid 5101] <... mount resumed>) = 0 [pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5103] <... mkdir resumed>) = 0 [pid 5103] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5101] <... openat resumed>) = 3 [ 56.036374][ T5101] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 56.050867][ T5104] loop1: detected capacity change from 0 to 4096 [ 56.060964][ T5103] loop5: detected capacity change from 0 to 4096 [pid 5101] chdir("./file0") = 0 [pid 5101] ioctl(4, LOOP_CLR_FD) = 0 [pid 5101] close(4) = 0 [pid 5101] exit_group(0 [pid 5104] <... ioctl resumed>) = 0 [pid 5101] <... exit_group resumed>) = ? [pid 5104] close(3 [pid 5101] +++ exited with 0 +++ [pid 5104] <... close resumed>) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5104] mkdir("./file0", 0777) = 0 [pid 5104] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5073] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5073] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5105] <... write resumed>) = 2097152 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5105] munmap(0x7f01462f5000, 2097152 [pid 5073] lstat("./3/binderfs", [pid 5102] <... mount resumed>) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] unlink("./3/binderfs" [pid 5102] <... openat resumed>) = 3 [pid 5073] <... unlink resumed>) = 0 [pid 5102] chdir("./file0" [pid 5073] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5102] <... chdir resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5102] ioctl(4, LOOP_CLR_FD) = 0 [pid 5102] close(4) = 0 [ 56.083214][ T5103] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 56.098114][ T5104] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5102] exit_group(0 [pid 5106] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5102] <... exit_group resumed>) = ? [pid 5105] <... munmap resumed>) = 0 [pid 5102] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5105] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5105] ioctl(4, LOOP_SET_FD, 3 [pid 5075] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] lstat("./3/file0", [pid 5075] getdents64(3, [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./3/binderfs", [pid 5073] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5075] unlink("./3/binderfs" [pid 5073] fstat(4, [pid 5103] <... mount resumed>) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(4, [pid 5105] <... ioctl resumed>) = 0 [pid 5103] <... openat resumed>) = 3 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] <... umount2 resumed>) = 0 [pid 5073] getdents64(4, [pid 5103] chdir("./file0" [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5103] <... chdir resumed>) = 0 [pid 5073] close(4 [pid 5105] close(3 [pid 5104] <... mount resumed>) = 0 [pid 5103] ioctl(4, LOOP_CLR_FD [pid 5073] <... close resumed>) = 0 [pid 5105] <... close resumed>) = 0 [pid 5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5103] <... ioctl resumed>) = 0 [pid 5073] rmdir("./3/file0" [pid 5105] mkdir("./file0", 0777 [pid 5104] <... openat resumed>) = 3 [pid 5103] close(4 [pid 5073] <... rmdir resumed>) = 0 [pid 5104] chdir("./file0" [pid 5103] <... close resumed>) = 0 [pid 5073] getdents64(3, [pid 5104] <... chdir resumed>) = 0 [pid 5103] exit_group(0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5104] ioctl(4, LOOP_CLR_FD [pid 5103] <... exit_group resumed>) = ? [pid 5075] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(3 [pid 5104] <... ioctl resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... close resumed>) = 0 [pid 5104] close(4 [pid 5075] lstat("./3/file0", [pid 5073] rmdir("./3" [pid 5104] <... close resumed>) = 0 [pid 5103] +++ exited with 0 +++ [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5105] <... mkdir resumed>) = 0 [pid 5104] exit_group(0 [pid 5075] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] mkdir("./4", 0777 [pid 5104] <... exit_group resumed>) = ? [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... mkdir resumed>) = 0 [pid 5105] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5104] +++ exited with 0 +++ [pid 5076] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 4 [pid 5073] <... openat resumed>) = 3 [ 56.165245][ T5105] loop3: detected capacity change from 0 to 4096 [pid 5076] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] fstat(4, [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] <... openat resumed>) = 3 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] fstat(3, [pid 5075] getdents64(4, [pid 5073] close(3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] <... close resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5106] <... write resumed>) = 2097152 [pid 5076] getdents64(3, [pid 5075] getdents64(4, [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] fstat(3, [pid 5076] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(4 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5107 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5072] getdents64(3, [pid 5076] lstat("./3/binderfs", [pid 5075] rmdir("./3/file0" [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5072] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5106] munmap(0x7f01462f5000, 2097152 [pid 5076] unlink("./3/binderfs" [pid 5075] getdents64(3, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5107 attached [pid 5106] <... munmap resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] lstat("./3/binderfs", [pid 5107] chdir("./4" [pid 5076] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5107] <... chdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5072] unlink("./3/binderfs" [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] rmdir("./3" [pid 5072] <... unlink resumed>) = 0 [pid 5107] <... prctl resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5072] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] setpgid(0, 0 [pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] mkdir("./4", 0777 [pid 5107] <... setpgid resumed>) = 0 [pid 5106] <... openat resumed>) = 4 [pid 5075] <... mkdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5106] ioctl(4, LOOP_SET_FD, 3 [ 56.221012][ T5105] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5107] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5107] write(3, "1000", 4 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5107] <... write resumed>) = 4 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5107] close(3 [pid 5076] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3 [pid 5107] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5107] symlink("/dev/binderfs", "./binderfs" [pid 5076] lstat("./3/file0", [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5107] <... symlink resumed>) = 0 [pid 5105] <... mount resumed>) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5107] memfd_create("syzkaller", 0 [pid 5076] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5108 [pid 5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... memfd_create resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] <... mmap resumed>) = 0x7f01462f5000 [pid 5105] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 4 [pid 5072] lstat("./3/file0", ./strace-static-x86_64: Process 5108 attached [pid 5105] chdir("./file0" [pid 5076] fstat(4, [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5105] <... chdir resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5105] ioctl(4, LOOP_CLR_FD [pid 5076] getdents64(4, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5106] <... ioctl resumed>) = 0 [pid 5105] <... ioctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5106] close(3 [pid 5105] close(4 [pid 5076] getdents64(4, [pid 5072] <... openat resumed>) = 4 [pid 5108] chdir("./4" [pid 5106] <... close resumed>) = 0 [pid 5105] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] fstat(4, [pid 5106] mkdir("./file0", 0777 [pid 5105] exit_group(0 [pid 5076] close(4 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5108] <... chdir resumed>) = 0 [pid 5106] <... mkdir resumed>) = 0 [pid 5105] <... exit_group resumed>) = ? [pid 5076] <... close resumed>) = 0 [pid 5072] getdents64(4, [pid 5106] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5076] rmdir("./3/file0" [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5105] +++ exited with 0 +++ [pid 5076] <... rmdir resumed>) = 0 [pid 5072] getdents64(4, [pid 5076] getdents64(3, [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5108] <... prctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] close(4 [pid 5108] setpgid(0, 0 [pid 5076] close(3 [pid 5072] <... close resumed>) = 0 [pid 5108] <... setpgid resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5074] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] rmdir("./3/file0" [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] rmdir("./3" [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... rmdir resumed>) = 0 [pid 5108] <... openat resumed>) = 3 [pid 5076] <... rmdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(3, [pid 5076] mkdir("./4", 0777 [pid 5074] <... openat resumed>) = 3 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5108] write(3, "1000", 4 [pid 5076] <... mkdir resumed>) = 0 [pid 5074] fstat(3, [pid 5072] close(3 [pid 5108] <... write resumed>) = 4 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... close resumed>) = 0 [pid 5108] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5074] getdents64(3, [pid 5072] rmdir("./3" [pid 5108] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... rmdir resumed>) = 0 [pid 5108] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] mkdir("./4", 0777 [pid 5108] <... symlink resumed>) = 0 [pid 5076] close(3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... mkdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5074] lstat("./3/binderfs", [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5108] memfd_create("syzkaller", 0 [pid 5074] unlink("./3/binderfs" [pid 5072] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5109 attached [pid 5108] <... memfd_create resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5109 [pid 5074] <... unlink resumed>) = 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] close(3 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... close resumed>) = 0 [pid 5109] chdir("./4" [pid 5108] <... mmap resumed>) = 0x7f01462f5000 [ 56.264313][ T5106] loop0: detected capacity change from 0 to 4096 [ 56.299685][ T5106] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5110 [pid 5109] <... chdir resumed>) = 0 [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5110 attached ) = 0 [pid 5110] chdir("./4" [pid 5109] setpgid(0, 0 [pid 5110] <... chdir resumed>) = 0 [pid 5109] <... setpgid resumed>) = 0 [pid 5107] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] <... umount2 resumed>) = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5110] setpgid(0, 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5110] <... setpgid resumed>) = 0 [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5109] <... openat resumed>) = 3 [pid 5110] <... openat resumed>) = 3 [pid 5109] write(3, "1000", 4 [pid 5110] write(3, "1000", 4) = 4 [pid 5110] close(3) = 0 [pid 5110] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5109] <... write resumed>) = 4 [pid 5110] memfd_create("syzkaller", 0) = 3 [pid 5109] close(3 [pid 5074] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] <... close resumed>) = 0 [pid 5110] <... mmap resumed>) = 0x7f01462f5000 [pid 5109] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5109] <... symlink resumed>) = 0 [pid 5074] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5074] fstat(4, [pid 5109] memfd_create("syzkaller", 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] getdents64(4, [pid 5109] <... memfd_create resumed>) = 3 [pid 5106] <... mount resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] getdents64(4, [pid 5106] <... openat resumed>) = 3 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5106] chdir("./file0" [pid 5074] close(4 [pid 5106] <... chdir resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5106] ioctl(4, LOOP_CLR_FD [pid 5074] rmdir("./3/file0" [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5106] <... ioctl resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5106] close(4 [pid 5074] getdents64(3, [pid 5109] <... mmap resumed>) = 0x7f01462f5000 [pid 5106] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5106] exit_group(0 [pid 5074] close(3 [pid 5106] <... exit_group resumed>) = ? [pid 5074] <... close resumed>) = 0 [pid 5106] +++ exited with 0 +++ [pid 5074] rmdir("./3") = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5074] mkdir("./4", 0777) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5071] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... openat resumed>) = 3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] <... write resumed>) = 2097152 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5071] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... openat resumed>) = 3 [pid 5074] close(3 [pid 5071] fstat(3, [pid 5074] <... close resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5111 [pid 5071] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./3/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] unlink("./3/binderfs") = 0 ./strace-static-x86_64: Process 5111 attached [pid 5071] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] chdir("./4") = 0 [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5111] setpgid(0, 0) = 0 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5107] munmap(0x7f01462f5000, 2097152 [pid 5111] <... openat resumed>) = 3 [pid 5107] <... munmap resumed>) = 0 [pid 5111] write(3, "1000", 4) = 4 [pid 5110] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5108] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5111] close(3) = 0 [pid 5111] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5111] memfd_create("syzkaller", 0) = 3 [pid 5071] <... umount2 resumed>) = 0 [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5107] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5071] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... openat resumed>) = 4 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5107] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5071] lstat("./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(4) = 0 [pid 5071] rmdir("./3/file0") = 0 [pid 5071] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./3") = 0 [pid 5071] mkdir("./4", 0777) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5107] close(3 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5107] <... close resumed>) = 0 [pid 5071] close(3 [pid 5107] mkdir("./file0", 0777 [pid 5071] <... close resumed>) = 0 [pid 5109] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5107] <... mkdir resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5107] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5112 ./strace-static-x86_64: Process 5112 attached [pid 5112] chdir("./4") = 0 [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5112] setpgid(0, 0) = 0 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5112] write(3, "1000", 4) = 4 [pid 5112] close(3) = 0 [pid 5112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5112] memfd_create("syzkaller", 0) = 3 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [ 56.467383][ T5107] loop2: detected capacity change from 0 to 4096 [ 56.506211][ T5107] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5108] <... write resumed>) = 2097152 [pid 5108] munmap(0x7f01462f5000, 2097152 [pid 5111] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5110] <... write resumed>) = 2097152 [pid 5108] <... munmap resumed>) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5110] munmap(0x7f01462f5000, 2097152 [pid 5108] <... openat resumed>) = 4 [pid 5110] <... munmap resumed>) = 0 [pid 5108] ioctl(4, LOOP_SET_FD, 3 [pid 5110] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5110] ioctl(4, LOOP_SET_FD, 3 [pid 5107] <... mount resumed>) = 0 [pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5107] chdir("./file0") = 0 [pid 5107] ioctl(4, LOOP_CLR_FD) = 0 [pid 5107] close(4) = 0 [pid 5107] exit_group(0) = ? [pid 5107] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5110] <... ioctl resumed>) = 0 [pid 5073] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] close(3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5110] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5110] mkdir("./file0", 0777 [pid 5073] <... openat resumed>) = 3 [pid 5110] <... mkdir resumed>) = 0 [pid 5073] fstat(3, [ 56.571330][ T5108] loop4: detected capacity change from 0 to 4096 [ 56.577655][ T5110] loop1: detected capacity change from 0 to 4096 [pid 5110] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5109] <... write resumed>) = 2097152 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5109] munmap(0x7f01462f5000, 2097152 [pid 5108] <... ioctl resumed>) = 0 [pid 5073] getdents64(3, [pid 5112] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5111] <... write resumed>) = 2097152 [pid 5108] close(3 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5108] <... close resumed>) = 0 [pid 5073] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5108] mkdir("./file0", 0777 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./4/binderfs", [pid 5111] munmap(0x7f01462f5000, 2097152 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5108] <... mkdir resumed>) = 0 [pid 5111] <... munmap resumed>) = 0 [pid 5109] <... munmap resumed>) = 0 [pid 5073] unlink("./4/binderfs" [pid 5108] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5073] <... unlink resumed>) = 0 [pid 5073] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5111] ioctl(4, LOOP_SET_FD, 3 [pid 5109] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5073] <... umount2 resumed>) = 0 [pid 5109] <... openat resumed>) = 4 [ 56.627870][ T5110] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 56.659002][ T5108] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 56.662751][ T5111] loop3: detected capacity change from 0 to 4096 [pid 5109] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5073] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5109] close(3) = 0 [pid 5073] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] mkdir("./file0", 0777 [pid 5073] <... openat resumed>) = 4 [pid 5073] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5111] <... ioctl resumed>) = 0 [pid 5073] getdents64(4, [pid 5111] close(3 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5111] <... close resumed>) = 0 [pid 5073] getdents64(4, [pid 5111] mkdir("./file0", 0777 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5111] <... mkdir resumed>) = 0 [pid 5073] close(4 [pid 5111] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5073] <... close resumed>) = 0 [pid 5073] rmdir("./4/file0" [pid 5112] <... write resumed>) = 2097152 [pid 5109] <... mkdir resumed>) = 0 [pid 5108] <... mount resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5073] getdents64(3, [pid 5109] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(3) = 0 [ 56.698544][ T5109] loop5: detected capacity change from 0 to 4096 [ 56.722985][ T5111] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5073] rmdir("./4" [pid 5108] <... openat resumed>) = 3 [pid 5073] <... rmdir resumed>) = 0 [pid 5073] mkdir("./5", 0777) = 0 [pid 5112] munmap(0x7f01462f5000, 2097152 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5112] <... munmap resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5073] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5073] close(3) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5113 [pid 5112] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5112] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5113 attached [pid 5108] chdir("./file0" [pid 5113] chdir("./5") = 0 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5113] setpgid(0, 0) = 0 [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5113] write(3, "1000", 4) = 4 [pid 5108] <... chdir resumed>) = 0 [pid 5113] close(3) = 0 [pid 5108] ioctl(4, LOOP_CLR_FD [pid 5113] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5108] <... ioctl resumed>) = 0 [pid 5110] <... mount resumed>) = 0 [pid 5113] memfd_create("syzkaller", 0 [pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5108] close(4 [pid 5113] <... memfd_create resumed>) = 3 [pid 5110] <... openat resumed>) = 3 [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5110] chdir("./file0" [pid 5108] <... close resumed>) = 0 [pid 5113] <... mmap resumed>) = 0x7f01462f5000 [pid 5110] <... chdir resumed>) = 0 [pid 5108] exit_group(0 [pid 5112] <... ioctl resumed>) = 0 [pid 5110] ioctl(4, LOOP_CLR_FD [pid 5108] <... exit_group resumed>) = ? [pid 5112] close(3 [pid 5110] <... ioctl resumed>) = 0 [pid 5112] <... close resumed>) = 0 [pid 5110] close(4 [pid 5112] mkdir("./file0", 0777 [pid 5110] <... close resumed>) = 0 [pid 5112] <... mkdir resumed>) = 0 [pid 5110] exit_group(0 [pid 5108] +++ exited with 0 +++ [pid 5112] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5110] <... exit_group resumed>) = ? [ 56.741075][ T5109] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 56.752904][ T5112] loop0: detected capacity change from 0 to 4096 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5110] +++ exited with 0 +++ [pid 5075] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 3 [pid 5072] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] fstat(3, [pid 5072] <... openat resumed>) = 3 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] fstat(3, [pid 5075] getdents64(3, [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] getdents64(3, [pid 5111] <... mount resumed>) = 0 [pid 5075] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... openat resumed>) = 3 [pid 5075] lstat("./4/binderfs", [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] chdir("./file0" [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] lstat("./4/binderfs", [pid 5111] <... chdir resumed>) = 0 [pid 5075] unlink("./4/binderfs" [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5111] ioctl(4, LOOP_CLR_FD [pid 5075] <... unlink resumed>) = 0 [pid 5072] unlink("./4/binderfs" [pid 5111] <... ioctl resumed>) = 0 [pid 5075] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... unlink resumed>) = 0 [pid 5111] close(4 [pid 5072] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... close resumed>) = 0 [ 56.794754][ T5112] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5111] exit_group(0 [pid 5075] <... umount2 resumed>) = 0 [pid 5111] <... exit_group resumed>) = ? [pid 5075] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./4/file0", [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(4, [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] getdents64(4, [pid 5074] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] fstat(3, [pid 5075] close(4 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] getdents64(3, [pid 5075] rmdir("./4/file0" [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] <... rmdir resumed>) = 0 [pid 5074] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5075] getdents64(3, [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] lstat("./4/binderfs", [pid 5072] <... umount2 resumed>) = 0 [pid 5075] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] unlink("./4/binderfs" [pid 5075] rmdir("./4" [pid 5074] <... unlink resumed>) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5074] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] mkdir("./5", 0777 [pid 5074] <... umount2 resumed>) = 0 [pid 5072] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... mkdir resumed>) = 0 [pid 5074] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./4/file0", [pid 5075] <... openat resumed>) = 3 [pid 5074] lstat("./4/file0", [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5112] <... mount resumed>) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5074] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] close(3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5112] <... openat resumed>) = 3 [pid 5074] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5112] chdir("./file0" [pid 5074] <... openat resumed>) = 4 [pid 5072] <... openat resumed>) = 4 [pid 5112] <... chdir resumed>) = 0 [pid 5074] fstat(4, [pid 5072] fstat(4, [pid 5112] ioctl(4, LOOP_CLR_FD [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5112] <... ioctl resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] getdents64(4, [pid 5072] getdents64(4, [pid 5112] close(4 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5112] <... close resumed>) = 0 [pid 5074] getdents64(4, [pid 5072] getdents64(4, [pid 5112] exit_group(0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5112] <... exit_group resumed>) = ? [pid 5074] close(4 [pid 5072] close(4 [pid 5112] +++ exited with 0 +++ [pid 5074] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5074] rmdir("./4/file0" [pid 5072] rmdir("./4/file0" [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=3 /* 0.03 s */} --- [pid 5109] <... mount resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] getdents64(3, [pid 5072] getdents64(3, [pid 5109] <... openat resumed>) = 3 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5114 [pid 5074] close(3 [pid 5072] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5109] chdir("./file0" [pid 5074] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] rmdir("./4" [pid 5072] rmdir("./4" [pid 5071] <... openat resumed>) = 3 [pid 5109] <... chdir resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] fstat(3, [pid 5109] ioctl(4, LOOP_CLR_FD [pid 5074] mkdir("./5", 0777 [pid 5072] mkdir("./5", 0777 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5074] <... mkdir resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5071] getdents64(3, ./strace-static-x86_64: Process 5114 attached [pid 5109] close(4 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5114] chdir("./5" [pid 5109] <... close resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5072] <... openat resumed>) = 3 [pid 5071] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5114] <... chdir resumed>) = 0 [pid 5109] exit_group(0 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5109] <... exit_group resumed>) = ? [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] lstat("./4/binderfs", [pid 5114] <... prctl resumed>) = 0 [pid 5074] close(3 [pid 5072] close(3 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5114] setpgid(0, 0 [pid 5074] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] unlink("./4/binderfs" [pid 5114] <... setpgid resumed>) = 0 [pid 5109] +++ exited with 0 +++ [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... unlink resumed>) = 0 [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5071] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5115 attached [pid 5114] <... openat resumed>) = 3 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5115 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5116 [pid 5071] <... umount2 resumed>) = 0 [pid 5114] write(3, "1000", 4 [pid 5115] chdir("./5" [pid 5114] <... write resumed>) = 4 [pid 5076] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5114] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5114] <... close resumed>) = 0 [pid 5113] <... write resumed>) = 2097152 [pid 5076] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5114] symlink("/dev/binderfs", "./binderfs" [pid 5113] munmap(0x7f01462f5000, 2097152 [pid 5076] <... openat resumed>) = 3 [pid 5115] <... chdir resumed>) = 0 [pid 5114] <... symlink resumed>) = 0 [pid 5113] <... munmap resumed>) = 0 [pid 5076] fstat(3, ./strace-static-x86_64: Process 5116 attached [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5114] memfd_create("syzkaller", 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5116] chdir("./5" [pid 5115] <... prctl resumed>) = 0 [pid 5114] <... memfd_create resumed>) = 3 [pid 5076] getdents64(3, [pid 5116] <... chdir resumed>) = 0 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5115] setpgid(0, 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5115] <... setpgid resumed>) = 0 [pid 5114] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] <... prctl resumed>) = 0 [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5113] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5116] setpgid(0, 0 [pid 5113] <... openat resumed>) = 4 [pid 5076] lstat("./4/binderfs", [pid 5116] <... setpgid resumed>) = 0 [pid 5115] <... openat resumed>) = 3 [pid 5113] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5115] write(3, "1000", 4 [pid 5076] unlink("./4/binderfs" [pid 5071] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] <... openat resumed>) = 3 [pid 5115] <... write resumed>) = 4 [pid 5076] <... unlink resumed>) = 0 [pid 5116] write(3, "1000", 4 [pid 5076] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] <... write resumed>) = 4 [pid 5115] close(3 [pid 5116] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5116] <... close resumed>) = 0 [pid 5115] <... close resumed>) = 0 [pid 5116] symlink("/dev/binderfs", "./binderfs" [pid 5115] symlink("/dev/binderfs", "./binderfs" [pid 5071] lstat("./4/file0", [pid 5116] <... symlink resumed>) = 0 [pid 5113] <... ioctl resumed>) = 0 [pid 5115] <... symlink resumed>) = 0 [pid 5113] close(3 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5113] <... close resumed>) = 0 [pid 5113] mkdir("./file0", 0777 [pid 5116] memfd_create("syzkaller", 0 [pid 5115] memfd_create("syzkaller", 0 [pid 5113] <... mkdir resumed>) = 0 [pid 5071] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 56.969584][ T5113] loop2: detected capacity change from 0 to 4096 [pid 5113] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5116] <... memfd_create resumed>) = 3 [pid 5115] <... memfd_create resumed>) = 3 [pid 5076] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] lstat("./4/file0", [pid 5071] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5116] <... mmap resumed>) = 0x7f01462f5000 [pid 5115] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... openat resumed>) = 4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] fstat(4, [pid 5076] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./4/file0") = 0 [pid 5076] getdents64(3, [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] getdents64(4, [pid 5076] close(3) = 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] rmdir("./4") = 0 [pid 5071] getdents64(4, [pid 5076] mkdir("./5", 0777 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5071] close(4 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5071] <... close resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5071] rmdir("./4/file0" [pid 5076] <... ioctl resumed>) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... rmdir resumed>) = 0 [pid 5114] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5071] getdents64(3, [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5117 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./4"./strace-static-x86_64: Process 5117 attached ) = 0 [pid 5117] chdir("./5") = 0 [pid 5071] mkdir("./5", 0777 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5117] setpgid(0, 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5117] <... setpgid resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [ 57.021274][ T5113] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5117] <... openat resumed>) = 3 [pid 5117] write(3, "1000", 4 [pid 5071] <... openat resumed>) = 3 [pid 5117] <... write resumed>) = 4 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5117] close(3) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5117] symlink("/dev/binderfs", "./binderfs" [pid 5071] close(3 [pid 5117] <... symlink resumed>) = 0 [pid 5117] memfd_create("syzkaller", 0 [pid 5071] <... close resumed>) = 0 [pid 5117] <... memfd_create resumed>) = 3 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5113] <... mount resumed>) = 0 [pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5118 [pid 5113] <... openat resumed>) = 3 [pid 5113] chdir("./file0") = 0 [pid 5113] ioctl(4, LOOP_CLR_FD./strace-static-x86_64: Process 5118 attached ) = 0 [pid 5118] chdir("./5" [pid 5113] close(4 [pid 5118] <... chdir resumed>) = 0 [pid 5113] <... close resumed>) = 0 [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5113] exit_group(0 [pid 5118] <... prctl resumed>) = 0 [pid 5113] <... exit_group resumed>) = ? [pid 5118] setpgid(0, 0 [pid 5113] +++ exited with 0 +++ [pid 5118] <... setpgid resumed>) = 0 [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=2 /* 0.02 s */} --- [pid 5118] <... openat resumed>) = 3 [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5118] write(3, "1000", 4 [pid 5073] <... restart_syscall resumed>) = 0 [pid 5118] <... write resumed>) = 4 [pid 5118] close(3) = 0 [pid 5073] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5118] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5118] <... symlink resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5118] memfd_create("syzkaller", 0 [pid 5117] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5073] <... openat resumed>) = 3 [pid 5118] <... memfd_create resumed>) = 3 [pid 5073] fstat(3, [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5118] <... mmap resumed>) = 0x7f01462f5000 [pid 5073] getdents64(3, [pid 5116] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5115] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5114] <... write resumed>) = 2097152 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5114] munmap(0x7f01462f5000, 2097152 [pid 5073] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] unlink("./5/binderfs") = 0 [pid 5073] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5114] <... munmap resumed>) = 0 [pid 5114] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5114] ioctl(4, LOOP_SET_FD, 3 [pid 5073] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5073] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] close(4) = 0 [pid 5073] rmdir("./5/file0") = 0 [pid 5073] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(3) = 0 [pid 5073] rmdir("./5") = 0 [pid 5073] mkdir("./6", 0777 [pid 5114] <... ioctl resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5114] close(3 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5114] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5114] mkdir("./file0", 0777) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [ 57.167628][ T5114] loop4: detected capacity change from 0 to 4096 [pid 5114] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] close(3) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5119 ./strace-static-x86_64: Process 5119 attached [pid 5119] chdir("./6" [pid 5118] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5116] <... write resumed>) = 2097152 [pid 5115] <... write resumed>) = 2097152 [pid 5119] <... chdir resumed>) = 0 [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5116] munmap(0x7f01462f5000, 2097152 [pid 5115] munmap(0x7f01462f5000, 2097152 [pid 5119] <... prctl resumed>) = 0 [pid 5119] setpgid(0, 0) = 0 [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5117] <... write resumed>) = 2097152 [pid 5116] <... munmap resumed>) = 0 [pid 5115] <... munmap resumed>) = 0 [pid 5119] write(3, "1000", 4 [pid 5118] <... write resumed>) = 2097152 [pid 5117] munmap(0x7f01462f5000, 2097152 [pid 5116] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5115] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5119] <... write resumed>) = 4 [pid 5118] munmap(0x7f01462f5000, 2097152 [pid 5116] <... openat resumed>) = 4 [pid 5115] <... openat resumed>) = 4 [pid 5119] close(3 [pid 5117] <... munmap resumed>) = 0 [pid 5116] ioctl(4, LOOP_SET_FD, 3 [ 57.209480][ T5114] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5115] ioctl(4, LOOP_SET_FD, 3 [pid 5119] <... close resumed>) = 0 [pid 5118] <... munmap resumed>) = 0 [pid 5119] symlink("/dev/binderfs", "./binderfs" [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5119] <... symlink resumed>) = 0 [pid 5118] <... openat resumed>) = 4 [pid 5119] memfd_create("syzkaller", 0 [pid 5118] ioctl(4, LOOP_SET_FD, 3 [pid 5119] <... memfd_create resumed>) = 3 [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5116] <... ioctl resumed>) = 0 [pid 5119] <... mmap resumed>) = 0x7f01462f5000 [pid 5118] <... ioctl resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5116] close(3 [pid 5115] <... ioctl resumed>) = 0 [pid 5117] <... openat resumed>) = 4 [pid 5116] <... close resumed>) = 0 [pid 5115] close(3 [pid 5117] ioctl(4, LOOP_SET_FD, 3 [pid 5116] mkdir("./file0", 0777 [pid 5115] <... close resumed>) = 0 [pid 5118] close(3 [pid 5116] <... mkdir resumed>) = 0 [pid 5115] mkdir("./file0", 0777 [pid 5118] <... close resumed>) = 0 [pid 5116] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5118] mkdir("./file0", 0777 [pid 5117] <... ioctl resumed>) = 0 [pid 5115] <... mkdir resumed>) = 0 [pid 5119] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5118] <... mkdir resumed>) = 0 [pid 5117] close(3 [ 57.256949][ T5116] loop1: detected capacity change from 0 to 4096 [ 57.260134][ T5118] loop0: detected capacity change from 0 to 4096 [ 57.264149][ T5115] loop3: detected capacity change from 0 to 4096 [ 57.281206][ T5117] loop5: detected capacity change from 0 to 4096 [ 57.292348][ T5116] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5115] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5118] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5117] <... close resumed>) = 0 [pid 5117] mkdir("./file0", 0777) = 0 [pid 5117] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5119] <... write resumed>) = 2097152 [pid 5119] munmap(0x7f01462f5000, 2097152 [pid 5114] <... mount resumed>) = 0 [pid 5114] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5114] chdir("./file0") = 0 [pid 5114] ioctl(4, LOOP_CLR_FD) = 0 [pid 5114] close(4 [pid 5116] <... mount resumed>) = 0 [pid 5114] <... close resumed>) = 0 [pid 5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5114] exit_group(0) = ? [pid 5116] <... openat resumed>) = 3 [pid 5114] +++ exited with 0 +++ [ 57.302599][ T5115] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 57.313862][ T5117] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 57.322929][ T5118] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5119] <... munmap resumed>) = 0 [pid 5116] chdir("./file0" [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- [pid 5116] <... chdir resumed>) = 0 [pid 5116] ioctl(4, LOOP_CLR_FD) = 0 [pid 5075] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5116] close(4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5116] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5119] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] <... openat resumed>) = 3 [pid 5119] <... openat resumed>) = 4 [pid 5116] exit_group(0 [pid 5075] fstat(3, [pid 5115] <... mount resumed>) = 0 [pid 5119] ioctl(4, LOOP_SET_FD, 3 [pid 5116] <... exit_group resumed>) = ? [pid 5115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5116] +++ exited with 0 +++ [pid 5115] <... openat resumed>) = 3 [pid 5075] getdents64(3, [pid 5117] <... mount resumed>) = 0 [pid 5115] chdir("./file0" [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5115] <... chdir resumed>) = 0 [pid 5075] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] <... openat resumed>) = 3 [pid 5115] ioctl(4, LOOP_CLR_FD [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5117] chdir("./file0" [pid 5115] <... ioctl resumed>) = 0 [pid 5075] lstat("./5/binderfs", [pid 5072] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] <... chdir resumed>) = 0 [pid 5115] close(4 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5117] ioctl(4, LOOP_CLR_FD) = 0 [pid 5117] close(4 [pid 5115] <... close resumed>) = 0 [pid 5075] unlink("./5/binderfs" [pid 5072] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5115] exit_group(0 [pid 5118] <... mount resumed>) = 0 [pid 5117] <... close resumed>) = 0 [pid 5115] <... exit_group resumed>) = ? [pid 5075] <... unlink resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5117] exit_group(0 [pid 5118] <... openat resumed>) = 3 [pid 5117] <... exit_group resumed>) = ? [pid 5072] fstat(3, [pid 5118] chdir("./file0" [pid 5117] +++ exited with 0 +++ [pid 5115] +++ exited with 0 +++ [pid 5075] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5118] <... chdir resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5118] ioctl(4, LOOP_CLR_FD) = 0 [pid 5072] getdents64(3, [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5076] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] <... ioctl resumed>) = 0 [pid 5118] close(4 [pid 5074] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5119] close(3 [pid 5118] <... close resumed>) = 0 [pid 5119] <... close resumed>) = 0 [pid 5118] exit_group(0 [pid 5119] mkdir("./file0", 0777 [pid 5118] <... exit_group resumed>) = ? [pid 5119] <... mkdir resumed>) = 0 [pid 5118] +++ exited with 0 +++ [pid 5119] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... openat resumed>) = 3 [pid 5072] lstat("./5/binderfs", [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... openat resumed>) = 3 [pid 5071] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] fstat(3, [pid 5074] fstat(3, [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] fstat(3, [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(3, [pid 5072] unlink("./5/binderfs" [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] getdents64(3, [pid 5071] getdents64(3, [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./5/binderfs", [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./5/binderfs", [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] lstat("./5/binderfs", [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] unlink("./5/binderfs" [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] unlink("./5/binderfs" [pid 5076] <... unlink resumed>) = 0 [pid 5074] unlink("./5/binderfs" [pid 5071] <... unlink resumed>) = 0 [pid 5076] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... unlink resumed>) = 0 [pid 5074] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5119] <... mount resumed>) = 0 [pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5119] chdir("./file0") = 0 [pid 5119] ioctl(4, LOOP_CLR_FD) = 0 [pid 5119] close(4) = 0 [ 57.385407][ T5119] loop2: detected capacity change from 0 to 4096 [ 57.414886][ T5119] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5119] exit_group(0) = ? [pid 5119] +++ exited with 0 +++ [pid 5071] <... umount2 resumed>) = 0 [pid 5071] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(4) = 0 [pid 5071] rmdir("./5/file0") = 0 [pid 5071] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./5") = 0 [pid 5071] mkdir("./6", 0777 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5073] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5073] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] unlink("./6/binderfs" [pid 5071] <... mkdir resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5073] <... unlink resumed>) = 0 [pid 5073] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5071] close(3) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5120 [pid 5075] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./5/file0") = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5075] rmdir("./5") = 0 [pid 5074] <... umount2 resumed>) = 0 [pid 5075] mkdir("./6", 0777) = 0 [pid 5072] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./5/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5120 attached [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5072] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... openat resumed>) = 3 [pid 5120] chdir("./6" [pid 5075] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] close(3) = 0 [pid 5120] <... chdir resumed>) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5120] <... prctl resumed>) = 0 [pid 5072] fstat(4, [pid 5120] setpgid(0, 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5120] <... setpgid resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5072] close(4) = 0 [pid 5074] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] rmdir("./5/file0"./strace-static-x86_64: Process 5121 attached [pid 5076] <... umount2 resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... rmdir resumed>) = 0 [pid 5074] lstat("./5/file0", [pid 5076] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5120] <... openat resumed>) = 3 [pid 5120] write(3, "1000", 4) = 4 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5121 [pid 5120] close(3 [pid 5072] getdents64(3, [pid 5120] <... close resumed>) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5120] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5121] chdir("./6" [pid 5120] <... symlink resumed>) = 0 [pid 5076] lstat("./5/file0", [pid 5074] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] close(3 [pid 5121] <... chdir resumed>) = 0 [pid 5120] memfd_create("syzkaller", 0 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... close resumed>) = 0 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5120] <... memfd_create resumed>) = 3 [pid 5076] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] rmdir("./5" [pid 5121] <... prctl resumed>) = 0 [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... openat resumed>) = 4 [pid 5073] lstat("./6/file0", [pid 5072] <... rmdir resumed>) = 0 [pid 5121] setpgid(0, 0 [pid 5120] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] fstat(4, [pid 5072] mkdir("./6", 0777 [pid 5121] <... setpgid resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] fstat(4, [pid 5074] getdents64(4, [pid 5073] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... openat resumed>) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5121] <... openat resumed>) = 3 [pid 5076] getdents64(4, [pid 5074] getdents64(4, [pid 5073] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] close(3 [pid 5121] write(3, "1000", 4 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] <... close resumed>) = 0 [pid 5121] <... write resumed>) = 4 [pid 5076] getdents64(4, [pid 5074] close(4 [pid 5073] <... openat resumed>) = 4 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5121] close(3 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] <... close resumed>) = 0 [pid 5073] fstat(4, [pid 5121] <... close resumed>) = 0 [pid 5076] close(4 [pid 5074] rmdir("./5/file0" [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5122 [pid 5121] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... close resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5073] getdents64(4, [pid 5121] <... symlink resumed>) = 0 [pid 5076] rmdir("./5/file0" [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5121] memfd_create("syzkaller", 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5073] getdents64(4, [pid 5121] <... memfd_create resumed>) = 3 [pid 5076] getdents64(3, [pid 5074] getdents64(3, [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(4 [pid 5121] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] close(3 [pid 5074] close(3 [pid 5073] <... close resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5073] rmdir("./6/file0" [pid 5076] <... close resumed>) = 0 [pid 5074] rmdir("./5" [pid 5073] <... rmdir resumed>) = 0 [pid 5076] rmdir("./5" [pid 5074] <... rmdir resumed>) = 0 [pid 5073] getdents64(3, [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./6", 0777 [pid 5074] mkdir("./6", 0777 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5073] close(3 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] <... mkdir resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] <... openat resumed>) = 3 [pid 5073] rmdir("./6" [pid 5120] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5074] <... openat resumed>) = 3 [pid 5073] <... rmdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5073] mkdir("./7", 0777 [pid 5076] close(3 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... close resumed>) = 0 [pid 5074] close(3 [pid 5073] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... close resumed>) = 0 ./strace-static-x86_64: Process 5123 attached ./strace-static-x86_64: Process 5122 attached [pid 5121] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5123] chdir("./6" [pid 5122] chdir("./6" [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5123 [pid 5073] <... openat resumed>) = 3 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5122] <... chdir resumed>) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5123] <... chdir resumed>) = 0 [pid 5073] close(3 [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5122] <... prctl resumed>) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5124 [pid 5073] <... close resumed>) = 0 [pid 5123] <... prctl resumed>) = 0 [pid 5122] setpgid(0, 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5122] <... setpgid resumed>) = 0 [pid 5123] setpgid(0, 0 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5125 [pid 5123] <... setpgid resumed>) = 0 [pid 5122] <... openat resumed>) = 3 [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5122] write(3, "1000", 4 [pid 5123] <... openat resumed>) = 3 [pid 5122] <... write resumed>) = 4 [pid 5123] write(3, "1000", 4 [pid 5122] close(3 [pid 5123] <... write resumed>) = 4 [pid 5122] <... close resumed>) = 0 [pid 5123] close(3 [pid 5122] symlink("/dev/binderfs", "./binderfs" [pid 5123] <... close resumed>) = 0 ./strace-static-x86_64: Process 5124 attached [pid 5122] <... symlink resumed>) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs" [pid 5122] memfd_create("syzkaller", 0 [pid 5123] <... symlink resumed>) = 0 [pid 5124] chdir("./6") = 0 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5124] setpgid(0, 0 [pid 5123] memfd_create("syzkaller", 0 [pid 5124] <... setpgid resumed>) = 0 [pid 5123] <... memfd_create resumed>) = 3 [pid 5122] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5125 attached [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5125] chdir("./7" [pid 5124] <... openat resumed>) = 3 [pid 5123] <... mmap resumed>) = 0x7f01462f5000 [pid 5122] <... mmap resumed>) = 0x7f01462f5000 [pid 5125] <... chdir resumed>) = 0 [pid 5124] write(3, "1000", 4 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5124] <... write resumed>) = 4 [pid 5125] <... prctl resumed>) = 0 [pid 5124] close(3 [pid 5125] setpgid(0, 0 [pid 5124] <... close resumed>) = 0 [pid 5125] <... setpgid resumed>) = 0 [pid 5124] symlink("/dev/binderfs", "./binderfs" [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5124] <... symlink resumed>) = 0 [pid 5125] <... openat resumed>) = 3 [pid 5124] memfd_create("syzkaller", 0 [pid 5125] write(3, "1000", 4 [pid 5124] <... memfd_create resumed>) = 3 [pid 5125] <... write resumed>) = 4 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5125] close(3 [pid 5124] <... mmap resumed>) = 0x7f01462f5000 [pid 5125] <... close resumed>) = 0 [pid 5125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5125] memfd_create("syzkaller", 0) = 3 [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5121] <... write resumed>) = 2097152 [pid 5121] munmap(0x7f01462f5000, 2097152 [pid 5120] <... write resumed>) = 2097152 [pid 5120] munmap(0x7f01462f5000, 2097152 [pid 5123] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5122] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5121] <... munmap resumed>) = 0 [pid 5120] <... munmap resumed>) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5121] <... openat resumed>) = 4 [pid 5120] <... openat resumed>) = 4 [pid 5121] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5120] ioctl(4, LOOP_SET_FD, 3 [pid 5121] close(3) = 0 [pid 5121] mkdir("./file0", 0777) = 0 [pid 5121] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5120] <... ioctl resumed>) = 0 [pid 5120] close(3) = 0 [pid 5120] mkdir("./file0", 0777) = 0 [pid 5125] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5124] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [ 57.669421][ T5121] loop4: detected capacity change from 0 to 4096 [ 57.677073][ T5120] loop0: detected capacity change from 0 to 4096 [ 57.693319][ T5121] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 57.709267][ T5120] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5120] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5125] <... write resumed>) = 2097152 [pid 5123] <... write resumed>) = 2097152 [pid 5122] <... write resumed>) = 2097152 [pid 5123] munmap(0x7f01462f5000, 2097152 [pid 5122] munmap(0x7f01462f5000, 2097152) = 0 [pid 5123] <... munmap resumed>) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5123] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5122] <... openat resumed>) = 4 [pid 5123] <... openat resumed>) = 4 [pid 5122] ioctl(4, LOOP_SET_FD, 3 [pid 5120] <... mount resumed>) = 0 [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5124] <... write resumed>) = 2097152 [pid 5124] munmap(0x7f01462f5000, 2097152 [pid 5125] munmap(0x7f01462f5000, 2097152 [pid 5121] <... mount resumed>) = 0 [pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5124] <... munmap resumed>) = 0 [pid 5121] chdir("./file0") = 0 [pid 5121] ioctl(4, LOOP_CLR_FD) = 0 [pid 5121] close(4) = 0 [pid 5121] exit_group(0) = ? [pid 5125] <... munmap resumed>) = 0 [pid 5121] +++ exited with 0 +++ [pid 5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5124] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5120] <... openat resumed>) = 3 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5124] ioctl(4, LOOP_SET_FD, 3 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5120] chdir("./file0" [pid 5075] <... restart_syscall resumed>) = 0 [pid 5125] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5123] <... ioctl resumed>) = 0 [pid 5122] <... ioctl resumed>) = 0 [pid 5120] <... chdir resumed>) = 0 [pid 5125] ioctl(4, LOOP_SET_FD, 3 [pid 5123] close(3 [pid 5075] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] close(3 [pid 5120] ioctl(4, LOOP_CLR_FD [pid 5123] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5122] <... close resumed>) = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5123] mkdir("./file0", 0777 [pid 5122] mkdir("./file0", 0777 [pid 5120] close(4 [pid 5075] unlink("./6/binderfs" [pid 5123] <... mkdir resumed>) = 0 [pid 5120] <... close resumed>) = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5122] <... mkdir resumed>) = 0 [pid 5075] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5122] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5120] exit_group(0 [pid 5075] <... umount2 resumed>) = 0 [ 57.776486][ T5122] loop1: detected capacity change from 0 to 4096 [ 57.783644][ T5123] loop5: detected capacity change from 0 to 4096 [ 57.795446][ T5124] loop3: detected capacity change from 0 to 4096 [ 57.806011][ T5125] loop2: detected capacity change from 0 to 4096 [pid 5120] <... exit_group resumed>) = ? [pid 5124] <... ioctl resumed>) = 0 [pid 5124] close(3) = 0 [pid 5124] mkdir("./file0", 0777) = 0 [pid 5124] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5125] <... ioctl resumed>) = 0 [pid 5125] close(3) = 0 [pid 5125] mkdir("./file0", 0777) = 0 [pid 5125] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./6/file0" [pid 5120] +++ exited with 0 +++ [pid 5075] <... rmdir resumed>) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5075] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] close(3 [pid 5071] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] rmdir("./6" [pid 5071] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... rmdir resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5075] mkdir("./7", 0777 [pid 5071] fstat(3, [pid 5075] <... mkdir resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] getdents64(3, [pid 5075] <... openat resumed>) = 3 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5071] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] close(3 [pid 5071] lstat("./6/binderfs", [pid 5075] <... close resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] unlink("./6/binderfs") = 0 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5126 [pid 5071] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5126 attached [pid 5126] chdir("./7") = 0 [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5126] setpgid(0, 0) = 0 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5126] write(3, "1000", 4) = 4 [ 57.844715][ T5122] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 57.856507][ T5123] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 57.867220][ T5124] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 57.881783][ T5125] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5126] close(3) = 0 [pid 5126] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5126] memfd_create("syzkaller", 0) = 3 [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5123] <... mount resumed>) = 0 [pid 5122] <... mount resumed>) = 0 [pid 5126] <... mmap resumed>) = 0x7f01462f5000 [pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] <... openat resumed>) = 3 [pid 5122] <... openat resumed>) = 3 [pid 5123] chdir("./file0" [pid 5122] chdir("./file0" [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] <... chdir resumed>) = 0 [pid 5071] lstat("./6/file0", [pid 5123] ioctl(4, LOOP_CLR_FD [pid 5122] <... chdir resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5123] <... ioctl resumed>) = 0 [pid 5122] ioctl(4, LOOP_CLR_FD [pid 5071] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5123] close(4 [pid 5122] <... ioctl resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5123] <... close resumed>) = 0 [pid 5071] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5123] exit_group(0 [pid 5122] close(4 [pid 5071] getdents64(4, [pid 5123] <... exit_group resumed>) = ? [pid 5122] <... close resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5125] <... mount resumed>) = 0 [pid 5123] +++ exited with 0 +++ [pid 5122] exit_group(0 [pid 5071] getdents64(4, [pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5122] <... exit_group resumed>) = ? [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5125] <... openat resumed>) = 3 [pid 5071] close(4 [pid 5125] chdir("./file0" [pid 5071] <... close resumed>) = 0 [pid 5125] <... chdir resumed>) = 0 [pid 5076] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] +++ exited with 0 +++ [pid 5071] rmdir("./6/file0" [pid 5125] ioctl(4, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5071] <... rmdir resumed>) = 0 [pid 5125] <... ioctl resumed>) = 0 [pid 5124] <... mount resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] getdents64(3, [pid 5125] close(4 [pid 5124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... openat resumed>) = 3 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5125] <... close resumed>) = 0 [pid 5071] close(3 [pid 5125] exit_group(0 [pid 5124] <... openat resumed>) = 3 [pid 5076] fstat(3, [pid 5071] <... close resumed>) = 0 [pid 5125] <... exit_group resumed>) = ? [pid 5124] chdir("./file0" [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] rmdir("./6" [pid 5125] +++ exited with 0 +++ [pid 5124] <... chdir resumed>) = 0 [pid 5076] getdents64(3, [pid 5072] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... rmdir resumed>) = 0 [pid 5124] ioctl(4, LOOP_CLR_FD [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] mkdir("./7", 0777 [pid 5124] <... ioctl resumed>) = 0 [pid 5076] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... mkdir resumed>) = 0 [pid 5124] close(4 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... openat resumed>) = 3 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5124] <... close resumed>) = 0 [pid 5076] lstat("./6/binderfs", [pid 5073] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] fstat(3, [pid 5071] <... openat resumed>) = 3 [pid 5124] exit_group(0 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5124] <... exit_group resumed>) = ? [pid 5076] unlink("./6/binderfs" [pid 5073] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(3, [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] close(3 [pid 5072] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5124] +++ exited with 0 +++ [pid 5076] <... unlink resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5072] lstat("./6/binderfs", [pid 5076] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5073] fstat(3, [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5127 [pid 5126] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] unlink("./6/binderfs"./strace-static-x86_64: Process 5127 attached [pid 5073] getdents64(3, [pid 5072] <... unlink resumed>) = 0 [pid 5072] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] lstat("./6/file0", [pid 5074] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5127] chdir("./7" [pid 5076] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] lstat("./7/binderfs", [pid 5074] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5127] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... openat resumed>) = 3 [pid 5073] unlink("./7/binderfs" [pid 5127] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5074] fstat(3, [pid 5073] <... unlink resumed>) = 0 [pid 5076] fstat(4, [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] setpgid(0, 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] getdents64(3, [pid 5127] <... setpgid resumed>) = 0 [pid 5076] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] getdents64(4, [pid 5074] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] close(4 [pid 5074] lstat("./6/binderfs", [pid 5127] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5127] write(3, "1000", 4 [pid 5076] rmdir("./6/file0" [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5127] <... write resumed>) = 4 [pid 5076] <... rmdir resumed>) = 0 [pid 5074] unlink("./6/binderfs" [pid 5127] close(3 [pid 5076] getdents64(3, [pid 5127] <... close resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... unlink resumed>) = 0 [pid 5127] symlink("/dev/binderfs", "./binderfs" [pid 5076] close(3 [pid 5074] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5127] <... symlink resumed>) = 0 [pid 5076] rmdir("./6" [pid 5127] memfd_create("syzkaller", 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5127] <... memfd_create resumed>) = 3 [pid 5076] mkdir("./7", 0777 [pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5127] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = 0 [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5128 ./strace-static-x86_64: Process 5128 attached [pid 5128] chdir("./7") = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5072] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5072] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] getdents64(4, [pid 5128] <... prctl resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5128] setpgid(0, 0 [pid 5072] getdents64(4, [pid 5128] <... setpgid resumed>) = 0 [pid 5126] <... write resumed>) = 2097152 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5126] munmap(0x7f01462f5000, 2097152 [pid 5072] close(4 [pid 5128] <... openat resumed>) = 3 [pid 5126] <... munmap resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5128] write(3, "1000", 4 [pid 5072] rmdir("./6/file0" [pid 5128] <... write resumed>) = 4 [pid 5073] <... umount2 resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5128] close(3 [pid 5072] getdents64(3, [pid 5128] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5128] symlink("/dev/binderfs", "./binderfs" [pid 5072] close(3 [pid 5128] <... symlink resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5128] memfd_create("syzkaller", 0 [pid 5072] rmdir("./6" [pid 5128] <... memfd_create resumed>) = 3 [pid 5126] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5072] <... rmdir resumed>) = 0 [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5126] <... openat resumed>) = 4 [pid 5072] mkdir("./7", 0777 [pid 5128] <... mmap resumed>) = 0x7f01462f5000 [pid 5126] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... mkdir resumed>) = 0 [pid 5127] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5126] <... ioctl resumed>) = 0 [pid 5074] <... umount2 resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] close(3) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5129 [pid 5073] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5129 attached ) = 4 [pid 5129] chdir("./7" [pid 5073] fstat(4, [pid 5129] <... chdir resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] getdents64(4, [pid 5129] <... prctl resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5129] setpgid(0, 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] getdents64(4, [pid 5129] <... setpgid resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] lstat("./6/file0", [pid 5073] close(4 [pid 5129] <... openat resumed>) = 3 [pid 5126] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... close resumed>) = 0 [pid 5129] write(3, "1000", 4 [pid 5126] <... close resumed>) = 0 [pid 5073] rmdir("./7/file0" [pid 5129] <... write resumed>) = 4 [pid 5126] mkdir("./file0", 0777 [pid 5074] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... rmdir resumed>) = 0 [pid 5129] close(3 [pid 5126] <... mkdir resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] getdents64(3, [pid 5129] <... close resumed>) = 0 [pid 5126] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5074] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5129] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... openat resumed>) = 4 [pid 5073] close(3 [pid 5129] <... symlink resumed>) = 0 [pid 5074] fstat(4, [pid 5073] <... close resumed>) = 0 [pid 5129] memfd_create("syzkaller", 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] rmdir("./7" [pid 5129] <... memfd_create resumed>) = 3 [pid 5074] getdents64(4, [pid 5073] <... rmdir resumed>) = 0 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] mkdir("./8", 0777 [pid 5129] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] getdents64(4, [pid 5073] <... mkdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5074] close(4 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... close resumed>) = 0 [pid 5073] close(3 [pid 5074] rmdir("./6/file0" [pid 5073] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... rmdir resumed>) = 0 [pid 5074] getdents64(3, [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5130 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [ 58.196619][ T5126] loop4: detected capacity change from 0 to 4096 [ 58.232328][ T5126] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5074] close(3) = 0 ./strace-static-x86_64: Process 5130 attached [pid 5074] rmdir("./6") = 0 [pid 5074] mkdir("./7", 0777 [pid 5130] chdir("./8") = 0 [pid 5074] <... mkdir resumed>) = 0 [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5130] <... prctl resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5130] setpgid(0, 0 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5130] <... setpgid resumed>) = 0 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] close(3 [pid 5130] <... openat resumed>) = 3 [pid 5074] <... close resumed>) = 0 [pid 5130] write(3, "1000", 4 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5130] <... write resumed>) = 4 [pid 5130] close(3) = 0 [pid 5128] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5131 ./strace-static-x86_64: Process 5131 attached [pid 5130] symlink("/dev/binderfs", "./binderfs" [pid 5131] chdir("./7" [pid 5130] <... symlink resumed>) = 0 [pid 5131] <... chdir resumed>) = 0 [pid 5130] memfd_create("syzkaller", 0) = 3 [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5131] <... prctl resumed>) = 0 [pid 5130] <... mmap resumed>) = 0x7f01462f5000 [pid 5131] setpgid(0, 0 [pid 5127] <... write resumed>) = 2097152 [pid 5131] <... setpgid resumed>) = 0 [pid 5127] munmap(0x7f01462f5000, 2097152 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5131] write(3, "1000", 4) = 4 [pid 5131] close(3) = 0 [pid 5131] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5131] memfd_create("syzkaller", 0) = 3 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5126] <... mount resumed>) = 0 [pid 5129] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5126] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5126] chdir("./file0" [pid 5127] <... munmap resumed>) = 0 [pid 5126] <... chdir resumed>) = 0 [pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5126] ioctl(4, LOOP_CLR_FD [pid 5127] <... openat resumed>) = 4 [pid 5126] <... ioctl resumed>) = 0 [pid 5126] close(4 [pid 5127] ioctl(4, LOOP_SET_FD, 3 [pid 5126] <... close resumed>) = 0 [pid 5126] exit_group(0) = ? [pid 5126] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=8 /* 0.08 s */} --- [pid 5075] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] fstat(3, [pid 5128] <... write resumed>) = 2097152 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5130] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5075] unlink("./7/binderfs") = 0 [pid 5128] munmap(0x7f01462f5000, 2097152 [pid 5075] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] <... ioctl resumed>) = 0 [pid 5128] <... munmap resumed>) = 0 [pid 5127] close(3) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5127] mkdir("./file0", 0777 [pid 5128] <... openat resumed>) = 4 [ 58.377931][ T5127] loop0: detected capacity change from 0 to 4096 [pid 5128] ioctl(4, LOOP_SET_FD, 3 [pid 5127] <... mkdir resumed>) = 0 [pid 5127] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5129] <... write resumed>) = 2097152 [pid 5129] munmap(0x7f01462f5000, 2097152 [pid 5128] <... ioctl resumed>) = 0 [pid 5128] close(3) = 0 [pid 5128] mkdir("./file0", 0777 [pid 5129] <... munmap resumed>) = 0 [pid 5129] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5129] ioctl(4, LOOP_SET_FD, 3 [pid 5128] <... mkdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5075] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5128] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] lstat("./7/file0", [pid 5131] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 58.418802][ T5128] loop5: detected capacity change from 0 to 4096 [ 58.438893][ T5127] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 58.456200][ T5129] loop1: detected capacity change from 0 to 4096 [pid 5075] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./7/file0" [pid 5130] <... write resumed>) = 2097152 [pid 5075] <... rmdir resumed>) = 0 [pid 5129] <... ioctl resumed>) = 0 [pid 5129] close(3) = 0 [pid 5129] mkdir("./file0", 0777 [pid 5075] getdents64(3, [pid 5129] <... mkdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] close(3 [pid 5129] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./7" [pid 5130] munmap(0x7f01462f5000, 2097152 [pid 5075] <... rmdir resumed>) = 0 [pid 5130] <... munmap resumed>) = 0 [pid 5127] <... mount resumed>) = 0 [pid 5075] mkdir("./8", 0777 [pid 5130] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5130] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... mkdir resumed>) = 0 [pid 5127] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5127] chdir("./file0" [pid 5075] <... openat resumed>) = 3 [pid 5131] <... write resumed>) = 2097152 [pid 5127] <... chdir resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5131] munmap(0x7f01462f5000, 2097152 [pid 5127] ioctl(4, LOOP_CLR_FD [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5127] <... ioctl resumed>) = 0 [pid 5075] close(3) = 0 [pid 5130] <... ioctl resumed>) = 0 [pid 5130] close(3) = 0 [pid 5130] mkdir("./file0", 0777) = 0 [pid 5130] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5127] close(4 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5127] <... close resumed>) = 0 [pid 5127] exit_group(0) = ? [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5132 ./strace-static-x86_64: Process 5132 attached [pid 5127] +++ exited with 0 +++ [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5071] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5071] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [ 58.473146][ T5128] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 58.497164][ T5129] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 58.514068][ T5130] loop2: detected capacity change from 0 to 4096 [pid 5071] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./7/binderfs", [pid 5131] <... munmap resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] unlink("./7/binderfs" [pid 5131] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5071] <... unlink resumed>) = 0 [pid 5131] <... openat resumed>) = 4 [pid 5071] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5131] ioctl(4, LOOP_SET_FD, 3 [pid 5132] chdir("./8") = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] memfd_create("syzkaller", 0) = 3 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5071] <... umount2 resumed>) = 0 [pid 5129] <... mount resumed>) = 0 [pid 5129] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5129] chdir("./file0") = 0 [pid 5129] ioctl(4, LOOP_CLR_FD) = 0 [pid 5129] close(4) = 0 [pid 5129] exit_group(0) = ? [pid 5131] <... ioctl resumed>) = 0 [pid 5129] +++ exited with 0 +++ [pid 5128] <... mount resumed>) = 0 [pid 5071] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=10 /* 0.10 s */} --- [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] lstat("./7/file0", [pid 5072] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... openat resumed>) = 3 [pid 5072] fstat(3, [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(3, [pid 5071] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... openat resumed>) = 4 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] fstat(4, [pid 5131] close(3 [ 58.538382][ T5130] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 58.552677][ T5131] loop3: detected capacity change from 0 to 4096 [pid 5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] lstat("./7/binderfs", [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5131] <... close resumed>) = 0 [pid 5128] <... openat resumed>) = 3 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] getdents64(4, [pid 5131] mkdir("./file0", 0777 [pid 5128] chdir("./file0" [pid 5072] unlink("./7/binderfs" [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5131] <... mkdir resumed>) = 0 [pid 5128] <... chdir resumed>) = 0 [pid 5072] <... unlink resumed>) = 0 [pid 5071] getdents64(4, [pid 5131] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5128] ioctl(4, LOOP_CLR_FD [pid 5072] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5128] <... ioctl resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] close(4) = 0 [pid 5071] rmdir("./7/file0" [pid 5128] close(4 [pid 5071] <... rmdir resumed>) = 0 [pid 5071] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5128] <... close resumed>) = 0 [pid 5071] rmdir("./7" [pid 5128] exit_group(0 [pid 5071] <... rmdir resumed>) = 0 [pid 5071] mkdir("./8", 0777) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5071] close(3) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5133 [pid 5072] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5128] <... exit_group resumed>) = ? [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5128] +++ exited with 0 +++ [pid 5072] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [pid 5072] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5133 attached [pid 5130] <... mount resumed>) = 0 [pid 5072] fstat(4, [pid 5133] chdir("./8" [pid 5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5133] <... chdir resumed>) = 0 [pid 5130] <... openat resumed>) = 3 [pid 5076] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(4, [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5130] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5133] <... prctl resumed>) = 0 [pid 5130] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(4, [pid 5133] setpgid(0, 0 [pid 5130] ioctl(4, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 3 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5133] <... setpgid resumed>) = 0 [pid 5130] <... ioctl resumed>) = 0 [pid 5076] fstat(3, [pid 5072] close(4 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5132] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5130] close(4 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... close resumed>) = 0 [pid 5133] <... openat resumed>) = 3 [pid 5130] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5072] rmdir("./7/file0" [pid 5133] write(3, "1000", 4 [pid 5130] exit_group(0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... rmdir resumed>) = 0 [pid 5133] <... write resumed>) = 4 [pid 5130] <... exit_group resumed>) = ? [pid 5076] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(3, [pid 5133] close(3 [pid 5130] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5133] <... close resumed>) = 0 [pid 5076] lstat("./7/binderfs", [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5072] close(3 [pid 5133] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] <... close resumed>) = 0 [pid 5133] <... symlink resumed>) = 0 [pid 5076] unlink("./7/binderfs" [pid 5072] rmdir("./7" [pid 5133] memfd_create("syzkaller", 0 [pid 5076] <... unlink resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5133] <... memfd_create resumed>) = 3 [pid 5076] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] mkdir("./8", 0777 [ 58.616254][ T5131] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5133] <... mmap resumed>) = 0x7f01462f5000 [pid 5073] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5073] <... openat resumed>) = 3 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] fstat(3, [pid 5072] close(3 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... close resumed>) = 0 [pid 5073] getdents64(3, [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5134 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] unlink("./8/binderfs") = 0 [pid 5073] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5134 attached [pid 5134] chdir("./8" [pid 5131] <... mount resumed>) = 0 [pid 5134] <... chdir resumed>) = 0 [pid 5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5131] <... openat resumed>) = 3 [pid 5134] setpgid(0, 0) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5132] <... write resumed>) = 2097152 [pid 5131] chdir("./file0" [pid 5134] write(3, "1000", 4) = 4 [pid 5134] close(3) = 0 [pid 5131] <... chdir resumed>) = 0 [pid 5134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5131] ioctl(4, LOOP_CLR_FD [pid 5134] memfd_create("syzkaller", 0 [pid 5131] <... ioctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5134] <... memfd_create resumed>) = 3 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5131] close(4 [pid 5134] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5131] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5131] exit_group(0 [pid 5076] lstat("./7/file0", [pid 5131] <... exit_group resumed>) = ? [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5131] +++ exited with 0 +++ [pid 5076] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./8/file0", [pid 5076] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5076] fstat(4, [pid 5074] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 5074] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 5074] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] fstat(3, [pid 5073] <... openat resumed>) = 4 [pid 5076] close(4 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] fstat(4, [pid 5076] <... close resumed>) = 0 [pid 5074] getdents64(3, [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] rmdir("./7/file0" [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] getdents64(4, [pid 5132] munmap(0x7f01462f5000, 2097152 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] close(4) = 0 [pid 5073] rmdir("./8/file0") = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5074] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(3, [pid 5133] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5132] <... munmap resumed>) = 0 [pid 5076] getdents64(3, [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] lstat("./7/binderfs", [pid 5073] close(3 [pid 5076] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] <... close resumed>) = 0 [pid 5073] rmdir("./8" [pid 5132] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... close resumed>) = 0 [pid 5074] unlink("./7/binderfs" [pid 5073] <... rmdir resumed>) = 0 [pid 5132] <... openat resumed>) = 4 [pid 5076] rmdir("./7" [pid 5074] <... unlink resumed>) = 0 [pid 5073] mkdir("./9", 0777 [pid 5132] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... rmdir resumed>) = 0 [pid 5074] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... mkdir resumed>) = 0 [pid 5132] <... ioctl resumed>) = 0 [pid 5076] mkdir("./8", 0777 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5073] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5076] <... mkdir resumed>) = 0 [pid 5073] close(3 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5073] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5135 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5135 attached [pid 5135] chdir("./9" [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5136 [pid 5135] <... chdir resumed>) = 0 [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5135] setpgid(0, 0) = 0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5135] write(3, "1000", 4) = 4 [pid 5135] close(3) = 0 [pid 5135] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5132] close(3) = 0 [pid 5132] mkdir("./file0", 0777 [pid 5135] memfd_create("syzkaller", 0 [pid 5134] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5132] <... mkdir resumed>) = 0 [pid 5132] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, ""./strace-static-x86_64: Process 5136 attached [pid 5135] <... memfd_create resumed>) = 3 [pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5136] chdir("./8" [pid 5135] <... mmap resumed>) = 0x7f01462f5000 [pid 5136] <... chdir resumed>) = 0 [pid 5133] <... write resumed>) = 2097152 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5136] setpgid(0, 0) = 0 [pid 5133] munmap(0x7f01462f5000, 2097152 [pid 5074] <... umount2 resumed>) = 0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] <... openat resumed>) = 3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5136] write(3, "1000", 4) = 4 [pid 5074] lstat("./7/file0", [pid 5136] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5136] <... close resumed>) = 0 [pid 5136] symlink("/dev/binderfs", "./binderfs" [pid 5074] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] <... symlink resumed>) = 0 [pid 5133] <... munmap resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5136] memfd_create("syzkaller", 0 [pid 5133] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5074] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5136] <... memfd_create resumed>) = 3 [pid 5133] <... openat resumed>) = 4 [pid 5074] fstat(4, [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5133] ioctl(4, LOOP_SET_FD, 3 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] getdents64(4, [pid 5136] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] close(4) = 0 [ 58.768152][ T5132] loop4: detected capacity change from 0 to 4096 [ 58.797347][ T5132] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5074] rmdir("./7/file0") = 0 [pid 5074] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] close(3) = 0 [pid 5074] rmdir("./7") = 0 [pid 5074] mkdir("./8", 0777) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5135] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5133] <... ioctl resumed>) = 0 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5133] close(3 [pid 5074] close(3) = 0 [pid 5133] <... close resumed>) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5133] mkdir("./file0", 0777 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5137 [pid 5134] <... write resumed>) = 2097152 [pid 5133] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5137 attached [pid 5133] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5132] <... mount resumed>) = 0 [pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5132] chdir("./file0") = 0 [pid 5134] munmap(0x7f01462f5000, 2097152 [pid 5132] ioctl(4, LOOP_CLR_FD) = 0 [pid 5132] close(4) = 0 [pid 5132] exit_group(0) = ? [pid 5132] +++ exited with 0 +++ [pid 5134] <... munmap resumed>) = 0 [pid 5137] chdir("./8" [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5137] <... chdir resumed>) = 0 [pid 5134] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5134] <... openat resumed>) = 4 [pid 5137] <... prctl resumed>) = 0 [ 58.852642][ T5133] loop0: detected capacity change from 0 to 4096 [ 58.885127][ T5133] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5134] ioctl(4, LOOP_SET_FD, 3 [pid 5137] setpgid(0, 0) = 0 [pid 5075] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5134] <... ioctl resumed>) = 0 [pid 5134] close(3 [pid 5137] <... openat resumed>) = 3 [pid 5134] <... close resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5137] write(3, "1000", 4 [pid 5075] fstat(3, [pid 5137] <... write resumed>) = 4 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5137] close(3 [pid 5075] getdents64(3, [pid 5137] <... close resumed>) = 0 [pid 5137] symlink("/dev/binderfs", "./binderfs" [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5134] mkdir("./file0", 0777 [pid 5137] <... symlink resumed>) = 0 [pid 5075] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./8/binderfs", [pid 5137] memfd_create("syzkaller", 0 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5137] <... memfd_create resumed>) = 3 [pid 5075] unlink("./8/binderfs" [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] <... unlink resumed>) = 0 [pid 5075] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5137] <... mmap resumed>) = 0x7f01462f5000 [pid 5134] <... mkdir resumed>) = 0 [pid 5134] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] <... umount2 resumed>) = 0 [pid 5135] <... write resumed>) = 2097152 [pid 5075] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5135] munmap(0x7f01462f5000, 2097152 [pid 5133] <... mount resumed>) = 0 [pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5075] lstat("./8/file0", [pid 5133] chdir("./file0") = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5133] ioctl(4, LOOP_CLR_FD) = 0 [pid 5075] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5133] close(4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5133] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5135] <... munmap resumed>) = 0 [pid 5133] exit_group(0 [pid 5075] <... openat resumed>) = 4 [pid 5135] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5133] <... exit_group resumed>) = ? [pid 5075] fstat(4, [pid 5137] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5135] <... openat resumed>) = 4 [pid 5133] +++ exited with 0 +++ [ 58.907275][ T5134] loop1: detected capacity change from 0 to 4096 [ 58.936828][ T5134] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5135] ioctl(4, LOOP_SET_FD, 3 [pid 5075] getdents64(4, [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(4 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] rmdir("./8/file0" [pid 5071] <... openat resumed>) = 3 [pid 5071] fstat(3, [pid 5075] <... rmdir resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(3, [pid 5071] getdents64(3, [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] close(3 [pid 5071] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] rmdir("./8" [pid 5071] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5071] unlink("./8/binderfs" [pid 5075] mkdir("./9", 0777 [pid 5071] <... unlink resumed>) = 0 [pid 5071] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... mkdir resumed>) = 0 [pid 5135] <... ioctl resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5135] close(3 [pid 5075] <... openat resumed>) = 3 [pid 5135] <... close resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5135] mkdir("./file0", 0777 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5135] <... mkdir resumed>) = 0 [pid 5134] <... mount resumed>) = 0 [pid 5075] close(3 [pid 5136] <... write resumed>) = 2097152 [pid 5135] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... close resumed>) = 0 [pid 5136] munmap(0x7f01462f5000, 2097152 [ 58.989670][ T5135] loop2: detected capacity change from 0 to 4096 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5136] <... munmap resumed>) = 0 [pid 5134] <... openat resumed>) = 3 [pid 5071] <... umount2 resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5138 [pid 5136] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5136] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5138 attached [pid 5134] chdir("./file0" [pid 5071] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5138] chdir("./9" [pid 5134] <... chdir resumed>) = 0 [pid 5134] ioctl(4, LOOP_CLR_FD [pid 5138] <... chdir resumed>) = 0 [pid 5134] <... ioctl resumed>) = 0 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5134] close(4 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5138] <... prctl resumed>) = 0 [pid 5134] <... close resumed>) = 0 [pid 5138] setpgid(0, 0 [pid 5071] lstat("./8/file0", [pid 5138] <... setpgid resumed>) = 0 [pid 5134] exit_group(0 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5134] <... exit_group resumed>) = ? [pid 5071] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5138] <... openat resumed>) = 3 [pid 5134] +++ exited with 0 +++ [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5138] write(3, "1000", 4 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=5 /* 0.05 s */} --- [pid 5071] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5138] <... write resumed>) = 4 [pid 5071] <... openat resumed>) = 4 [pid 5138] close(3 [pid 5071] fstat(4, [pid 5138] <... close resumed>) = 0 [pid 5138] symlink("/dev/binderfs", "./binderfs" [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5138] <... symlink resumed>) = 0 [pid 5071] getdents64(4, [pid 5138] memfd_create("syzkaller", 0 [pid 5137] <... write resumed>) = 2097152 [pid 5138] <... memfd_create resumed>) = 3 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5137] munmap(0x7f01462f5000, 2097152 [pid 5072] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] getdents64(4, [pid 5138] <... mmap resumed>) = 0x7f01462f5000 [pid 5137] <... munmap resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5137] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 59.031610][ T5135] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 59.036214][ T5136] loop5: detected capacity change from 0 to 4096 [pid 5137] ioctl(4, LOOP_SET_FD, 3 [pid 5072] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] close(4 [pid 5072] <... openat resumed>) = 3 [pid 5071] <... close resumed>) = 0 [pid 5072] fstat(3, [pid 5071] rmdir("./8/file0" [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5072] getdents64(3, [pid 5071] getdents64(3, [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] close(3 [pid 5135] <... mount resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... close resumed>) = 0 [pid 5135] <... openat resumed>) = 3 [pid 5072] lstat("./8/binderfs", [pid 5071] rmdir("./8" [pid 5136] <... ioctl resumed>) = 0 [pid 5135] chdir("./file0" [pid 5136] close(3 [pid 5135] <... chdir resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5136] <... close resumed>) = 0 [pid 5135] ioctl(4, LOOP_CLR_FD [pid 5072] unlink("./8/binderfs" [pid 5071] mkdir("./9", 0777 [pid 5136] mkdir("./file0", 0777 [pid 5135] <... ioctl resumed>) = 0 [pid 5136] <... mkdir resumed>) = 0 [pid 5135] close(4 [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5136] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5135] <... close resumed>) = 0 [pid 5138] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5135] exit_group(0 [pid 5072] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5137] <... ioctl resumed>) = 0 [pid 5135] <... exit_group resumed>) = ? [ 59.080464][ T5137] loop3: detected capacity change from 0 to 4096 [ 59.115699][ T5136] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5137] close(3 [pid 5071] <... openat resumed>) = 3 [pid 5137] <... close resumed>) = 0 [pid 5135] +++ exited with 0 +++ [pid 5072] <... umount2 resumed>) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5072] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] close(3 [pid 5073] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] lstat("./8/file0", [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... close resumed>) = 0 [pid 5137] mkdir("./file0", 0777 [pid 5073] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5137] <... mkdir resumed>) = 0 [pid 5137] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5073] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5139 attached [pid 5072] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5139] chdir("./9" [pid 5073] fstat(3, [pid 5139] <... chdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5139 [pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5139] <... prctl resumed>) = 0 [pid 5073] getdents64(3, [pid 5139] setpgid(0, 0 [pid 5138] <... write resumed>) = 2097152 [pid 5072] <... openat resumed>) = 4 [pid 5139] <... setpgid resumed>) = 0 [pid 5138] munmap(0x7f01462f5000, 2097152 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] fstat(4, [pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5139] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] getdents64(4, [pid 5139] write(3, "1000", 4 [pid 5073] lstat("./9/binderfs", [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5139] <... write resumed>) = 4 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] getdents64(4, [pid 5139] close(3 [pid 5073] unlink("./9/binderfs" [pid 5139] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5139] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... unlink resumed>) = 0 [pid 5072] close(4 [pid 5139] <... symlink resumed>) = 0 [pid 5073] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... close resumed>) = 0 [pid 5139] memfd_create("syzkaller", 0 [pid 5072] rmdir("./8/file0" [pid 5139] <... memfd_create resumed>) = 3 [pid 5072] <... rmdir resumed>) = 0 [pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5072] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] close(3) = 0 [pid 5072] rmdir("./8") = 0 [pid 5072] mkdir("./9", 0777) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [ 59.187016][ T5137] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] close(3 [pid 5138] <... munmap resumed>) = 0 [pid 5136] <... mount resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5073] <... umount2 resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5138] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5136] chdir("./file0" [pid 5073] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5138] <... openat resumed>) = 4 [pid 5136] <... chdir resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5138] ioctl(4, LOOP_SET_FD, 3 [pid 5136] ioctl(4, LOOP_CLR_FD) = 0 [pid 5073] lstat("./9/file0", [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5140 [pid 5136] close(4./strace-static-x86_64: Process 5140 attached ) = 0 [pid 5140] chdir("./9" [pid 5136] exit_group(0 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5140] <... chdir resumed>) = 0 [pid 5136] <... exit_group resumed>) = ? [pid 5073] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5137] <... mount resumed>) = 0 [pid 5136] +++ exited with 0 +++ [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] <... prctl resumed>) = 0 [pid 5137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5140] setpgid(0, 0 [pid 5137] <... openat resumed>) = 3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5140] <... setpgid resumed>) = 0 [pid 5137] chdir("./file0" [pid 5076] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... openat resumed>) = 4 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5137] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] fstat(4, [pid 5140] <... openat resumed>) = 3 [pid 5137] ioctl(4, LOOP_CLR_FD [pid 5076] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5140] write(3, "1000", 4 [pid 5137] <... ioctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5140] <... write resumed>) = 4 [pid 5137] close(4 [pid 5076] fstat(3, [pid 5073] getdents64(4, [pid 5140] close(3 [pid 5137] <... close resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5140] <... close resumed>) = 0 [pid 5137] exit_group(0 [pid 5076] getdents64(3, [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5140] symlink("/dev/binderfs", "./binderfs" [pid 5137] <... exit_group resumed>) = ? [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] getdents64(4, [pid 5140] <... symlink resumed>) = 0 [pid 5138] <... ioctl resumed>) = 0 [pid 5137] +++ exited with 0 +++ [pid 5076] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5140] memfd_create("syzkaller", 0 [pid 5138] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5073] close(4 [pid 5140] <... memfd_create resumed>) = 3 [pid 5138] <... close resumed>) = 0 [pid 5076] lstat("./8/binderfs", [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5138] mkdir("./file0", 0777 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 59.265456][ T5138] loop4: detected capacity change from 0 to 4096 [pid 5073] <... close resumed>) = 0 [pid 5140] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] unlink("./8/binderfs" [pid 5074] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5139] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5138] <... mkdir resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] rmdir("./9/file0" [pid 5138] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5076] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... umount2 resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5073] <... rmdir resumed>) = 0 [pid 5074] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] unlink("./8/binderfs") = 0 [pid 5074] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(3) = 0 [pid 5073] rmdir("./9" [pid 5076] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5073] mkdir("./10", 0777 [pid 5076] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5076] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5076] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5076] close(4 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5076] <... close resumed>) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] close(3 [pid 5076] rmdir("./8/file0" [pid 5073] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5141 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5074] <... umount2 resumed>) = 0 [pid 5076] rmdir("./8" [pid 5074] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5141 attached [pid 5076] <... rmdir resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5141] chdir("./10" [pid 5076] mkdir("./9", 0777 [pid 5141] <... chdir resumed>) = 0 [pid 5074] lstat("./8/file0", [pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... mkdir resumed>) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5141] <... prctl resumed>) = 0 [pid 5140] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5141] setpgid(0, 0 [pid 5138] <... mount resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5141] <... setpgid resumed>) = 0 [pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5074] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5138] <... openat resumed>) = 3 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... openat resumed>) = 4 [pid 5141] <... openat resumed>) = 3 [pid 5138] chdir("./file0" [pid 5076] close(3 [pid 5074] fstat(4, [pid 5141] write(3, "1000", 4 [pid 5138] <... chdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5141] <... write resumed>) = 4 [pid 5139] <... write resumed>) = 2097152 [pid 5138] ioctl(4, LOOP_CLR_FD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] getdents64(4, [pid 5141] close(3 [pid 5138] <... ioctl resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5141] <... close resumed>) = 0 [pid 5138] close(4 [pid 5074] getdents64(4, [pid 5141] symlink("/dev/binderfs", "./binderfs" [pid 5138] <... close resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5142 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5141] <... symlink resumed>) = 0 [ 59.364663][ T5138] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5138] exit_group(0 [pid 5074] close(4) = 0 [pid 5074] rmdir("./8/file0"./strace-static-x86_64: Process 5142 attached [pid 5141] memfd_create("syzkaller", 0 [pid 5138] <... exit_group resumed>) = ? [pid 5074] <... rmdir resumed>) = 0 [pid 5074] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] close(3) = 0 [pid 5074] rmdir("./8") = 0 [pid 5074] mkdir("./9", 0777) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5138] +++ exited with 0 +++ [pid 5074] close(3 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5074] <... close resumed>) = 0 [pid 5141] <... memfd_create resumed>) = 3 [pid 5142] chdir("./9" [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5139] munmap(0x7f01462f5000, 2097152 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5142] <... chdir resumed>) = 0 [pid 5141] <... mmap resumed>) = 0x7f01462f5000 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5143 [pid 5075] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5139] <... munmap resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5142] <... prctl resumed>) = 0 [pid 5140] <... write resumed>) = 2097152 [pid 5075] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] setpgid(0, 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] <... setpgid resumed>) = 0 [pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] lstat("./9/binderfs", ./strace-static-x86_64: Process 5143 attached [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5139] <... openat resumed>) = 4 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5142] <... openat resumed>) = 3 [pid 5139] ioctl(4, LOOP_SET_FD, 3 [pid 5075] unlink("./9/binderfs" [pid 5143] chdir("./9" [pid 5142] write(3, "1000", 4 [pid 5141] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5140] munmap(0x7f01462f5000, 2097152 [pid 5075] <... unlink resumed>) = 0 [pid 5143] <... chdir resumed>) = 0 [pid 5142] <... write resumed>) = 4 [pid 5139] <... ioctl resumed>) = 0 [pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5142] close(3 [pid 5139] close(3 [pid 5075] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5143] <... prctl resumed>) = 0 [pid 5142] <... close resumed>) = 0 [pid 5139] <... close resumed>) = 0 [pid 5143] setpgid(0, 0 [pid 5142] symlink("/dev/binderfs", "./binderfs" [pid 5139] mkdir("./file0", 0777 [pid 5143] <... setpgid resumed>) = 0 [pid 5142] <... symlink resumed>) = 0 [pid 5141] <... write resumed>) = 2097152 [pid 5140] <... munmap resumed>) = 0 [pid 5139] <... mkdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5141] munmap(0x7f01462f5000, 2097152 [ 59.503657][ T5139] loop0: detected capacity change from 0 to 4096 [pid 5139] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5143] <... openat resumed>) = 3 [pid 5142] memfd_create("syzkaller", 0 [pid 5141] <... munmap resumed>) = 0 [pid 5140] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5143] write(3, "1000", 4 [pid 5142] <... memfd_create resumed>) = 3 [pid 5141] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5140] <... openat resumed>) = 4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5143] <... write resumed>) = 4 [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5141] <... openat resumed>) = 4 [pid 5140] ioctl(4, LOOP_SET_FD, 3 [pid 5143] close(3 [pid 5142] <... mmap resumed>) = 0x7f01462f5000 [pid 5141] ioctl(4, LOOP_SET_FD, 3 [pid 5075] lstat("./9/file0", [pid 5143] <... close resumed>) = 0 [pid 5140] <... ioctl resumed>) = 0 [pid 5143] symlink("/dev/binderfs", "./binderfs" [pid 5140] close(3 [pid 5139] <... mount resumed>) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5143] <... symlink resumed>) = 0 [pid 5140] <... close resumed>) = 0 [pid 5075] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5143] memfd_create("syzkaller", 0 [pid 5140] mkdir("./file0", 0777 [pid 5139] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5143] <... memfd_create resumed>) = 3 [pid 5140] <... mkdir resumed>) = 0 [pid 5139] <... openat resumed>) = 3 [pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5140] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 59.558518][ T5139] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 59.570273][ T5140] loop1: detected capacity change from 0 to 4096 [ 59.585963][ T5141] loop2: detected capacity change from 0 to 4096 [pid 5139] chdir("./file0" [pid 5075] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5143] <... mmap resumed>) = 0x7f01462f5000 [pid 5139] <... chdir resumed>) = 0 [pid 5142] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5141] <... ioctl resumed>) = 0 [pid 5139] ioctl(4, LOOP_CLR_FD [pid 5075] <... openat resumed>) = 4 [pid 5141] close(3 [pid 5139] <... ioctl resumed>) = 0 [pid 5075] fstat(4, [pid 5141] <... close resumed>) = 0 [pid 5139] close(4 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 59.602891][ T5140] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5143] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5142] <... write resumed>) = 2097152 [pid 5141] mkdir("./file0", 0777 [pid 5139] <... close resumed>) = 0 [pid 5075] getdents64(4, [pid 5142] munmap(0x7f01462f5000, 2097152 [pid 5141] <... mkdir resumed>) = 0 [pid 5139] exit_group(0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5139] <... exit_group resumed>) = ? [pid 5075] getdents64(4, [pid 5139] +++ exited with 0 +++ [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5141] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] close(4 [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5075] <... close resumed>) = 0 [pid 5071] <... restart_syscall resumed>) = 0 [pid 5075] rmdir("./9/file0" [pid 5071] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5071] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] unlink("./9/binderfs") = 0 [pid 5071] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] <... munmap resumed>) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... rmdir resumed>) = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5071] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... close resumed>) = 0 [pid 5071] lstat("./9/file0", [pid 5075] rmdir("./9" [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] fstat(4, [pid 5075] <... rmdir resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5140] <... mount resumed>) = 0 [pid 5143] <... write resumed>) = 2097152 [pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] mkdir("./10", 0777 [pid 5071] getdents64(4, [pid 5140] <... openat resumed>) = 3 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5140] chdir("./file0" [pid 5071] getdents64(4, [pid 5140] <... chdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5140] ioctl(4, LOOP_CLR_FD [pid 5075] <... mkdir resumed>) = 0 [pid 5071] close(4 [pid 5140] <... ioctl resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] <... close resumed>) = 0 [pid 5143] munmap(0x7f01462f5000, 2097152 [pid 5140] close(4 [pid 5075] <... openat resumed>) = 3 [pid 5071] rmdir("./9/file0" [pid 5143] <... munmap resumed>) = 0 [pid 5140] <... close resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5071] <... rmdir resumed>) = 0 [pid 5140] exit_group(0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] getdents64(3, [pid 5140] <... exit_group resumed>) = ? [pid 5075] close(3 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5140] +++ exited with 0 +++ [pid 5075] <... close resumed>) = 0 [pid 5071] close(3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5071] <... close resumed>) = 0 [pid 5071] rmdir("./9") = 0 [pid 5143] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5142] <... ioctl resumed>) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5144 [pid 5072] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] mkdir("./10", 0777 [pid 5143] <... openat resumed>) = 4 [pid 5142] close(3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... mkdir resumed>) = 0 [pid 5143] ioctl(4, LOOP_SET_FD, 3 [pid 5142] <... close resumed>) = 0 [ 59.664561][ T5141] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 59.672684][ T5142] loop5: detected capacity change from 0 to 4096 [pid 5072] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR./strace-static-x86_64: Process 5144 attached [pid 5142] mkdir("./file0", 0777 [pid 5072] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5144] chdir("./10" [pid 5142] <... mkdir resumed>) = 0 [pid 5072] fstat(3, [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5144] <... chdir resumed>) = 0 [pid 5142] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] getdents64(3, [pid 5071] close(3 [pid 5144] <... prctl resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] <... close resumed>) = 0 [pid 5144] setpgid(0, 0 [pid 5072] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5144] <... setpgid resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] lstat("./9/binderfs", [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5145 [pid 5144] <... openat resumed>) = 3 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5144] write(3, "1000", 4 [pid 5072] unlink("./9/binderfs" [pid 5144] <... write resumed>) = 4 [pid 5072] <... unlink resumed>) = 0 [pid 5144] close(3 [pid 5072] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5144] <... close resumed>) = 0 [pid 5144] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5143] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5145 attached [pid 5144] memfd_create("syzkaller", 0 [pid 5143] close(3 [pid 5141] <... mount resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5145] chdir("./10" [pid 5144] <... memfd_create resumed>) = 3 [pid 5143] <... close resumed>) = 0 [pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5145] <... chdir resumed>) = 0 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5143] mkdir("./file0", 0777 [pid 5141] <... openat resumed>) = 3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5144] <... mmap resumed>) = 0x7f01462f5000 [pid 5143] <... mkdir resumed>) = 0 [pid 5141] chdir("./file0" [pid 5072] lstat("./9/file0", [pid 5145] <... prctl resumed>) = 0 [pid 5143] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5141] <... chdir resumed>) = 0 [ 59.714723][ T5143] loop3: detected capacity change from 0 to 4096 [ 59.729336][ T5142] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5145] setpgid(0, 0 [pid 5141] ioctl(4, LOOP_CLR_FD [pid 5072] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5145] <... setpgid resumed>) = 0 [pid 5141] <... ioctl resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5141] close(4 [pid 5072] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5145] <... openat resumed>) = 3 [pid 5141] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5145] write(3, "1000", 4 [pid 5072] fstat(4, [pid 5141] exit_group(0 [pid 5145] <... write resumed>) = 4 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5145] close(3 [pid 5141] <... exit_group resumed>) = ? [pid 5072] getdents64(4, [pid 5145] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5145] symlink("/dev/binderfs", "./binderfs" [pid 5072] getdents64(4, [pid 5145] <... symlink resumed>) = 0 [pid 5141] +++ exited with 0 +++ [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5145] memfd_create("syzkaller", 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5072] close(4 [pid 5145] <... memfd_create resumed>) = 3 [pid 5072] <... close resumed>) = 0 [pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] rmdir("./9/file0" [pid 5145] <... mmap resumed>) = 0x7f01462f5000 [pid 5073] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... rmdir resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] getdents64(3, [pid 5073] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5072] close(3 [pid 5073] fstat(3, [pid 5072] <... close resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 59.768658][ T5143] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5072] rmdir("./9" [pid 5142] <... mount resumed>) = 0 [pid 5073] getdents64(3, [pid 5072] <... rmdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] mkdir("./10", 0777 [pid 5142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... mkdir resumed>) = 0 [pid 5142] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5142] chdir("./file0" [pid 5073] lstat("./10/binderfs", [pid 5072] <... openat resumed>) = 3 [pid 5142] <... chdir resumed>) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5142] ioctl(4, LOOP_CLR_FD [pid 5073] unlink("./10/binderfs" [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5142] <... ioctl resumed>) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5072] close(3 [pid 5142] close(4 [pid 5073] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... close resumed>) = 0 [pid 5142] <... close resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5142] exit_group(0) = ? [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5146 [pid 5142] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- ./strace-static-x86_64: Process 5146 attached [pid 5076] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5146] chdir("./10" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5146] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... openat resumed>) = 3 [pid 5146] <... prctl resumed>) = 0 [pid 5143] <... mount resumed>) = 0 [pid 5076] fstat(3, [pid 5146] setpgid(0, 0 [pid 5143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5146] <... setpgid resumed>) = 0 [pid 5143] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5143] chdir("./file0" [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5146] <... openat resumed>) = 3 [pid 5143] <... chdir resumed>) = 0 [pid 5076] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5146] write(3, "1000", 4 [pid 5143] ioctl(4, LOOP_CLR_FD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5146] <... write resumed>) = 4 [pid 5143] <... ioctl resumed>) = 0 [pid 5076] lstat("./9/binderfs", [pid 5146] close(3 [pid 5143] close(4 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5146] <... close resumed>) = 0 [pid 5143] <... close resumed>) = 0 [pid 5076] unlink("./9/binderfs" [pid 5146] symlink("/dev/binderfs", "./binderfs" [pid 5143] exit_group(0 [pid 5076] <... unlink resumed>) = 0 [pid 5146] <... symlink resumed>) = 0 [pid 5143] <... exit_group resumed>) = ? [pid 5076] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5146] memfd_create("syzkaller", 0 [pid 5144] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5143] +++ exited with 0 +++ [pid 5146] <... memfd_create resumed>) = 3 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5076] <... umount2 resumed>) = 0 [pid 5145] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] lstat("./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5074] <... openat resumed>) = 3 [pid 5076] fstat(4, [pid 5074] fstat(3, [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(4, [pid 5074] getdents64(3, [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] close(4 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... close resumed>) = 0 [pid 5074] lstat("./9/binderfs", [pid 5073] <... umount2 resumed>) = 0 [pid 5076] rmdir("./9/file0" [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... rmdir resumed>) = 0 [pid 5074] unlink("./9/binderfs" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(3, [pid 5073] lstat("./10/file0", [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... unlink resumed>) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] close(3 [pid 5074] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5073] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] rmdir("./9" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... rmdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] mkdir("./10", 0777 [pid 5073] <... openat resumed>) = 4 [pid 5076] <... mkdir resumed>) = 0 [pid 5073] fstat(4, [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5073] getdents64(4, [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] <... ioctl resumed>) = 0 [pid 5073] getdents64(4, [pid 5076] close(3 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5073] close(4 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... close resumed>) = 0 [pid 5073] rmdir("./10/file0" [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5147 [pid 5073] <... rmdir resumed>) = 0 [pid 5074] <... umount2 resumed>) = 0 [pid 5073] getdents64(3, [pid 5074] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] close(3 [pid 5074] lstat("./9/file0", [pid 5073] <... close resumed>) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] rmdir("./10" [pid 5074] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5147 attached [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] mkdir("./11", 0777 [pid 5147] chdir("./10" [pid 5074] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... mkdir resumed>) = 0 [pid 5147] <... chdir resumed>) = 0 [pid 5074] <... openat resumed>) = 4 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] fstat(4, [pid 5073] <... openat resumed>) = 3 [pid 5147] <... prctl resumed>) = 0 [pid 5145] <... write resumed>) = 2097152 [pid 5144] <... write resumed>) = 2097152 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5147] setpgid(0, 0 [pid 5074] getdents64(4, [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5147] <... setpgid resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] close(3 [pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] getdents64(4, [pid 5073] <... close resumed>) = 0 [pid 5147] <... openat resumed>) = 3 [pid 5144] munmap(0x7f01462f5000, 2097152 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5147] write(3, "1000", 4 [pid 5074] close(4 [pid 5147] <... write resumed>) = 4 [pid 5074] <... close resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5148 [pid 5147] close(3 [pid 5074] rmdir("./9/file0" [pid 5147] <... close resumed>) = 0 [pid 5147] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5147] memfd_create("syzkaller", 0 [pid 5146] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5145] munmap(0x7f01462f5000, 2097152 [pid 5074] getdents64(3, ./strace-static-x86_64: Process 5148 attached [pid 5147] <... memfd_create resumed>) = 3 [pid 5145] <... munmap resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5148] chdir("./11" [pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] close(3 [pid 5148] <... chdir resumed>) = 0 [pid 5147] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... close resumed>) = 0 [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5144] <... munmap resumed>) = 0 [pid 5074] rmdir("./9" [pid 5148] <... prctl resumed>) = 0 [pid 5148] setpgid(0, 0) = 0 [pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5074] <... rmdir resumed>) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5145] <... openat resumed>) = 4 [pid 5144] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5074] mkdir("./10", 0777 [pid 5148] <... openat resumed>) = 3 [pid 5145] ioctl(4, LOOP_SET_FD, 3 [pid 5144] <... openat resumed>) = 4 [pid 5074] <... mkdir resumed>) = 0 [pid 5148] write(3, "1000", 4 [pid 5145] <... ioctl resumed>) = 0 [pid 5144] ioctl(4, LOOP_SET_FD, 3 [pid 5148] <... write resumed>) = 4 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5148] close(3) = 0 [pid 5148] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5148] memfd_create("syzkaller", 0) = 3 [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5074] <... openat resumed>) = 3 [pid 5144] <... ioctl resumed>) = 0 [pid 5144] close(3 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5144] <... close resumed>) = 0 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5144] mkdir("./file0", 0777) = 0 [pid 5074] close(3) = 0 [pid 5144] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5145] close(3 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5149 [pid 5145] <... close resumed>) = 0 [pid 5146] <... write resumed>) = 2097152 [pid 5145] mkdir("./file0", 0777) = 0 [ 60.007082][ T5145] loop0: detected capacity change from 0 to 4096 [ 60.015244][ T5144] loop4: detected capacity change from 0 to 4096 [ 60.040828][ T5144] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5145] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, ""./strace-static-x86_64: Process 5149 attached [pid 5149] chdir("./10") = 0 [pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5149] setpgid(0, 0) = 0 [pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5149] write(3, "1000", 4) = 4 [pid 5149] close(3 [pid 5146] munmap(0x7f01462f5000, 2097152 [pid 5149] <... close resumed>) = 0 [pid 5147] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5149] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5149] memfd_create("syzkaller", 0) = 3 [pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5148] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5146] <... munmap resumed>) = 0 [pid 5149] <... mmap resumed>) = 0x7f01462f5000 [pid 5146] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5146] ioctl(4, LOOP_SET_FD, 3 [pid 5144] <... mount resumed>) = 0 [pid 5144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5144] chdir("./file0") = 0 [pid 5144] ioctl(4, LOOP_CLR_FD) = 0 [pid 5144] close(4 [pid 5146] <... ioctl resumed>) = 0 [pid 5146] close(3) = 0 [pid 5146] mkdir("./file0", 0777) = 0 [ 60.059542][ T5145] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 60.099628][ T5146] loop1: detected capacity change from 0 to 4096 [pid 5146] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5145] <... mount resumed>) = 0 [pid 5144] <... close resumed>) = 0 [pid 5145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5145] chdir("./file0") = 0 [pid 5145] ioctl(4, LOOP_CLR_FD) = 0 [pid 5145] close(4) = 0 [pid 5145] exit_group(0 [pid 5144] exit_group(0 [pid 5145] <... exit_group resumed>) = ? [pid 5144] <... exit_group resumed>) = ? [pid 5145] +++ exited with 0 +++ [pid 5144] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5071] <... restart_syscall resumed>) = 0 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5071] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5149] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5147] <... write resumed>) = 2097152 [pid 5075] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... openat resumed>) = 3 [pid 5075] <... openat resumed>) = 3 [pid 5071] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] fstat(3, [pid 5071] getdents64(3, [pid 5147] munmap(0x7f01462f5000, 2097152 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5147] <... munmap resumed>) = 0 [pid 5075] getdents64(3, [pid 5071] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] lstat("./10/binderfs", [pid 5075] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] unlink("./10/binderfs" [pid 5075] lstat("./10/binderfs", [pid 5071] <... unlink resumed>) = 0 [pid 5147] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5147] <... openat resumed>) = 4 [pid 5075] unlink("./10/binderfs" [ 60.132287][ T5146] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5147] ioctl(4, LOOP_SET_FD, 3 [pid 5148] <... write resumed>) = 2097152 [pid 5075] <... unlink resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5148] munmap(0x7f01462f5000, 2097152 [pid 5075] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5148] <... munmap resumed>) = 0 [pid 5071] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5148] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5071] <... openat resumed>) = 4 [pid 5071] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(4 [pid 5146] <... mount resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] rmdir("./10/file0" [pid 5146] <... openat resumed>) = 3 [pid 5071] <... rmdir resumed>) = 0 [pid 5146] chdir("./file0" [pid 5071] getdents64(3, [pid 5146] <... chdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5146] ioctl(4, LOOP_CLR_FD [pid 5071] close(3 [pid 5146] <... ioctl resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5146] close(4 [pid 5071] rmdir("./10" [pid 5147] <... ioctl resumed>) = 0 [pid 5146] <... close resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5147] close(3 [pid 5146] exit_group(0 [pid 5071] mkdir("./11", 0777 [pid 5147] <... close resumed>) = 0 [pid 5146] <... exit_group resumed>) = ? [pid 5071] <... mkdir resumed>) = 0 [pid 5147] mkdir("./file0", 0777 [pid 5146] +++ exited with 0 +++ [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5147] <... mkdir resumed>) = 0 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5071] <... openat resumed>) = 3 [pid 5147] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5148] <... openat resumed>) = 4 [pid 5075] <... umount2 resumed>) = 0 [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] <... ioctl resumed>) = 0 [ 60.186909][ T5147] loop5: detected capacity change from 0 to 4096 [ 60.225097][ T5147] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5148] ioctl(4, LOOP_SET_FD, 3 [pid 5071] close(3) = 0 [pid 5149] <... write resumed>) = 2097152 [pid 5148] <... ioctl resumed>) = 0 [pid 5072] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5150 [pid 5072] <... openat resumed>) = 3 [pid 5072] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 ./strace-static-x86_64: Process 5150 attached [pid 5072] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] chdir("./11" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5150] <... chdir resumed>) = 0 [pid 5072] lstat("./10/binderfs", [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5150] <... prctl resumed>) = 0 [pid 5072] unlink("./10/binderfs" [pid 5150] setpgid(0, 0 [pid 5072] <... unlink resumed>) = 0 [pid 5150] <... setpgid resumed>) = 0 [pid 5072] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5150] write(3, "1000", 4) = 4 [pid 5150] close(3) = 0 [pid 5150] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5150] memfd_create("syzkaller", 0 [pid 5148] close(3 [pid 5075] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] <... memfd_create resumed>) = 3 [pid 5149] munmap(0x7f01462f5000, 2097152 [pid 5148] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5149] <... munmap resumed>) = 0 [pid 5148] mkdir("./file0", 0777 [pid 5072] lstat("./10/file0", [pid 5150] <... mmap resumed>) = 0x7f01462f5000 [pid 5148] <... mkdir resumed>) = 0 [pid 5075] lstat("./10/file0", [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 60.237729][ T5148] loop2: detected capacity change from 0 to 4096 [pid 5148] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5072] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5149] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5075] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... openat resumed>) = 4 [pid 5149] <... openat resumed>) = 4 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] fstat(4, [pid 5149] ioctl(4, LOOP_SET_FD, 3 [pid 5075] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... openat resumed>) = 4 [pid 5072] getdents64(4, [pid 5075] fstat(4, [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(4, [pid 5075] getdents64(4, [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] close(4) = 0 [pid 5075] getdents64(4, [pid 5072] rmdir("./10/file0" [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5075] close(4 [pid 5072] getdents64(3, [pid 5075] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] rmdir("./10/file0" [pid 5072] close(3) = 0 [pid 5075] <... rmdir resumed>) = 0 [pid 5072] rmdir("./10" [pid 5075] getdents64(3, [pid 5072] <... rmdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] mkdir("./11", 0777 [pid 5075] close(3 [pid 5072] <... mkdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [ 60.287753][ T5148] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 60.301746][ T5149] loop3: detected capacity change from 0 to 4096 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] rmdir("./10" [pid 5072] <... openat resumed>) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] <... rmdir resumed>) = 0 [pid 5072] close(3 [pid 5149] <... ioctl resumed>) = 0 [pid 5075] mkdir("./11", 0777 [pid 5072] <... close resumed>) = 0 [pid 5149] close(3 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5149] <... close resumed>) = 0 [pid 5149] mkdir("./file0", 0777 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5151 [pid 5149] <... mkdir resumed>) = 0 [pid 5149] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5148] <... mount resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5075] <... openat resumed>) = 3 [pid 5148] chdir("./file0" [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5148] <... chdir resumed>) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) ./strace-static-x86_64: Process 5151 attached [pid 5148] ioctl(4, LOOP_CLR_FD [pid 5075] close(3 [pid 5151] chdir("./11" [pid 5150] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5148] <... ioctl resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5151] <... chdir resumed>) = 0 [pid 5148] close(4 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5148] <... close resumed>) = 0 [pid 5151] <... prctl resumed>) = 0 [pid 5148] exit_group(0 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5152 [pid 5151] setpgid(0, 0 [pid 5148] <... exit_group resumed>) = ? [pid 5151] <... setpgid resumed>) = 0 ./strace-static-x86_64: Process 5152 attached [pid 5152] chdir("./11" [pid 5148] +++ exited with 0 +++ [pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5152] <... chdir resumed>) = 0 [pid 5151] <... openat resumed>) = 3 [pid 5147] <... mount resumed>) = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5151] write(3, "1000", 4 [pid 5147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5152] <... prctl resumed>) = 0 [pid 5151] <... write resumed>) = 4 [pid 5147] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5152] setpgid(0, 0 [pid 5147] chdir("./file0" [pid 5073] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5152] <... setpgid resumed>) = 0 [pid 5147] <... chdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5147] ioctl(4, LOOP_CLR_FD [pid 5073] fstat(3, [pid 5152] <... openat resumed>) = 3 [pid 5147] <... ioctl resumed>) = 0 [pid 5151] close(3 [pid 5149] <... mount resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5152] write(3, "1000", 4 [pid 5151] <... close resumed>) = 0 [pid 5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5147] close(4 [pid 5073] getdents64(3, [pid 5152] <... write resumed>) = 4 [pid 5151] symlink("/dev/binderfs", "./binderfs" [pid 5149] <... openat resumed>) = 3 [pid 5147] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5152] close(3 [pid 5151] <... symlink resumed>) = 0 [pid 5149] chdir("./file0" [pid 5147] exit_group(0 [pid 5073] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5152] <... close resumed>) = 0 [pid 5149] <... chdir resumed>) = 0 [pid 5147] <... exit_group resumed>) = ? [ 60.336231][ T5149] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5152] symlink("/dev/binderfs", "./binderfs" [pid 5151] memfd_create("syzkaller", 0 [pid 5149] ioctl(4, LOOP_CLR_FD [pid 5147] +++ exited with 0 +++ [pid 5073] lstat("./11/binderfs", [pid 5152] <... symlink resumed>) = 0 [pid 5149] <... ioctl resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5152] memfd_create("syzkaller", 0 [pid 5151] <... memfd_create resumed>) = 3 [pid 5149] close(4 [pid 5073] unlink("./11/binderfs" [pid 5152] <... memfd_create resumed>) = 3 [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5149] <... close resumed>) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5149] exit_group(0 [pid 5076] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5152] <... mmap resumed>) = 0x7f01462f5000 [pid 5149] <... exit_group resumed>) = ? [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5151] <... mmap resumed>) = 0x7f01462f5000 [pid 5149] +++ exited with 0 +++ [pid 5076] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] unlink("./10/binderfs") = 0 [pid 5076] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5074] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5074] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5074] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./10/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5074] unlink("./10/binderfs") = 0 [pid 5074] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5150] <... write resumed>) = 2097152 [pid 5150] munmap(0x7f01462f5000, 2097152) = 0 [pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5150] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... umount2 resumed>) = 0 [pid 5073] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5151] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... umount2 resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5152] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] fstat(4, [pid 5076] lstat("./10/file0", [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(4, [pid 5076] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./10/file0", [pid 5073] getdents64(4, [pid 5076] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5074] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(4 [pid 5076] fstat(4, [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... close resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] rmdir("./11/file0" [pid 5076] getdents64(4, [pid 5074] <... openat resumed>) = 4 [pid 5073] <... rmdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] fstat(4, [pid 5073] getdents64(3, [pid 5076] getdents64(4, [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] getdents64(4, [pid 5073] close(3 [pid 5150] <... ioctl resumed>) = 0 [pid 5076] close(4 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5074] getdents64(4, [pid 5073] rmdir("./11" [pid 5150] close(3 [pid 5076] rmdir("./10/file0" [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5150] <... close resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5074] close(4 [pid 5073] mkdir("./12", 0777 [pid 5150] mkdir("./file0", 0777 [pid 5076] getdents64(3, [pid 5074] <... close resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] rmdir("./10/file0" [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5150] <... mkdir resumed>) = 0 [pid 5076] close(3 [pid 5074] <... rmdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5074] getdents64(3, [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5076] rmdir("./10" [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... rmdir resumed>) = 0 [ 60.468365][ T5150] loop0: detected capacity change from 0 to 4096 [pid 5074] close(3 [pid 5073] close(3 [pid 5150] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5076] mkdir("./11", 0777 [pid 5074] <... close resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5074] rmdir("./10" [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] <... rmdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5074] mkdir("./11", 0777 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5153 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5074] <... mkdir resumed>) = 0 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5076] close(3 [pid 5074] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] close(3 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5154 [pid 5074] <... close resumed>) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5155 ./strace-static-x86_64: Process 5153 attached [pid 5153] chdir("./12") = 0 [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5153] setpgid(0, 0) = 0 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5155 attached ) = 3 [pid 5155] chdir("./11" [pid 5153] write(3, "1000", 4 [pid 5155] <... chdir resumed>) = 0 [pid 5153] <... write resumed>) = 4 [pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5153] close(3 [pid 5155] <... prctl resumed>) = 0 [pid 5153] <... close resumed>) = 0 [pid 5155] setpgid(0, 0 [pid 5153] symlink("/dev/binderfs", "./binderfs" [pid 5155] <... setpgid resumed>) = 0 [pid 5153] <... symlink resumed>) = 0 [pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5153] memfd_create("syzkaller", 0 [pid 5152] <... write resumed>) = 2097152 [pid 5155] <... openat resumed>) = 3 [pid 5153] <... memfd_create resumed>) = 3 [pid 5152] munmap(0x7f01462f5000, 2097152./strace-static-x86_64: Process 5154 attached [pid 5155] write(3, "1000", 4 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5152] <... munmap resumed>) = 0 [pid 5155] <... write resumed>) = 4 [pid 5153] <... mmap resumed>) = 0x7f01462f5000 [pid 5155] close(3 [pid 5154] chdir("./11" [pid 5155] <... close resumed>) = 0 [pid 5155] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5154] <... chdir resumed>) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5155] memfd_create("syzkaller", 0 [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5152] <... openat resumed>) = 4 [pid 5155] <... memfd_create resumed>) = 3 [pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5154] <... prctl resumed>) = 0 [ 60.520852][ T5150] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5152] ioctl(4, LOOP_SET_FD, 3 [pid 5155] <... mmap resumed>) = 0x7f01462f5000 [pid 5154] setpgid(0, 0 [pid 5151] <... write resumed>) = 2097152 [pid 5154] <... setpgid resumed>) = 0 [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5151] munmap(0x7f01462f5000, 2097152 [pid 5150] <... mount resumed>) = 0 [pid 5154] <... openat resumed>) = 3 [pid 5151] <... munmap resumed>) = 0 [pid 5150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5154] write(3, "1000", 4 [pid 5150] <... openat resumed>) = 3 [pid 5154] <... write resumed>) = 4 [pid 5152] <... ioctl resumed>) = 0 [pid 5151] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5150] chdir("./file0" [pid 5154] close(3 [pid 5150] <... chdir resumed>) = 0 [pid 5151] <... openat resumed>) = 4 [pid 5154] <... close resumed>) = 0 [pid 5150] ioctl(4, LOOP_CLR_FD [pid 5154] symlink("/dev/binderfs", "./binderfs" [pid 5151] ioctl(4, LOOP_SET_FD, 3 [pid 5150] <... ioctl resumed>) = 0 [pid 5154] <... symlink resumed>) = 0 [pid 5150] close(4 [pid 5152] close(3) = 0 [pid 5152] mkdir("./file0", 0777) = 0 [ 60.563801][ T5152] loop4: detected capacity change from 0 to 4096 [ 60.601626][ T5151] loop1: detected capacity change from 0 to 4096 [pid 5152] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5154] memfd_create("syzkaller", 0 [pid 5150] <... close resumed>) = 0 [pid 5154] <... memfd_create resumed>) = 3 [pid 5150] exit_group(0 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5151] <... ioctl resumed>) = 0 [pid 5150] <... exit_group resumed>) = ? [pid 5154] <... mmap resumed>) = 0x7f01462f5000 [pid 5151] close(3 [pid 5150] +++ exited with 0 +++ [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5071] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5071] fstat(3, [pid 5151] <... close resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5151] mkdir("./file0", 0777 [pid 5071] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5151] <... mkdir resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5153] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5151] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5071] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 60.608446][ T5152] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5071] unlink("./11/binderfs") = 0 [pid 5071] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5071] <... umount2 resumed>) = 0 [pid 5071] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [ 60.645936][ T5151] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5071] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5152] <... mount resumed>) = 0 [pid 5071] getdents64(4, [pid 5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5154] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5152] <... openat resumed>) = 3 [pid 5071] getdents64(4, [pid 5152] chdir("./file0" [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5152] <... chdir resumed>) = 0 [pid 5071] close(4 [pid 5152] ioctl(4, LOOP_CLR_FD [pid 5071] <... close resumed>) = 0 [pid 5152] <... ioctl resumed>) = 0 [pid 5071] rmdir("./11/file0" [pid 5152] close(4 [pid 5071] <... rmdir resumed>) = 0 [pid 5152] <... close resumed>) = 0 [pid 5071] getdents64(3, [pid 5152] exit_group(0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5153] <... write resumed>) = 2097152 [pid 5152] <... exit_group resumed>) = ? [pid 5071] close(3 [pid 5152] +++ exited with 0 +++ [pid 5071] <... close resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5071] rmdir("./11" [pid 5155] <... write resumed>) = 2097152 [pid 5071] <... rmdir resumed>) = 0 [pid 5071] mkdir("./12", 0777 [pid 5075] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... mkdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... openat resumed>) = 3 [pid 5075] <... openat resumed>) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5075] fstat(3, [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5153] munmap(0x7f01462f5000, 2097152 [pid 5151] <... mount resumed>) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] close(3 [pid 5153] <... munmap resumed>) = 0 [pid 5151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] getdents64(3, [pid 5071] <... close resumed>) = 0 [pid 5151] <... openat resumed>) = 3 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5151] chdir("./file0" [pid 5075] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5156 [pid 5151] <... chdir resumed>) = 0 [pid 5075] lstat("./11/binderfs", [pid 5153] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5151] ioctl(4, LOOP_CLR_FD [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 ./strace-static-x86_64: Process 5156 attached [pid 5153] <... openat resumed>) = 4 [pid 5151] <... ioctl resumed>) = 0 [pid 5075] unlink("./11/binderfs" [pid 5156] chdir("./12" [pid 5153] ioctl(4, LOOP_SET_FD, 3 [pid 5151] close(4 [pid 5075] <... unlink resumed>) = 0 [pid 5156] <... chdir resumed>) = 0 [pid 5155] munmap(0x7f01462f5000, 2097152 [pid 5151] <... close resumed>) = 0 [pid 5075] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5155] <... munmap resumed>) = 0 [pid 5151] exit_group(0 [pid 5156] <... prctl resumed>) = 0 [pid 5151] <... exit_group resumed>) = ? [pid 5156] setpgid(0, 0) = 0 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5151] +++ exited with 0 +++ [pid 5156] write(3, "1000", 4 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5156] <... write resumed>) = 4 [pid 5155] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5156] close(3 [pid 5155] <... openat resumed>) = 4 [pid 5156] <... close resumed>) = 0 [pid 5155] ioctl(4, LOOP_SET_FD, 3 [pid 5072] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5156] symlink("/dev/binderfs", "./binderfs" [pid 5155] <... ioctl resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5156] <... symlink resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5156] memfd_create("syzkaller", 0 [pid 5072] <... openat resumed>) = 3 [pid 5156] <... memfd_create resumed>) = 3 [pid 5072] fstat(3, [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5156] <... mmap resumed>) = 0x7f01462f5000 [pid 5072] getdents64(3, [pid 5153] <... ioctl resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5153] close(3 [pid 5072] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5153] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5153] mkdir("./file0", 0777 [pid 5075] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] lstat("./11/binderfs", [pid 5153] <... mkdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5153] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 60.760585][ T5153] loop2: detected capacity change from 0 to 4096 [ 60.777122][ T5155] loop3: detected capacity change from 0 to 4096 [pid 5075] lstat("./11/file0", [pid 5072] unlink("./11/binderfs" [pid 5154] <... write resumed>) = 2097152 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... unlink resumed>) = 0 [pid 5154] munmap(0x7f01462f5000, 2097152 [pid 5072] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] close(3) = 0 [pid 5155] mkdir("./file0", 0777) = 0 [pid 5155] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5154] <... munmap resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5154] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... umount2 resumed>) = 0 [pid 5154] <... openat resumed>) = 4 [pid 5075] <... openat resumed>) = 4 [ 60.802158][ T5153] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 60.835970][ T5155] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5154] ioctl(4, LOOP_SET_FD, 3 [pid 5075] fstat(4, [pid 5072] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5154] <... ioctl resumed>) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5075] getdents64(4, [pid 5154] close(3 [pid 5072] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(4, [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5154] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5154] mkdir("./file0", 0777 [pid 5075] getdents64(4, [pid 5072] getdents64(4, [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] close(4 [pid 5072] close(4 [pid 5075] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5075] rmdir("./11/file0" [pid 5072] rmdir("./11/file0" [pid 5075] <... rmdir resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5154] <... mkdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5072] getdents64(3, [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] close(3 [pid 5072] close(3 [pid 5075] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5156] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5154] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] rmdir("./11" [ 60.847114][ T5154] loop5: detected capacity change from 0 to 4096 [pid 5072] rmdir("./11" [pid 5075] <... rmdir resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5072] mkdir("./12", 0777) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] close(3) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5157 ./strace-static-x86_64: Process 5157 attached [pid 5157] chdir("./12" [pid 5075] mkdir("./12", 0777 [pid 5157] <... chdir resumed>) = 0 [pid 5075] <... mkdir resumed>) = 0 [pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5157] <... prctl resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5157] setpgid(0, 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5157] <... setpgid resumed>) = 0 [pid 5075] close(3 [pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] <... close resumed>) = 0 [pid 5157] <... openat resumed>) = 3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5157] write(3, "1000", 4) = 4 [pid 5157] close(3) = 0 [pid 5157] symlink("/dev/binderfs", "./binderfs" [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5158 [pid 5157] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5158 attached [pid 5157] memfd_create("syzkaller", 0 [pid 5155] <... mount resumed>) = 0 [pid 5157] <... memfd_create resumed>) = 3 [pid 5155] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5158] chdir("./12" [pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5155] <... openat resumed>) = 3 [pid 5157] <... mmap resumed>) = 0x7f01462f5000 [pid 5155] chdir("./file0" [pid 5158] <... chdir resumed>) = 0 [pid 5155] <... chdir resumed>) = 0 [pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5155] ioctl(4, LOOP_CLR_FD [pid 5158] <... prctl resumed>) = 0 [pid 5155] <... ioctl resumed>) = 0 [pid 5158] setpgid(0, 0 [pid 5155] close(4) = 0 [pid 5158] <... setpgid resumed>) = 0 [pid 5155] exit_group(0 [pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5155] <... exit_group resumed>) = ? [pid 5158] <... openat resumed>) = 3 [pid 5155] +++ exited with 0 +++ [ 60.873048][ T5154] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5158] write(3, "1000", 4 [pid 5156] <... write resumed>) = 2097152 [pid 5153] <... mount resumed>) = 0 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5158] <... write resumed>) = 4 [pid 5156] munmap(0x7f01462f5000, 2097152 [pid 5153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5158] close(3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5153] <... openat resumed>) = 3 [pid 5074] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5158] <... close resumed>) = 0 [pid 5153] chdir("./file0" [pid 5074] <... openat resumed>) = 3 [pid 5158] symlink("/dev/binderfs", "./binderfs" [pid 5153] <... chdir resumed>) = 0 [pid 5074] fstat(3, [pid 5158] <... symlink resumed>) = 0 [pid 5153] ioctl(4, LOOP_CLR_FD [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5158] memfd_create("syzkaller", 0 [pid 5157] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5156] <... munmap resumed>) = 0 [pid 5154] <... mount resumed>) = 0 [pid 5153] <... ioctl resumed>) = 0 [pid 5074] getdents64(3, [pid 5158] <... memfd_create resumed>) = 3 [pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5153] close(4 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5156] <... openat resumed>) = 4 [pid 5153] <... close resumed>) = 0 [pid 5074] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5158] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5156] ioctl(4, LOOP_SET_FD, 3 [pid 5153] exit_group(0 [pid 5074] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] unlink("./11/binderfs") = 0 [pid 5074] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 [pid 5074] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./11/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5153] <... exit_group resumed>) = ? [pid 5074] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5074] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5153] +++ exited with 0 +++ [pid 5074] getdents64(4, [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5156] <... ioctl resumed>) = 0 [pid 5154] <... openat resumed>) = 3 [pid 5156] close(3 [pid 5154] chdir("./file0" [pid 5073] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5156] <... close resumed>) = 0 [pid 5154] <... chdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] <... openat resumed>) = 3 [pid 5074] getdents64(4, [pid 5073] fstat(3, [pid 5156] mkdir("./file0", 0777 [pid 5154] ioctl(4, LOOP_CLR_FD [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5154] <... ioctl resumed>) = 0 [pid 5074] close(4 [pid 5073] getdents64(3, [pid 5154] close(4 [pid 5074] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5154] <... close resumed>) = 0 [pid 5074] rmdir("./11/file0" [pid 5073] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5156] <... mkdir resumed>) = 0 [pid 5154] exit_group(0 [pid 5074] <... rmdir resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5156] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5154] <... exit_group resumed>) = ? [pid 5073] lstat("./12/binderfs", [pid 5074] getdents64(3, [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] unlink("./12/binderfs" [pid 5074] close(3) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5074] rmdir("./11" [pid 5073] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... rmdir resumed>) = 0 [pid 5074] mkdir("./12", 0777) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5074] close(3) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5154] +++ exited with 0 +++ [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5159 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5076] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5076] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] unlink("./11/binderfs") = 0 [pid 5076] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5159 attached [pid 5159] chdir("./12") = 0 [pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5159] setpgid(0, 0) = 0 [pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5159] write(3, "1000", 4) = 4 [pid 5159] close(3) = 0 [pid 5159] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5159] memfd_create("syzkaller", 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5073] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] <... memfd_create resumed>) = 3 [pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] lstat("./12/file0", [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 60.966543][ T5156] loop0: detected capacity change from 0 to 4096 [ 60.988651][ T5156] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5076] lstat("./11/file0", [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 4 [pid 5073] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] fstat(4, [pid 5073] <... openat resumed>) = 4 [pid 5158] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5157] <... write resumed>) = 2097152 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] fstat(4, [pid 5076] getdents64(4, [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] getdents64(4, [pid 5076] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] close(4 [pid 5073] getdents64(4, [pid 5076] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] rmdir("./11/file0" [pid 5073] close(4 [pid 5076] <... rmdir resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5073] rmdir("./12/file0" [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./11" [pid 5073] <... rmdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5073] getdents64(3, [pid 5076] mkdir("./12", 0777 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5157] munmap(0x7f01462f5000, 2097152 [pid 5076] <... mkdir resumed>) = 0 [pid 5073] close(3 [pid 5157] <... munmap resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5073] <... close resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5073] rmdir("./12" [pid 5076] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5073] <... rmdir resumed>) = 0 [pid 5076] close(3 [pid 5073] mkdir("./13", 0777 [pid 5076] <... close resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5157] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5160 [pid 5073] <... openat resumed>) = 3 [pid 5157] <... openat resumed>) = 4 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5157] ioctl(4, LOOP_SET_FD, 3 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5156] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5160 attached [pid 5073] close(3 [pid 5160] chdir("./12" [pid 5073] <... close resumed>) = 0 [pid 5160] <... chdir resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5159] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5160] <... prctl resumed>) = 0 [pid 5160] setpgid(0, 0) = 0 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5156] <... openat resumed>) = 3 [pid 5160] <... openat resumed>) = 3 [pid 5156] chdir("./file0" [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5161 [pid 5160] write(3, "1000", 4 [pid 5156] <... chdir resumed>) = 0 [pid 5160] <... write resumed>) = 4 [pid 5160] close(3 [pid 5156] ioctl(4, LOOP_CLR_FD [pid 5160] <... close resumed>) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs" [pid 5156] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5161 attached [pid 5160] <... symlink resumed>) = 0 [pid 5156] close(4 [pid 5161] chdir("./13" [pid 5160] memfd_create("syzkaller", 0 [pid 5156] <... close resumed>) = 0 [pid 5161] <... chdir resumed>) = 0 [pid 5160] <... memfd_create resumed>) = 3 [pid 5156] exit_group(0 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5157] <... ioctl resumed>) = 0 [pid 5156] <... exit_group resumed>) = ? [pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5160] <... mmap resumed>) = 0x7f01462f5000 [pid 5157] close(3 [pid 5161] <... prctl resumed>) = 0 [pid 5158] <... write resumed>) = 2097152 [pid 5157] <... close resumed>) = 0 [pid 5156] +++ exited with 0 +++ [pid 5161] setpgid(0, 0 [pid 5158] munmap(0x7f01462f5000, 2097152 [pid 5157] mkdir("./file0", 0777 [pid 5161] <... setpgid resumed>) = 0 [pid 5157] <... mkdir resumed>) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=8 /* 0.08 s */} --- [ 61.084087][ T5157] loop1: detected capacity change from 0 to 4096 [pid 5157] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5158] <... munmap resumed>) = 0 [pid 5071] <... restart_syscall resumed>) = 0 [pid 5071] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5071] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5161] <... openat resumed>) = 3 [pid 5071] getdents64(3, [pid 5158] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5161] write(3, "1000", 4 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5161] <... write resumed>) = 4 [pid 5158] <... openat resumed>) = 4 [pid 5071] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./12/binderfs", [pid 5161] close(3 [pid 5158] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] unlink("./12/binderfs") = 0 [pid 5071] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] <... close resumed>) = 0 [pid 5161] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5161] memfd_create("syzkaller", 0) = 3 [pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5159] <... write resumed>) = 2097152 [pid 5158] <... ioctl resumed>) = 0 [pid 5158] close(3 [pid 5159] munmap(0x7f01462f5000, 2097152 [pid 5158] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5158] mkdir("./file0", 0777 [pid 5157] <... mount resumed>) = 0 [pid 5157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5158] <... mkdir resumed>) = 0 [pid 5157] <... openat resumed>) = 3 [pid 5158] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 61.131191][ T5157] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 61.163466][ T5158] loop4: detected capacity change from 0 to 4096 [pid 5157] chdir("./file0") = 0 [pid 5157] ioctl(4, LOOP_CLR_FD) = 0 [pid 5157] close(4 [pid 5159] <... munmap resumed>) = 0 [pid 5157] <... close resumed>) = 0 [pid 5157] exit_group(0 [pid 5159] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5157] <... exit_group resumed>) = ? [pid 5071] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] <... openat resumed>) = 4 [pid 5157] +++ exited with 0 +++ [pid 5159] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] lstat("./12/file0", [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5160] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 4 [pid 5072] fstat(3, [pid 5071] fstat(4, [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(3, [pid 5071] getdents64(4, [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] getdents64(4, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] lstat("./12/binderfs", [pid 5071] close(4 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] <... close resumed>) = 0 [pid 5072] unlink("./12/binderfs" [pid 5071] rmdir("./12/file0" [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5072] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./12") = 0 [pid 5071] mkdir("./13", 0777) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [ 61.211133][ T5158] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 61.217181][ T5159] loop3: detected capacity change from 0 to 4096 [pid 5161] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] close(3 [pid 5072] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] lstat("./12/file0", [pid 5159] <... ioctl resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5162 [pid 5159] close(3 [pid 5072] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] mkdir("./file0", 0777 [pid 5072] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5159] <... mkdir resumed>) = 0 [pid 5072] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5162 attached [pid 5159] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5072] fstat(4, [pid 5162] chdir("./13" [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5162] <... chdir resumed>) = 0 [pid 5072] getdents64(4, [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5162] <... prctl resumed>) = 0 [pid 5072] getdents64(4, [pid 5162] setpgid(0, 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5162] <... setpgid resumed>) = 0 [pid 5072] close(4 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] <... close resumed>) = 0 [pid 5162] <... openat resumed>) = 3 [pid 5160] <... write resumed>) = 2097152 [pid 5072] rmdir("./12/file0" [pid 5162] write(3, "1000", 4 [pid 5072] <... rmdir resumed>) = 0 [pid 5162] <... write resumed>) = 4 [pid 5072] getdents64(3, [pid 5162] close(3 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5162] <... close resumed>) = 0 [pid 5072] close(3 [pid 5162] symlink("/dev/binderfs", "./binderfs" [pid 5072] <... close resumed>) = 0 [pid 5162] <... symlink resumed>) = 0 [pid 5072] rmdir("./12" [pid 5162] memfd_create("syzkaller", 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5162] <... memfd_create resumed>) = 3 [pid 5072] mkdir("./13", 0777 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5162] <... mmap resumed>) = 0x7f01462f5000 [pid 5158] <... mount resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5158] <... openat resumed>) = 3 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] close(3 [pid 5158] chdir("./file0" [pid 5072] <... close resumed>) = 0 [pid 5158] <... chdir resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5158] ioctl(4, LOOP_CLR_FD) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5163 [ 61.286428][ T5159] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5158] close(4) = 0 [pid 5158] exit_group(0) = ? [pid 5160] munmap(0x7f01462f5000, 2097152 [pid 5158] +++ exited with 0 +++ ./strace-static-x86_64: Process 5163 attached [pid 5163] chdir("./13" [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5163] <... chdir resumed>) = 0 [pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5075] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] setpgid(0, 0 [pid 5161] <... write resumed>) = 2097152 [pid 5160] <... munmap resumed>) = 0 [pid 5160] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5160] ioctl(4, LOOP_SET_FD, 3 [pid 5163] <... setpgid resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5163] <... openat resumed>) = 3 [pid 5163] write(3, "1000", 4 [pid 5075] fstat(3, [pid 5163] <... write resumed>) = 4 [pid 5163] close(3 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5163] <... close resumed>) = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5163] symlink("/dev/binderfs", "./binderfs" [pid 5075] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] munmap(0x7f01462f5000, 2097152 [pid 5163] <... symlink resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5163] memfd_create("syzkaller", 0 [pid 5161] <... munmap resumed>) = 0 [pid 5159] <... mount resumed>) = 0 [pid 5075] lstat("./12/binderfs", [pid 5163] <... memfd_create resumed>) = 3 [pid 5159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5159] <... openat resumed>) = 3 [pid 5075] unlink("./12/binderfs" [pid 5159] chdir("./file0") = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5159] ioctl(4, LOOP_CLR_FD [pid 5163] <... mmap resumed>) = 0x7f01462f5000 [pid 5159] <... ioctl resumed>) = 0 [pid 5075] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5162] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5159] close(4 [pid 5161] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5160] <... ioctl resumed>) = 0 [pid 5159] <... close resumed>) = 0 [pid 5161] <... openat resumed>) = 4 [pid 5160] close(3 [pid 5159] exit_group(0 [pid 5161] ioctl(4, LOOP_SET_FD, 3 [pid 5160] <... close resumed>) = 0 [pid 5159] <... exit_group resumed>) = ? [pid 5160] mkdir("./file0", 0777 [pid 5159] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = 0 [pid 5160] <... mkdir resumed>) = 0 [pid 5075] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5159, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [ 61.377203][ T5160] loop5: detected capacity change from 0 to 4096 [ 61.410508][ T5161] loop2: detected capacity change from 0 to 4096 [pid 5160] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] restart_syscall(<... resuming interrupted clone ...> [pid 5075] lstat("./12/file0", [pid 5074] <... restart_syscall resumed>) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... openat resumed>) = 4 [pid 5074] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] fstat(4, [pid 5074] <... openat resumed>) = 3 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] fstat(3, [pid 5075] getdents64(4, [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] getdents64(3, [pid 5075] getdents64(4, [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] close(4 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... ioctl resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] lstat("./12/binderfs", [pid 5161] close(3 [pid 5075] rmdir("./12/file0" [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5161] <... close resumed>) = 0 [pid 5074] unlink("./12/binderfs" [pid 5161] mkdir("./file0", 0777 [pid 5075] <... rmdir resumed>) = 0 [pid 5074] <... unlink resumed>) = 0 [pid 5161] <... mkdir resumed>) = 0 [pid 5075] getdents64(3, [pid 5074] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5075] rmdir("./12") = 0 [pid 5075] mkdir("./13", 0777) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5074] <... umount2 resumed>) = 0 [pid 5074] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5074] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] <... openat resumed>) = 3 [pid 5074] getdents64(4, [pid 5162] <... write resumed>) = 2097152 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] close(4 [pid 5075] close(3 [pid 5074] <... close resumed>) = 0 [pid 5162] munmap(0x7f01462f5000, 2097152 [pid 5160] <... mount resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] rmdir("./12/file0" [pid 5162] <... munmap resumed>) = 0 [pid 5160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] <... rmdir resumed>) = 0 [pid 5160] <... openat resumed>) = 3 [pid 5074] getdents64(3, [pid 5160] chdir("./file0" [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5160] <... chdir resumed>) = 0 [pid 5074] close(3 [pid 5160] ioctl(4, LOOP_CLR_FD [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5164 [pid 5074] <... close resumed>) = 0 [pid 5160] <... ioctl resumed>) = 0 [ 61.426287][ T5160] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 61.456200][ T5161] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5074] rmdir("./12" [pid 5160] close(4 [pid 5074] <... rmdir resumed>) = 0 [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5160] <... close resumed>) = 0 [pid 5074] mkdir("./13", 0777 [pid 5162] <... openat resumed>) = 4 [pid 5160] exit_group(0 [pid 5074] <... mkdir resumed>) = 0 [pid 5162] ioctl(4, LOOP_SET_FD, 3 [pid 5160] <... exit_group resumed>) = ? [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5163] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5162] <... ioctl resumed>) = 0 [pid 5160] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=4 /* 0.04 s */} --- ./strace-static-x86_64: Process 5164 attached [pid 5164] chdir("./13" [pid 5076] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5164] <... chdir resumed>) = 0 [pid 5161] <... mount resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5164] <... prctl resumed>) = 0 [pid 5161] <... openat resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5164] setpgid(0, 0 [pid 5161] chdir("./file0" [pid 5076] fstat(3, [pid 5164] <... setpgid resumed>) = 0 [pid 5161] <... chdir resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5161] ioctl(4, LOOP_CLR_FD [pid 5076] getdents64(3, [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5161] <... ioctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5161] close(4 [pid 5076] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5164] <... openat resumed>) = 3 [pid 5161] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5164] write(3, "1000", 4 [pid 5161] exit_group(0 [pid 5076] lstat("./12/binderfs", [pid 5162] close(3 [pid 5161] <... exit_group resumed>) = ? [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5164] <... write resumed>) = 4 [pid 5162] <... close resumed>) = 0 [pid 5161] +++ exited with 0 +++ [pid 5076] unlink("./12/binderfs" [pid 5164] close(3 [pid 5162] mkdir("./file0", 0777 [pid 5076] <... unlink resumed>) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5164] <... close resumed>) = 0 [pid 5162] <... mkdir resumed>) = 0 [pid 5076] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5164] symlink("/dev/binderfs", "./binderfs" [pid 5162] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5164] <... symlink resumed>) = 0 [pid 5073] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5073] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] unlink("./13/binderfs" [pid 5164] memfd_create("syzkaller", 0 [pid 5073] <... unlink resumed>) = 0 [pid 5164] <... memfd_create resumed>) = 3 [pid 5073] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5074] <... openat resumed>) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5074] close(3) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5165 ./strace-static-x86_64: Process 5165 attached [pid 5163] <... write resumed>) = 2097152 [pid 5165] chdir("./13" [pid 5163] munmap(0x7f01462f5000, 2097152 [pid 5076] <... umount2 resumed>) = 0 [ 61.516670][ T5162] loop0: detected capacity change from 0 to 4096 [ 61.543074][ T5162] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5165] <... chdir resumed>) = 0 [pid 5165] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5165] setpgid(0, 0) = 0 [pid 5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5165] write(3, "1000", 4) = 4 [pid 5163] <... munmap resumed>) = 0 [pid 5076] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./12/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5165] close(3 [pid 5163] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5165] <... close resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5165] symlink("/dev/binderfs", "./binderfs" [pid 5163] <... openat resumed>) = 4 [pid 5076] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] lstat("./13/file0", [pid 5165] <... symlink resumed>) = 0 [pid 5163] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... openat resumed>) = 4 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5165] memfd_create("syzkaller", 0 [pid 5076] fstat(4, [pid 5073] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] getdents64(4, [pid 5073] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] <... openat resumed>) = 4 [pid 5165] <... memfd_create resumed>) = 3 [pid 5162] <... mount resumed>) = 0 [pid 5076] getdents64(4, [pid 5073] fstat(4, [pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5162] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5165] <... mmap resumed>) = 0x7f01462f5000 [pid 5162] <... openat resumed>) = 3 [pid 5076] close(4 [pid 5073] getdents64(4, [pid 5162] chdir("./file0" [pid 5076] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5162] <... chdir resumed>) = 0 [pid 5076] rmdir("./12/file0" [pid 5073] getdents64(4, [pid 5164] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5162] ioctl(4, LOOP_CLR_FD [pid 5076] <... rmdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5162] <... ioctl resumed>) = 0 [pid 5076] getdents64(3, [pid 5073] close(4 [pid 5162] close(4 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] <... close resumed>) = 0 [pid 5162] <... close resumed>) = 0 [pid 5076] close(3 [pid 5073] rmdir("./13/file0" [pid 5162] exit_group(0 [pid 5076] <... close resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5162] <... exit_group resumed>) = ? [pid 5076] rmdir("./12" [pid 5073] getdents64(3, [pid 5163] <... ioctl resumed>) = 0 [pid 5162] +++ exited with 0 +++ [pid 5076] <... rmdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5163] close(3 [pid 5076] mkdir("./13", 0777 [pid 5073] close(3 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5076] <... mkdir resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5073] rmdir("./13" [pid 5076] <... openat resumed>) = 3 [pid 5073] <... rmdir resumed>) = 0 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5073] mkdir("./14", 0777 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... mkdir resumed>) = 0 [pid 5076] close(3 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5071] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5163] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5071] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... openat resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5166 [pid 5073] close(3 [pid 5071] fstat(3, [pid 5073] <... close resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] getdents64(3, [pid 5163] mkdir("./file0", 0777 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5163] <... mkdir resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5167 [pid 5071] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5166 attached [pid 5163] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 61.624538][ T5163] loop1: detected capacity change from 0 to 4096 [pid 5166] chdir("./13" [pid 5071] lstat("./13/binderfs", ./strace-static-x86_64: Process 5167 attached [pid 5166] <... chdir resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5167] chdir("./14" [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] unlink("./13/binderfs" [pid 5167] <... chdir resumed>) = 0 [pid 5166] <... prctl resumed>) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5166] setpgid(0, 0 [pid 5071] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5167] <... prctl resumed>) = 0 [pid 5166] <... setpgid resumed>) = 0 [pid 5167] setpgid(0, 0 [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5165] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5071] <... umount2 resumed>) = 0 [pid 5167] <... setpgid resumed>) = 0 [pid 5166] <... openat resumed>) = 3 [pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5166] write(3, "1000", 4 [pid 5167] <... openat resumed>) = 3 [pid 5166] <... write resumed>) = 4 [pid 5167] write(3, "1000", 4 [pid 5166] close(3 [pid 5167] <... write resumed>) = 4 [pid 5166] <... close resumed>) = 0 [pid 5167] close(3 [pid 5166] symlink("/dev/binderfs", "./binderfs" [pid 5167] <... close resumed>) = 0 [pid 5166] <... symlink resumed>) = 0 [pid 5167] symlink("/dev/binderfs", "./binderfs" [pid 5166] memfd_create("syzkaller", 0 [pid 5167] <... symlink resumed>) = 0 [pid 5166] <... memfd_create resumed>) = 3 [pid 5167] memfd_create("syzkaller", 0 [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5167] <... memfd_create resumed>) = 3 [pid 5166] <... mmap resumed>) = 0x7f01462f5000 [pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5164] <... write resumed>) = 2097152 [ 61.674549][ T5163] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5167] <... mmap resumed>) = 0x7f01462f5000 [pid 5164] munmap(0x7f01462f5000, 2097152 [pid 5071] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5164] <... munmap resumed>) = 0 [pid 5071] <... openat resumed>) = 4 [pid 5164] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] fstat(4, [pid 5164] <... openat resumed>) = 4 [pid 5163] <... mount resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(4 [pid 5164] ioctl(4, LOOP_SET_FD, 3 [pid 5163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... close resumed>) = 0 [pid 5071] rmdir("./13/file0") = 0 [pid 5071] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./13" [pid 5164] <... ioctl resumed>) = 0 [pid 5163] <... openat resumed>) = 3 [pid 5071] <... rmdir resumed>) = 0 [pid 5164] close(3 [pid 5163] chdir("./file0" [pid 5071] mkdir("./14", 0777 [pid 5166] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5164] <... close resumed>) = 0 [pid 5163] <... chdir resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5164] mkdir("./file0", 0777 [pid 5163] ioctl(4, LOOP_CLR_FD [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5164] <... mkdir resumed>) = 0 [pid 5163] <... ioctl resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5164] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5163] close(4 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5163] <... close resumed>) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] close(3) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5163] exit_group(0) = ? [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5168 [pid 5163] +++ exited with 0 +++ [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5072] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5168 attached ) = 0 [pid 5168] chdir("./14") = 0 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5168] <... prctl resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5168] setpgid(0, 0 [pid 5072] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5168] <... setpgid resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5165] <... write resumed>) = 2097152 [pid 5072] fstat(3, [pid 5168] <... openat resumed>) = 3 [pid 5167] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5165] munmap(0x7f01462f5000, 2097152 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5168] write(3, "1000", 4 [pid 5165] <... munmap resumed>) = 0 [pid 5072] getdents64(3, [pid 5168] <... write resumed>) = 4 [pid 5165] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5168] close(3 [pid 5165] <... openat resumed>) = 4 [pid 5072] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5168] <... close resumed>) = 0 [ 61.757463][ T5164] loop4: detected capacity change from 0 to 4096 [ 61.782729][ T5164] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5165] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5168] symlink("/dev/binderfs", "./binderfs" [pid 5072] lstat("./13/binderfs", [pid 5168] <... symlink resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5168] memfd_create("syzkaller", 0 [pid 5072] unlink("./13/binderfs" [pid 5168] <... memfd_create resumed>) = 3 [pid 5072] <... unlink resumed>) = 0 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5164] <... mount resumed>) = 0 [pid 5168] <... mmap resumed>) = 0x7f01462f5000 [pid 5164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] <... umount2 resumed>) = 0 [pid 5165] <... ioctl resumed>) = 0 [pid 5164] <... openat resumed>) = 3 [pid 5165] close(3 [pid 5164] chdir("./file0" [pid 5165] <... close resumed>) = 0 [pid 5164] <... chdir resumed>) = 0 [pid 5165] mkdir("./file0", 0777 [pid 5164] ioctl(4, LOOP_CLR_FD [pid 5072] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./13/file0", [pid 5165] <... mkdir resumed>) = 0 [pid 5164] <... ioctl resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 61.832271][ T5165] loop3: detected capacity change from 0 to 4096 [pid 5165] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5164] close(4) = 0 [pid 5072] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5072] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, [pid 5164] exit_group(0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5164] <... exit_group resumed>) = ? [pid 5072] close(4) = 0 [pid 5072] rmdir("./13/file0" [pid 5164] +++ exited with 0 +++ [pid 5072] <... rmdir resumed>) = 0 [pid 5072] getdents64(3, [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] close(3 [pid 5075] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... close resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] rmdir("./13" [pid 5075] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... rmdir resumed>) = 0 [pid 5072] mkdir("./14", 0777 [pid 5075] <... openat resumed>) = 3 [pid 5072] <... mkdir resumed>) = 0 [pid 5166] <... write resumed>) = 2097152 [pid 5075] fstat(3, [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5166] munmap(0x7f01462f5000, 2097152 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5166] <... munmap resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5167] <... write resumed>) = 2097152 [pid 5075] getdents64(3, [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5167] munmap(0x7f01462f5000, 2097152 [pid 5072] close(3 [pid 5167] <... munmap resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... close resumed>) = 0 [pid 5075] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5169 [pid 5075] lstat("./13/binderfs", [pid 5166] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5166] <... openat resumed>) = 4 [pid 5075] unlink("./13/binderfs" [pid 5167] openat(AT_FDCWD, "/dev/loop2", O_RDWR [ 61.887554][ T5165] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5166] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5169 attached [pid 5167] <... openat resumed>) = 4 [pid 5075] <... unlink resumed>) = 0 [pid 5167] ioctl(4, LOOP_SET_FD, 3 [pid 5075] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5168] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5075] <... umount2 resumed>) = 0 [pid 5169] chdir("./14" [pid 5165] <... mount resumed>) = 0 [pid 5075] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] <... chdir resumed>) = 0 [pid 5165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5165] <... openat resumed>) = 3 [pid 5075] lstat("./13/file0", [pid 5169] <... prctl resumed>) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5165] chdir("./file0" [pid 5169] setpgid(0, 0 [pid 5165] <... chdir resumed>) = 0 [pid 5075] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] <... setpgid resumed>) = 0 [pid 5165] ioctl(4, LOOP_CLR_FD [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5165] <... ioctl resumed>) = 0 [pid 5169] <... openat resumed>) = 3 [pid 5165] close(4 [pid 5075] <... openat resumed>) = 4 [pid 5169] write(3, "1000", 4 [pid 5166] <... ioctl resumed>) = 0 [pid 5165] <... close resumed>) = 0 [pid 5166] close(3) = 0 [pid 5167] <... ioctl resumed>) = 0 [pid 5166] mkdir("./file0", 0777 [pid 5167] close(3 [pid 5166] <... mkdir resumed>) = 0 [pid 5167] <... close resumed>) = 0 [ 61.942414][ T5166] loop5: detected capacity change from 0 to 4096 [ 61.955101][ T5167] loop2: detected capacity change from 0 to 4096 [pid 5166] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5169] <... write resumed>) = 4 [pid 5167] mkdir("./file0", 0777 [pid 5165] exit_group(0 [pid 5075] fstat(4, [pid 5169] close(3 [pid 5167] <... mkdir resumed>) = 0 [pid 5165] <... exit_group resumed>) = ? [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5169] <... close resumed>) = 0 [pid 5167] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5165] +++ exited with 0 +++ [pid 5075] getdents64(4, [pid 5169] symlink("/dev/binderfs", "./binderfs" [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5165, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5169] <... symlink resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5074] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5169] memfd_create("syzkaller", 0 [pid 5075] getdents64(4, [pid 5074] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5169] <... memfd_create resumed>) = 3 [pid 5074] <... openat resumed>) = 3 [pid 5075] close(4 [pid 5074] fstat(3, [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] <... close resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5169] <... mmap resumed>) = 0x7f01462f5000 [pid 5075] rmdir("./13/file0" [pid 5074] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] <... rmdir resumed>) = 0 [pid 5074] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5074] lstat("./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] unlink("./13/binderfs") = 0 [pid 5074] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5075] rmdir("./13") = 0 [pid 5075] mkdir("./14", 0777 [pid 5168] <... write resumed>) = 2097152 [pid 5075] <... mkdir resumed>) = 0 [pid 5168] munmap(0x7f01462f5000, 2097152 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5168] <... munmap resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5168] <... openat resumed>) = 4 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5170 [ 61.983402][ T5166] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 62.000160][ T5167] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5168] ioctl(4, LOOP_SET_FD, 3 [pid 5074] <... umount2 resumed>) = 0 [pid 5168] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5170 attached [pid 5170] chdir("./14") = 0 [pid 5074] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5170] <... prctl resumed>) = 0 [pid 5074] lstat("./13/file0", [pid 5170] setpgid(0, 0 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5170] <... setpgid resumed>) = 0 [pid 5074] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5166] <... mount resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5170] <... openat resumed>) = 3 [pid 5167] <... mount resumed>) = 0 [pid 5166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5167] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5166] <... openat resumed>) = 3 [pid 5074] <... openat resumed>) = 4 [pid 5167] <... openat resumed>) = 3 [pid 5166] chdir("./file0" [pid 5074] fstat(4, [pid 5170] write(3, "1000", 4 [pid 5167] chdir("./file0" [pid 5166] <... chdir resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5170] <... write resumed>) = 4 [pid 5167] <... chdir resumed>) = 0 [pid 5166] ioctl(4, LOOP_CLR_FD [pid 5074] getdents64(4, [pid 5170] close(3 [pid 5167] ioctl(4, LOOP_CLR_FD [pid 5166] <... ioctl resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5170] <... close resumed>) = 0 [pid 5168] close(3 [pid 5167] <... ioctl resumed>) = 0 [pid 5166] close(4 [pid 5074] getdents64(4, [pid 5170] symlink("/dev/binderfs", "./binderfs" [pid 5168] <... close resumed>) = 0 [pid 5167] close(4 [pid 5166] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5168] mkdir("./file0", 0777 [pid 5167] <... close resumed>) = 0 [pid 5166] exit_group(0 [pid 5074] close(4 [pid 5168] <... mkdir resumed>) = 0 [pid 5167] exit_group(0 [pid 5166] <... exit_group resumed>) = ? [pid 5074] <... close resumed>) = 0 [pid 5168] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5167] <... exit_group resumed>) = ? [pid 5166] +++ exited with 0 +++ [pid 5074] rmdir("./13/file0" [pid 5170] <... symlink resumed>) = 0 [pid 5167] +++ exited with 0 +++ [pid 5074] <... rmdir resumed>) = 0 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5074] getdents64(3, [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5076] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] close(3 [pid 5170] memfd_create("syzkaller", 0 [pid 5076] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... close resumed>) = 0 [pid 5073] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] <... memfd_create resumed>) = 3 [pid 5076] <... openat resumed>) = 3 [pid 5074] rmdir("./13" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5169] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] fstat(3, [pid 5074] <... rmdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5170] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] mkdir("./14", 0777 [pid 5073] <... openat resumed>) = 3 [pid 5076] getdents64(3, [pid 5074] <... mkdir resumed>) = 0 [pid 5073] fstat(3, [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... openat resumed>) = 3 [pid 5073] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] lstat("./13/binderfs", [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] close(3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] unlink("./13/binderfs" [pid 5074] <... close resumed>) = 0 [pid 5073] lstat("./14/binderfs", [pid 5076] <... unlink resumed>) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] unlink("./14/binderfs" [pid 5076] <... umount2 resumed>) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5171 [pid 5073] <... unlink resumed>) = 0 [pid 5076] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 62.058827][ T5168] loop0: detected capacity change from 0 to 4096 [ 62.097548][ T5168] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5073] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./13/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./13/file0") = 0 [pid 5076] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] close(3) = 0 [pid 5076] rmdir("./13" [pid 5168] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5171 attached [pid 5076] <... rmdir resumed>) = 0 [pid 5171] chdir("./14" [pid 5168] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] mkdir("./14", 0777 [pid 5171] <... chdir resumed>) = 0 [pid 5168] <... openat resumed>) = 3 [pid 5076] <... mkdir resumed>) = 0 [pid 5171] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5168] chdir("./file0" [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5171] <... prctl resumed>) = 0 [pid 5168] <... chdir resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5171] setpgid(0, 0 [pid 5168] ioctl(4, LOOP_CLR_FD [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5073] <... umount2 resumed>) = 0 [pid 5171] <... setpgid resumed>) = 0 [pid 5168] <... ioctl resumed>) = 0 [pid 5076] <... ioctl resumed>) = 0 [pid 5073] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5168] close(4 [pid 5076] close(3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] <... openat resumed>) = 3 [pid 5168] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5073] lstat("./14/file0", [pid 5171] write(3, "1000", 4 [pid 5168] exit_group(0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5171] <... write resumed>) = 4 [pid 5168] <... exit_group resumed>) = ? [pid 5073] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5171] close(3 [pid 5168] +++ exited with 0 +++ [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5172 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=6 /* 0.06 s */} --- [pid 5171] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... openat resumed>) = 4 [pid 5171] <... symlink resumed>) = 0 [pid 5073] fstat(4, [pid 5171] memfd_create("syzkaller", 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5171] <... memfd_create resumed>) = 3 [pid 5073] getdents64(4, [pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5171] <... mmap resumed>) = 0x7f01462f5000 [pid 5073] getdents64(4, [pid 5071] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] close(4 [pid 5071] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5172 attached [pid 5073] <... close resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5172] chdir("./14" [pid 5073] rmdir("./14/file0" [pid 5071] fstat(3, [pid 5172] <... chdir resumed>) = 0 [pid 5170] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5073] <... rmdir resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] getdents64(3, [pid 5071] getdents64(3, [pid 5172] <... prctl resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5172] setpgid(0, 0 [pid 5073] close(3 [pid 5071] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] <... setpgid resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] rmdir("./14" [pid 5071] lstat("./14/binderfs", [pid 5172] <... openat resumed>) = 3 [pid 5169] <... write resumed>) = 2097152 [pid 5073] <... rmdir resumed>) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5172] write(3, "1000", 4 [pid 5169] munmap(0x7f01462f5000, 2097152 [pid 5073] mkdir("./15", 0777 [pid 5071] unlink("./14/binderfs" [pid 5172] <... write resumed>) = 4 [pid 5073] <... mkdir resumed>) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5172] close(3 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5071] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5172] symlink("/dev/binderfs", "./binderfs" [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5172] <... symlink resumed>) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5172] memfd_create("syzkaller", 0 [pid 5169] <... munmap resumed>) = 0 [pid 5073] close(3 [pid 5172] <... memfd_create resumed>) = 3 [pid 5171] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5073] <... close resumed>) = 0 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5169] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5172] <... mmap resumed>) = 0x7f01462f5000 [pid 5169] <... openat resumed>) = 4 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5173 [pid 5169] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... umount2 resumed>) = 0 [pid 5071] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5173 attached ) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./14/file0", [pid 5173] chdir("./15") = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5071] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5173] setpgid(0, 0) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5173] <... openat resumed>) = 3 [pid 5173] write(3, "1000", 4 [pid 5071] <... openat resumed>) = 4 [pid 5173] <... write resumed>) = 4 [pid 5071] fstat(4, [pid 5173] close(3 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5173] <... close resumed>) = 0 [pid 5071] getdents64(4, [pid 5173] symlink("/dev/binderfs", "./binderfs" [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5173] <... symlink resumed>) = 0 [pid 5071] getdents64(4, [pid 5173] memfd_create("syzkaller", 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5173] <... memfd_create resumed>) = 3 [pid 5071] close(4 [pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5169] <... ioctl resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5173] <... mmap resumed>) = 0x7f01462f5000 [pid 5071] rmdir("./14/file0" [pid 5170] <... write resumed>) = 2097152 [pid 5169] close(3 [pid 5071] <... rmdir resumed>) = 0 [pid 5071] getdents64(3, [pid 5169] <... close resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./14" [pid 5169] mkdir("./file0", 0777 [pid 5071] <... rmdir resumed>) = 0 [pid 5170] munmap(0x7f01462f5000, 2097152 [pid 5071] mkdir("./15", 0777 [pid 5170] <... munmap resumed>) = 0 [pid 5169] <... mkdir resumed>) = 0 [ 62.263103][ T5169] loop1: detected capacity change from 0 to 4096 [pid 5071] <... mkdir resumed>) = 0 [pid 5169] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5071] close(3) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5174 [pid 5170] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5170] ioctl(4, LOOP_SET_FD, 3) = 0 ./strace-static-x86_64: Process 5174 attached [pid 5174] chdir("./15") = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5174] setpgid(0, 0) = 0 [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5174] write(3, "1000", 4) = 4 [pid 5174] close(3) = 0 [pid 5174] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5174] memfd_create("syzkaller", 0 [pid 5172] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5174] <... memfd_create resumed>) = 3 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5170] close(3) = 0 [pid 5170] mkdir("./file0", 0777 [pid 5171] <... write resumed>) = 2097152 [pid 5170] <... mkdir resumed>) = 0 [pid 5170] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 62.317580][ T5169] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 62.328478][ T5170] loop4: detected capacity change from 0 to 4096 [pid 5173] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5172] <... write resumed>) = 2097152 [pid 5169] <... mount resumed>) = 0 [pid 5171] munmap(0x7f01462f5000, 2097152 [pid 5172] munmap(0x7f01462f5000, 2097152 [pid 5169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5171] <... munmap resumed>) = 0 [pid 5172] <... munmap resumed>) = 0 [pid 5169] <... openat resumed>) = 3 [pid 5172] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5169] chdir("./file0" [pid 5171] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5172] ioctl(4, LOOP_SET_FD, 3 [pid 5169] <... chdir resumed>) = 0 [pid 5169] ioctl(4, LOOP_CLR_FD) = 0 [pid 5171] <... openat resumed>) = 4 [pid 5171] ioctl(4, LOOP_SET_FD, 3 [pid 5169] close(4) = 0 [pid 5171] <... ioctl resumed>) = 0 [pid 5171] close(3) = 0 [pid 5171] mkdir("./file0", 0777 [pid 5169] exit_group(0) = ? [pid 5169] +++ exited with 0 +++ [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5072] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5072] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5072] fstat(3, [pid 5171] <... mkdir resumed>) = 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5172] <... ioctl resumed>) = 0 [pid 5171] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 62.373764][ T5170] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 62.392101][ T5172] loop5: detected capacity change from 0 to 4096 [ 62.393534][ T5171] loop3: detected capacity change from 0 to 4096 [pid 5072] getdents64(3, [pid 5174] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5172] close(3 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] unlink("./14/binderfs") = 0 [pid 5172] <... close resumed>) = 0 [pid 5072] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] mkdir("./file0", 0777) = 0 [pid 5172] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5170] <... mount resumed>) = 0 [pid 5170] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5173] <... write resumed>) = 2097152 [pid 5170] chdir("./file0" [pid 5173] munmap(0x7f01462f5000, 2097152 [pid 5170] <... chdir resumed>) = 0 [pid 5173] <... munmap resumed>) = 0 [pid 5170] ioctl(4, LOOP_CLR_FD) = 0 [pid 5170] close(4) = 0 [pid 5170] exit_group(0 [pid 5173] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5170] <... exit_group resumed>) = ? [pid 5173] <... openat resumed>) = 4 [ 62.433010][ T5171] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 62.450974][ T5172] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5173] ioctl(4, LOOP_SET_FD, 3 [pid 5170] +++ exited with 0 +++ [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5075] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5075] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5171] <... mount resumed>) = 0 [pid 5075] lstat("./14/binderfs", [pid 5072] <... umount2 resumed>) = 0 [pid 5171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5171] <... openat resumed>) = 3 [pid 5075] unlink("./14/binderfs" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] chdir("./file0") = 0 [pid 5075] <... unlink resumed>) = 0 [pid 5072] lstat("./14/file0", [pid 5171] ioctl(4, LOOP_CLR_FD [pid 5075] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5171] <... ioctl resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5171] close(4 [pid 5072] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5171] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] exit_group(0 [pid 5072] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5171] <... exit_group resumed>) = ? [pid 5072] <... openat resumed>) = 4 [pid 5173] <... ioctl resumed>) = 0 [pid 5171] +++ exited with 0 +++ [pid 5072] fstat(4, [pid 5173] close(3 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5171, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=5 /* 0.05 s */} --- [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5173] <... close resumed>) = 0 [pid 5072] getdents64(4, [pid 5173] mkdir("./file0", 0777 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5173] <... mkdir resumed>) = 0 [pid 5074] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(4, [pid 5173] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5174] <... write resumed>) = 2097152 [pid 5074] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] close(4 [pid 5074] <... openat resumed>) = 3 [pid 5072] <... close resumed>) = 0 [pid 5074] fstat(3, [pid 5072] rmdir("./14/file0" [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5074] getdents64(3, [pid 5072] getdents64(3, [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] close(3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... close resumed>) = 0 [pid 5074] lstat("./14/binderfs", [pid 5072] rmdir("./14" [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5074] unlink("./14/binderfs" [pid 5072] mkdir("./15", 0777 [pid 5074] <... unlink resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5074] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] close(3) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5175 [pid 5174] munmap(0x7f01462f5000, 2097152 [pid 5172] <... mount resumed>) = 0 [pid 5075] <... umount2 resumed>) = 0 [pid 5074] <... umount2 resumed>) = 0 ./strace-static-x86_64: Process 5175 attached [pid 5175] chdir("./15") = 0 [pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5174] <... munmap resumed>) = 0 [pid 5075] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5175] <... prctl resumed>) = 0 [pid 5175] setpgid(0, 0) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5172] <... openat resumed>) = 3 [pid 5075] lstat("./14/file0", [pid 5175] <... openat resumed>) = 3 [pid 5174] <... openat resumed>) = 4 [pid 5172] chdir("./file0" [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 62.500800][ T5173] loop2: detected capacity change from 0 to 4096 [ 62.530761][ T5173] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5175] write(3, "1000", 4 [pid 5174] ioctl(4, LOOP_SET_FD, 3 [pid 5172] <... chdir resumed>) = 0 [pid 5075] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5175] <... write resumed>) = 4 [pid 5172] ioctl(4, LOOP_CLR_FD [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] close(3 [pid 5074] lstat("./14/file0", [pid 5175] <... close resumed>) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5175] symlink("/dev/binderfs", "./binderfs" [pid 5074] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5175] <... symlink resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] memfd_create("syzkaller", 0 [pid 5074] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5175] <... memfd_create resumed>) = 3 [pid 5074] <... openat resumed>) = 4 [pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] fstat(4, [pid 5175] <... mmap resumed>) = 0x7f01462f5000 [pid 5172] <... ioctl resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5172] close(4 [pid 5075] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] getdents64(4, [pid 5172] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] <... openat resumed>) = 4 [pid 5174] close(3 [pid 5172] exit_group(0 [pid 5075] fstat(4, [pid 5074] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5172] <... exit_group resumed>) = ? [pid 5074] close(4 [pid 5075] getdents64(4, [pid 5074] <... close resumed>) = 0 [pid 5074] rmdir("./14/file0") = 0 [pid 5172] +++ exited with 0 +++ [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] getdents64(3, [pid 5174] <... close resumed>) = 0 [pid 5075] getdents64(4, [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5174] mkdir("./file0", 0777 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=3 /* 0.03 s */, si_stime=7 /* 0.07 s */} --- [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] close(3 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5075] close(4 [pid 5074] <... close resumed>) = 0 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] rmdir("./14" [pid 5174] <... mkdir resumed>) = 0 [pid 5173] <... mount resumed>) = 0 [pid 5075] rmdir("./14/file0" [pid 5074] <... rmdir resumed>) = 0 [pid 5173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] mkdir("./15", 0777 [pid 5173] <... openat resumed>) = 3 [pid 5076] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... mkdir resumed>) = 0 [pid 5173] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5173] <... chdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... openat resumed>) = 3 [pid 5173] ioctl(4, LOOP_CLR_FD [pid 5076] <... openat resumed>) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5173] <... ioctl resumed>) = 0 [pid 5076] fstat(3, [pid 5075] <... rmdir resumed>) = 0 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 62.573287][ T5174] loop0: detected capacity change from 0 to 4096 [pid 5174] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5173] close(4 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(3, [pid 5074] close(3 [pid 5173] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... close resumed>) = 0 [pid 5173] exit_group(0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5173] <... exit_group resumed>) = ? [pid 5076] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5173] +++ exited with 0 +++ [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5176 [pid 5076] lstat("./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5076] unlink("./14/binderfs" [pid 5073] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] <... unlink resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5176 attached ) = 3 [pid 5176] chdir("./15" [pid 5073] fstat(3, [pid 5176] <... chdir resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] getdents64(3, [pid 5075] close(3 [pid 5176] <... prctl resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5176] setpgid(0, 0 [pid 5075] <... close resumed>) = 0 [pid 5073] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] <... setpgid resumed>) = 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5075] rmdir("./14" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] <... rmdir resumed>) = 0 [pid 5073] lstat("./15/binderfs", [pid 5176] <... openat resumed>) = 3 [pid 5075] mkdir("./15", 0777 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5176] write(3, "1000", 4 [pid 5073] unlink("./15/binderfs" [pid 5176] <... write resumed>) = 4 [pid 5075] <... mkdir resumed>) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5176] close(3 [pid 5073] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5176] symlink("/dev/binderfs", "./binderfs" [pid 5075] <... openat resumed>) = 3 [pid 5176] <... symlink resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5176] memfd_create("syzkaller", 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5176] <... memfd_create resumed>) = 3 [pid 5075] close(3 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5176] <... mmap resumed>) = 0x7f01462f5000 [ 62.619174][ T5174] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5174] <... mount resumed>) = 0 [pid 5076] lstat("./14/file0", [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5175] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(4, [pid 5174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, ./strace-static-x86_64: Process 5177 attached [pid 5174] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5177 [pid 5177] chdir("./15" [pid 5174] chdir("./file0" [pid 5076] close(4 [pid 5073] <... umount2 resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./14/file0" [pid 5073] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5177] <... chdir resumed>) = 0 [pid 5174] <... chdir resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5174] ioctl(4, LOOP_CLR_FD [pid 5076] getdents64(3, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5174] <... ioctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] lstat("./15/file0", [pid 5177] <... prctl resumed>) = 0 [pid 5177] setpgid(0, 0 [pid 5174] close(4 [pid 5076] close(3 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5174] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5073] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5177] <... setpgid resumed>) = 0 [pid 5174] exit_group(0 [pid 5076] rmdir("./14" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5174] <... exit_group resumed>) = ? [pid 5076] <... rmdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] mkdir("./15", 0777 [pid 5073] <... openat resumed>) = 4 [pid 5177] <... openat resumed>) = 3 [pid 5174] +++ exited with 0 +++ [pid 5076] <... mkdir resumed>) = 0 [pid 5073] fstat(4, [pid 5177] write(3, "1000", 4 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5177] <... write resumed>) = 4 [pid 5076] <... openat resumed>) = 3 [pid 5073] getdents64(4, [pid 5177] close(3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5177] <... close resumed>) = 0 [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] getdents64(4, [pid 5177] symlink("/dev/binderfs", "./binderfs" [pid 5076] close(3 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] <... close resumed>) = 0 [pid 5073] close(4 [pid 5177] <... symlink resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... close resumed>) = 0 [pid 5071] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5177] memfd_create("syzkaller", 0 [pid 5073] rmdir("./15/file0" [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] <... memfd_create resumed>) = 3 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5178 [pid 5073] <... rmdir resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] getdents64(3, [pid 5071] <... openat resumed>) = 3 [pid 5177] <... mmap resumed>) = 0x7f01462f5000 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] fstat(3, [pid 5073] close(3 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... close resumed>) = 0 [pid 5071] getdents64(3, [pid 5073] rmdir("./15" [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] <... rmdir resumed>) = 0 [pid 5071] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] mkdir("./16", 0777 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... mkdir resumed>) = 0 [pid 5071] lstat("./15/binderfs", [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5071] unlink("./15/binderfs" [pid 5176] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5071] <... unlink resumed>) = 0 [pid 5175] <... write resumed>) = 2097152 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(3) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5179 ./strace-static-x86_64: Process 5179 attached ./strace-static-x86_64: Process 5178 attached [pid 5178] chdir("./15" [pid 5071] <... umount2 resumed>) = 0 [pid 5179] chdir("./16" [pid 5178] <... chdir resumed>) = 0 [pid 5175] munmap(0x7f01462f5000, 2097152 [pid 5179] <... chdir resumed>) = 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5175] <... munmap resumed>) = 0 [pid 5071] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5179] setpgid(0, 0 [pid 5178] <... prctl resumed>) = 0 [pid 5179] <... setpgid resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] setpgid(0, 0 [pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5178] <... setpgid resumed>) = 0 [pid 5071] lstat("./15/file0", [pid 5179] write(3, "1000", 4 [pid 5175] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5179] <... write resumed>) = 4 [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5175] <... openat resumed>) = 4 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5179] close(3 [pid 5175] ioctl(4, LOOP_SET_FD, 3 [pid 5179] <... close resumed>) = 0 [pid 5178] <... openat resumed>) = 3 [pid 5177] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5071] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5179] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5178] write(3, "1000", 4 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5179] memfd_create("syzkaller", 0 [pid 5178] <... write resumed>) = 4 [pid 5071] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5179] <... memfd_create resumed>) = 3 [pid 5178] close(3 [pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5178] <... close resumed>) = 0 [pid 5071] <... openat resumed>) = 4 [pid 5179] <... mmap resumed>) = 0x7f01462f5000 [pid 5178] symlink("/dev/binderfs", "./binderfs" [pid 5071] fstat(4, [pid 5178] <... symlink resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5178] memfd_create("syzkaller", 0) = 3 [pid 5071] getdents64(4, [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(4) = 0 [pid 5071] rmdir("./15/file0" [pid 5175] <... ioctl resumed>) = 0 [pid 5175] close(3 [pid 5071] <... rmdir resumed>) = 0 [pid 5175] <... close resumed>) = 0 [pid 5071] getdents64(3, [pid 5175] mkdir("./file0", 0777 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5176] <... write resumed>) = 2097152 [pid 5175] <... mkdir resumed>) = 0 [pid 5071] close(3 [ 62.772748][ T5175] loop1: detected capacity change from 0 to 4096 [pid 5175] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5071] <... close resumed>) = 0 [pid 5071] rmdir("./15") = 0 [pid 5071] mkdir("./16", 0777) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5071] close(3) = 0 [pid 5176] munmap(0x7f01462f5000, 2097152 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5180 [pid 5179] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152./strace-static-x86_64: Process 5180 attached [pid 5176] <... munmap resumed>) = 0 [pid 5176] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5180] chdir("./16" [pid 5176] ioctl(4, LOOP_SET_FD, 3 [pid 5180] <... chdir resumed>) = 0 [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5180] setpgid(0, 0) = 0 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5180] write(3, "1000", 4) = 4 [pid 5180] close(3) = 0 [pid 5180] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5176] <... ioctl resumed>) = 0 [pid 5176] close(3) = 0 [pid 5176] mkdir("./file0", 0777) = 0 [pid 5176] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 62.816493][ T5175] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 62.850981][ T5176] loop3: detected capacity change from 0 to 4096 [pid 5180] memfd_create("syzkaller", 0) = 3 [pid 5177] <... write resumed>) = 2097152 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5177] munmap(0x7f01462f5000, 2097152 [pid 5180] <... mmap resumed>) = 0x7f01462f5000 [pid 5175] <... mount resumed>) = 0 [pid 5175] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5178] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5175] <... openat resumed>) = 3 [pid 5175] chdir("./file0") = 0 [pid 5175] ioctl(4, LOOP_CLR_FD) = 0 [pid 5175] close(4) = 0 [pid 5175] exit_group(0) = ? [pid 5175] +++ exited with 0 +++ [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=0, si_stime=9 /* 0.09 s */} --- [pid 5072] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5177] <... munmap resumed>) = 0 [pid 5072] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5179] <... write resumed>) = 2097152 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5072] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5177] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5072] lstat("./15/binderfs", [pid 5177] <... openat resumed>) = 4 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [ 62.893693][ T5176] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5177] ioctl(4, LOOP_SET_FD, 3 [pid 5072] unlink("./15/binderfs") = 0 [pid 5072] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5179] munmap(0x7f01462f5000, 2097152) = 0 [pid 5179] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5179] ioctl(4, LOOP_SET_FD, 3 [pid 5177] <... ioctl resumed>) = 0 [pid 5177] close(3) = 0 [pid 5176] <... mount resumed>) = 0 [pid 5176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5177] mkdir("./file0", 0777 [pid 5176] <... openat resumed>) = 3 [pid 5177] <... mkdir resumed>) = 0 [pid 5176] chdir("./file0") = 0 [pid 5177] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5176] ioctl(4, LOOP_CLR_FD [pid 5072] <... umount2 resumed>) = 0 [pid 5176] <... ioctl resumed>) = 0 [pid 5072] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] close(4 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5176] <... close resumed>) = 0 [pid 5072] lstat("./15/file0", [pid 5176] exit_group(0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5176] <... exit_group resumed>) = ? [pid 5072] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] <... write resumed>) = 2097152 [pid 5176] +++ exited with 0 +++ [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] munmap(0x7f01462f5000, 2097152 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=2 /* 0.02 s */} --- [pid 5072] <... openat resumed>) = 4 [pid 5179] <... ioctl resumed>) = 0 [pid 5074] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] fstat(4, [pid 5179] close(3 [pid 5178] <... munmap resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5179] <... close resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(4, [pid 5179] mkdir("./file0", 0777 [pid 5074] <... openat resumed>) = 3 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5179] <... mkdir resumed>) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] fstat(3, [pid 5072] getdents64(4, [pid 5179] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5178] <... openat resumed>) = 4 [ 62.950967][ T5177] loop4: detected capacity change from 0 to 4096 [ 62.968054][ T5179] loop2: detected capacity change from 0 to 4096 [ 62.987147][ T5177] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5180] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5178] ioctl(4, LOOP_SET_FD, 3 [pid 5074] getdents64(3, [pid 5072] close(4 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... close resumed>) = 0 [pid 5074] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] rmdir("./15/file0" [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... rmdir resumed>) = 0 [pid 5074] lstat("./15/binderfs", [pid 5072] getdents64(3, [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] unlink("./15/binderfs" [pid 5072] close(3 [pid 5074] <... unlink resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5074] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] rmdir("./15") = 0 [pid 5072] mkdir("./16", 0777 [pid 5074] <... umount2 resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5074] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... openat resumed>) = 3 [pid 5074] lstat("./15/file0", [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] close(3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... close resumed>) = 0 [pid 5178] <... ioctl resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5178] close(3 [pid 5074] <... openat resumed>) = 4 [pid 5178] <... close resumed>) = 0 [pid 5074] fstat(4, [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5181 [ 63.015847][ T5179] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 63.026069][ T5178] loop5: detected capacity change from 0 to 4096 [pid 5178] mkdir("./file0", 0777 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5178] <... mkdir resumed>) = 0 [pid 5074] getdents64(4, [pid 5178] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] getdents64(4, ./strace-static-x86_64: Process 5181 attached 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5181] chdir("./16" [pid 5074] close(4 [pid 5181] <... chdir resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] rmdir("./15/file0" [pid 5181] <... prctl resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5181] setpgid(0, 0 [pid 5074] getdents64(3, [pid 5181] <... setpgid resumed>) = 0 [pid 5177] <... mount resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] close(3 [pid 5181] <... openat resumed>) = 3 [pid 5177] <... openat resumed>) = 3 [pid 5074] <... close resumed>) = 0 [pid 5181] write(3, "1000", 4 [pid 5177] chdir("./file0" [pid 5074] rmdir("./15" [pid 5181] <... write resumed>) = 4 [pid 5177] <... chdir resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5181] close(3 [pid 5177] ioctl(4, LOOP_CLR_FD [pid 5074] mkdir("./16", 0777 [pid 5181] <... close resumed>) = 0 [pid 5177] <... ioctl resumed>) = 0 [pid 5074] <... mkdir resumed>) = 0 [pid 5181] symlink("/dev/binderfs", "./binderfs" [pid 5177] close(4 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5181] <... symlink resumed>) = 0 [pid 5177] <... close resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5181] memfd_create("syzkaller", 0 [pid 5179] <... mount resumed>) = 0 [pid 5177] exit_group(0 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5181] <... memfd_create resumed>) = 3 [pid 5179] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5177] <... exit_group resumed>) = ? [pid 5074] <... ioctl resumed>) = 0 [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5179] <... openat resumed>) = 3 [pid 5177] +++ exited with 0 +++ [pid 5074] close(3 [pid 5181] <... mmap resumed>) = 0x7f01462f5000 [pid 5179] chdir("./file0" [pid 5074] <... close resumed>) = 0 [pid 5179] <... chdir resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=0, si_stime=8 /* 0.08 s */} --- [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5179] ioctl(4, LOOP_CLR_FD [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5179] <... ioctl resumed>) = 0 [pid 5075] <... restart_syscall resumed>) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5182 [pid 5179] close(4) = 0 [ 63.057750][ T5178] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5180] <... write resumed>) = 2097152 [pid 5179] exit_group(0) = ? ./strace-static-x86_64: Process 5182 attached [pid 5179] +++ exited with 0 +++ [pid 5182] chdir("./16" [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5182] <... chdir resumed>) = 0 [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... restart_syscall resumed>) = 0 [pid 5182] <... prctl resumed>) = 0 [pid 5182] setpgid(0, 0) = 0 [pid 5073] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5182] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5182] write(3, "1000", 4 [pid 5073] <... openat resumed>) = 3 [pid 5182] <... write resumed>) = 4 [pid 5075] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] fstat(3, [pid 5182] close(3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5182] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] getdents64(3, [pid 5182] symlink("/dev/binderfs", "./binderfs" [pid 5180] munmap(0x7f01462f5000, 2097152 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5182] <... symlink resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5073] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5182] memfd_create("syzkaller", 0 [pid 5075] fstat(3, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5182] <... memfd_create resumed>) = 3 [pid 5073] lstat("./16/binderfs", [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5182] <... mmap resumed>) = 0x7f01462f5000 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] unlink("./16/binderfs" [pid 5180] <... munmap resumed>) = 0 [pid 5075] getdents64(3, [pid 5073] <... unlink resumed>) = 0 [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5178] <... mount resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5180] <... openat resumed>) = 4 [pid 5178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = 0 [pid 5180] ioctl(4, LOOP_SET_FD, 3 [pid 5178] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] chdir("./file0") = 0 [pid 5178] ioctl(4, LOOP_CLR_FD) = 0 [pid 5178] close(4) = 0 [pid 5178] exit_group(0) = ? [pid 5181] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5180] <... ioctl resumed>) = 0 [pid 5178] +++ exited with 0 +++ [pid 5075] lstat("./15/binderfs", [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5075] unlink("./15/binderfs" [pid 5073] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] <... unlink resumed>) = 0 [pid 5073] lstat("./16/file0", [pid 5075] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5076] getdents64(3, [pid 5073] fstat(4, [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] getdents64(4, [pid 5076] lstat("./15/binderfs", [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] getdents64(4, [pid 5076] unlink("./15/binderfs" [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5073] close(4 [pid 5076] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... close resumed>) = 0 [pid 5073] rmdir("./16/file0") = 0 [pid 5073] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5180] close(3 [pid 5075] <... umount2 resumed>) = 0 [pid 5073] close(3) = 0 [pid 5073] rmdir("./16") = 0 [pid 5073] mkdir("./17", 0777) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [pid 5073] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5073] close(3) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5183 [pid 5180] <... close resumed>) = 0 [pid 5075] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5180] mkdir("./file0", 0777 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5180] <... mkdir resumed>) = 0 [ 63.176413][ T5180] loop0: detected capacity change from 0 to 4096 [pid 5180] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] lstat("./15/file0", ./strace-static-x86_64: Process 5183 attached [pid 5076] lstat("./15/file0", [pid 5183] chdir("./17" [pid 5182] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5183] <... chdir resumed>) = 0 [pid 5076] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5183] <... prctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5183] setpgid(0, 0 [pid 5076] <... openat resumed>) = 4 [pid 5075] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5183] <... setpgid resumed>) = 0 [pid 5076] fstat(4, [pid 5075] <... openat resumed>) = 4 [pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] fstat(4, [pid 5183] <... openat resumed>) = 3 [pid 5076] getdents64(4, [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5183] write(3, "1000", 4 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, [pid 5183] <... write resumed>) = 4 [pid 5076] getdents64(4, [pid 5183] close(3 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5183] <... close resumed>) = 0 [pid 5076] close(4 [pid 5075] getdents64(4, [pid 5183] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5183] <... symlink resumed>) = 0 [pid 5076] rmdir("./15/file0" [pid 5075] close(4 [pid 5183] memfd_create("syzkaller", 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5183] <... memfd_create resumed>) = 3 [pid 5076] getdents64(3, [pid 5075] rmdir("./15/file0" [pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5183] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] close(3 [pid 5075] <... rmdir resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./15" [pid 5075] getdents64(3, [pid 5181] <... write resumed>) = 2097152 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] mkdir("./16", 0777 [pid 5075] close(3 [pid 5076] <... mkdir resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5181] munmap(0x7f01462f5000, 2097152 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] rmdir("./15" [pid 5181] <... munmap resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] <... rmdir resumed>) = 0 [pid 5076] close(3 [pid 5075] mkdir("./16", 0777 [pid 5076] <... close resumed>) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... mkdir resumed>) = 0 [ 63.228788][ T5180] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5184 [pid 5075] <... openat resumed>) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5181] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5181] <... openat resumed>) = 4 [pid 5075] close(3 [pid 5181] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... close resumed>) = 0 ./strace-static-x86_64: Process 5184 attached [pid 5181] <... ioctl resumed>) = 0 [pid 5180] <... mount resumed>) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5184] chdir("./16" [pid 5180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5184] <... chdir resumed>) = 0 [pid 5180] chdir("./file0" [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5185 [pid 5184] <... prctl resumed>) = 0 [pid 5180] <... chdir resumed>) = 0 [pid 5184] setpgid(0, 0 [pid 5180] ioctl(4, LOOP_CLR_FD [pid 5184] <... setpgid resumed>) = 0 [pid 5180] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5185 attached [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5180] close(4 [pid 5185] chdir("./16" [pid 5184] <... openat resumed>) = 3 [pid 5180] <... close resumed>) = 0 [pid 5184] write(3, "1000", 4 [pid 5185] <... chdir resumed>) = 0 [pid 5184] <... write resumed>) = 4 [pid 5180] exit_group(0 [pid 5184] close(3 [pid 5180] <... exit_group resumed>) = ? [pid 5185] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5184] <... close resumed>) = 0 [pid 5182] <... write resumed>) = 2097152 [pid 5180] +++ exited with 0 +++ [pid 5184] symlink("/dev/binderfs", "./binderfs" [pid 5181] close(3 [pid 5185] <... prctl resumed>) = 0 [pid 5185] setpgid(0, 0 [pid 5184] <... symlink resumed>) = 0 [pid 5181] <... close resumed>) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5185] <... setpgid resumed>) = 0 [pid 5184] memfd_create("syzkaller", 0 [pid 5183] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5181] mkdir("./file0", 0777 [pid 5185] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5184] <... memfd_create resumed>) = 3 [pid 5182] munmap(0x7f01462f5000, 2097152 [pid 5181] <... mkdir resumed>) = 0 [pid 5185] <... openat resumed>) = 3 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5182] <... munmap resumed>) = 0 [pid 5181] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5185] write(3, "1000", 4 [pid 5184] <... mmap resumed>) = 0x7f01462f5000 [ 63.299270][ T5181] loop1: detected capacity change from 0 to 4096 [ 63.334964][ T5181] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5185] <... write resumed>) = 4 [pid 5182] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5182] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5071] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] close(3) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5185] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5071] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5182] close(3) = 0 [pid 5185] memfd_create("syzkaller", 0 [pid 5071] <... openat resumed>) = 3 [pid 5071] fstat(3, [pid 5185] <... memfd_create resumed>) = 3 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5185] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] getdents64(3, [pid 5185] <... mmap resumed>) = 0x7f01462f5000 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5182] mkdir("./file0", 0777 [pid 5071] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] unlink("./16/binderfs" [pid 5182] <... mkdir resumed>) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5182] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 63.347976][ T5182] loop3: detected capacity change from 0 to 4096 [pid 5071] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5184] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5183] <... write resumed>) = 2097152 [pid 5183] munmap(0x7f01462f5000, 2097152 [pid 5181] <... mount resumed>) = 0 [pid 5181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5181] chdir("./file0") = 0 [pid 5181] ioctl(4, LOOP_CLR_FD) = 0 [pid 5181] close(4) = 0 [pid 5181] exit_group(0 [pid 5183] <... munmap resumed>) = 0 [pid 5181] <... exit_group resumed>) = ? [pid 5181] +++ exited with 0 +++ [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5072] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5072] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5183] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5183] <... openat resumed>) = 4 [pid 5072] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 63.384882][ T5182] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [pid 5183] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... openat resumed>) = 3 [pid 5072] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5072] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] lstat("./16/file0", [pid 5072] unlink("./16/binderfs") = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] fstat(4, [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5182] <... mount resumed>) = 0 [pid 5071] getdents64(4, [pid 5183] <... ioctl resumed>) = 0 [pid 5182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5183] close(3 [pid 5182] <... openat resumed>) = 3 [pid 5071] close(4 [pid 5183] <... close resumed>) = 0 [pid 5182] chdir("./file0" [pid 5071] <... close resumed>) = 0 [pid 5183] mkdir("./file0", 0777 [pid 5182] <... chdir resumed>) = 0 [pid 5071] rmdir("./16/file0" [pid 5183] <... mkdir resumed>) = 0 [pid 5182] ioctl(4, LOOP_CLR_FD [pid 5072] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... rmdir resumed>) = 0 [pid 5183] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5182] <... ioctl resumed>) = 0 [ 63.435893][ T5183] loop2: detected capacity change from 0 to 4096 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] getdents64(3, [pid 5182] close(4 [pid 5072] lstat("./16/file0", [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5182] <... close resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] close(3 [pid 5182] exit_group(0 [pid 5072] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5182] <... exit_group resumed>) = ? [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] rmdir("./16" [pid 5182] +++ exited with 0 +++ [pid 5072] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... rmdir resumed>) = 0 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5072] <... openat resumed>) = 4 [pid 5071] mkdir("./17", 0777 [pid 5072] fstat(4, [pid 5071] <... mkdir resumed>) = 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5074] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(4, [pid 5071] <... openat resumed>) = 3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5074] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(4, [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... openat resumed>) = 3 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] close(3 [pid 5185] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] fstat(3, [pid 5072] close(4 [pid 5071] <... close resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] getdents64(3, [pid 5072] rmdir("./16/file0" [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5186 [pid 5074] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(3, [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] lstat("./16/binderfs", [pid 5072] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] <... close resumed>) = 0 [pid 5074] unlink("./16/binderfs" [pid 5072] rmdir("./16" [pid 5074] <... unlink resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5186 attached [pid 5074] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] mkdir("./17", 0777 [pid 5186] chdir("./17" [pid 5184] <... write resumed>) = 2097152 [pid 5072] <... mkdir resumed>) = 0 [pid 5186] <... chdir resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5186] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... openat resumed>) = 3 [pid 5186] <... prctl resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5186] setpgid(0, 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5186] <... setpgid resumed>) = 0 [pid 5072] close(3 [pid 5186] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] <... close resumed>) = 0 [pid 5186] <... openat resumed>) = 3 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5186] write(3, "1000", 4) = 4 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5187 [pid 5186] close(3 [pid 5074] <... umount2 resumed>) = 0 [pid 5186] <... close resumed>) = 0 [pid 5186] symlink("/dev/binderfs", "./binderfs" [pid 5074] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5186] <... symlink resumed>) = 0 [ 63.484368][ T5183] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5187 attached [pid 5186] memfd_create("syzkaller", 0 [pid 5074] lstat("./16/file0", [pid 5187] chdir("./17" [pid 5186] <... memfd_create resumed>) = 3 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5187] <... chdir resumed>) = 0 [pid 5186] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5187] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5186] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5187] <... prctl resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5187] setpgid(0, 0 [pid 5074] <... openat resumed>) = 4 [pid 5187] <... setpgid resumed>) = 0 [pid 5074] fstat(4, [pid 5187] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5184] munmap(0x7f01462f5000, 2097152 [pid 5183] <... mount resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5187] <... openat resumed>) = 3 [pid 5183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] getdents64(4, [pid 5187] write(3, "1000", 4 [pid 5183] <... openat resumed>) = 3 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5187] <... write resumed>) = 4 [pid 5183] chdir("./file0" [pid 5074] getdents64(4, [pid 5187] close(3 [pid 5183] <... chdir resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5187] <... close resumed>) = 0 [pid 5183] ioctl(4, LOOP_CLR_FD [pid 5074] close(4 [pid 5187] symlink("/dev/binderfs", "./binderfs" [pid 5184] <... munmap resumed>) = 0 [pid 5183] <... ioctl resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5187] <... symlink resumed>) = 0 [pid 5183] close(4 [pid 5074] rmdir("./16/file0" [pid 5187] memfd_create("syzkaller", 0 [pid 5184] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5183] <... close resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5187] <... memfd_create resumed>) = 3 [pid 5184] <... openat resumed>) = 4 [pid 5183] exit_group(0 [pid 5074] getdents64(3, [pid 5187] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5184] ioctl(4, LOOP_SET_FD, 3 [pid 5183] <... exit_group resumed>) = ? [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5187] <... mmap resumed>) = 0x7f01462f5000 [pid 5183] +++ exited with 0 +++ [pid 5074] close(3) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5074] rmdir("./16" [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5074] <... rmdir resumed>) = 0 [pid 5073] <... restart_syscall resumed>) = 0 [pid 5074] mkdir("./17", 0777 [pid 5185] <... write resumed>) = 2097152 [pid 5074] <... mkdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5073] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] munmap(0x7f01462f5000, 2097152 [pid 5074] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5073] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... openat resumed>) = 3 [pid 5074] close(3 [pid 5073] fstat(3, [pid 5074] <... close resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] getdents64(3, 0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5188 [pid 5073] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./17/binderfs", [pid 5185] <... munmap resumed>) = 0 [pid 5184] <... ioctl resumed>) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5186] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5185] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5184] close(3 [pid 5073] unlink("./17/binderfs"./strace-static-x86_64: Process 5188 attached [pid 5185] <... openat resumed>) = 4 [pid 5184] <... close resumed>) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5188] chdir("./17" [ 63.583564][ T5184] loop5: detected capacity change from 0 to 4096 [pid 5185] ioctl(4, LOOP_SET_FD, 3 [pid 5184] mkdir("./file0", 0777 [pid 5073] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5188] <... chdir resumed>) = 0 [pid 5188] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5184] <... mkdir resumed>) = 0 [pid 5188] setpgid(0, 0 [pid 5184] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5188] <... setpgid resumed>) = 0 [pid 5188] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5188] write(3, "1000", 4) = 4 [pid 5188] close(3) = 0 [pid 5188] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5188] memfd_create("syzkaller", 0 [pid 5185] <... ioctl resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5188] <... memfd_create resumed>) = 3 [pid 5185] close(3 [pid 5188] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5185] <... close resumed>) = 0 [pid 5073] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5188] <... mmap resumed>) = 0x7f01462f5000 [pid 5185] mkdir("./file0", 0777 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5187] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5185] <... mkdir resumed>) = 0 [pid 5073] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5073] fstat(4, [pid 5185] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] close(4) = 0 [pid 5073] rmdir("./17/file0") = 0 [pid 5073] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(3) = 0 [pid 5073] rmdir("./17") = 0 [pid 5073] mkdir("./18", 0777) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 3 [ 63.625625][ T5185] loop4: detected capacity change from 0 to 4096 [ 63.634705][ T5184] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 63.664368][ T5185] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5184] <... mount resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5184] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5184] <... openat resumed>) = 3 [pid 5073] close(3 [pid 5184] chdir("./file0" [pid 5073] <... close resumed>) = 0 [pid 5184] <... chdir resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5184] ioctl(4, LOOP_CLR_FD [pid 5186] <... write resumed>) = 2097152 [pid 5184] <... ioctl resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5189 [pid 5184] close(4) = 0 [pid 5184] exit_group(0) = ? [pid 5184] +++ exited with 0 +++ [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=5 /* 0.05 s */} --- [pid 5076] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5076] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5189 attached [pid 5187] <... write resumed>) = 2097152 [pid 5186] munmap(0x7f01462f5000, 2097152 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5189] chdir("./18" [pid 5185] <... mount resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5189] <... chdir resumed>) = 0 [pid 5076] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(3, [pid 5189] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5185] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5189] <... prctl resumed>) = 0 [pid 5185] <... openat resumed>) = 3 [pid 5076] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5189] setpgid(0, 0 [pid 5186] <... munmap resumed>) = 0 [pid 5185] chdir("./file0" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5186] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5076] lstat("./16/binderfs", [pid 5189] <... setpgid resumed>) = 0 [pid 5186] <... openat resumed>) = 4 [pid 5185] <... chdir resumed>) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5189] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5188] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5186] ioctl(4, LOOP_SET_FD, 3 [pid 5185] ioctl(4, LOOP_CLR_FD [pid 5076] unlink("./16/binderfs" [pid 5189] <... openat resumed>) = 3 [pid 5187] munmap(0x7f01462f5000, 2097152 [pid 5185] <... ioctl resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5189] write(3, "1000", 4 [pid 5187] <... munmap resumed>) = 0 [pid 5185] close(4 [pid 5076] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5189] <... write resumed>) = 4 [pid 5185] <... close resumed>) = 0 [pid 5187] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5189] close(3 [pid 5187] <... openat resumed>) = 4 [pid 5185] exit_group(0 [pid 5189] <... close resumed>) = 0 [pid 5189] symlink("/dev/binderfs", "./binderfs" [pid 5185] <... exit_group resumed>) = ? [pid 5189] <... symlink resumed>) = 0 [pid 5187] ioctl(4, LOOP_SET_FD, 3 [pid 5189] memfd_create("syzkaller", 0 [pid 5185] +++ exited with 0 +++ [pid 5189] <... memfd_create resumed>) = 3 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5185, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5189] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./16/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5186] <... ioctl resumed>) = 0 [pid 5076] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5186] close(3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5186] <... close resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5188] <... write resumed>) = 2097152 [pid 5186] mkdir("./file0", 0777 [pid 5076] <... openat resumed>) = 4 [pid 5186] <... mkdir resumed>) = 0 [pid 5076] fstat(4, [pid 5186] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [ 63.760635][ T5186] loop0: detected capacity change from 0 to 4096 [ 63.781820][ T5187] loop1: detected capacity change from 0 to 4096 [pid 5076] getdents64(4, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5187] <... ioctl resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5187] close(3 [pid 5076] getdents64(4, [pid 5075] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5075] <... openat resumed>) = 3 [pid 5187] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./16/file0" [pid 5075] fstat(3, [pid 5187] mkdir("./file0", 0777 [pid 5076] <... rmdir resumed>) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(3, [pid 5075] getdents64(3, [pid 5187] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5076] close(3 [pid 5187] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5076] <... close resumed>) = 0 [pid 5075] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5076] rmdir("./16") = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] mkdir("./17", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5190 ./strace-static-x86_64: Process 5190 attached [pid 5189] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5188] munmap(0x7f01462f5000, 2097152 [pid 5075] lstat("./16/binderfs", [pid 5190] chdir("./17" [pid 5188] <... munmap resumed>) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5190] <... chdir resumed>) = 0 [pid 5075] unlink("./16/binderfs" [pid 5190] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5075] <... unlink resumed>) = 0 [pid 5190] <... prctl resumed>) = 0 [pid 5075] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5190] setpgid(0, 0) = 0 [pid 5190] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5190] write(3, "1000", 4 [pid 5188] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5190] <... write resumed>) = 4 [pid 5188] <... openat resumed>) = 4 [pid 5190] close(3 [ 63.808059][ T5186] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 63.839473][ T5187] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5188] ioctl(4, LOOP_SET_FD, 3 [pid 5190] <... close resumed>) = 0 [pid 5190] symlink("/dev/binderfs", "./binderfs" [pid 5187] <... mount resumed>) = 0 [pid 5190] <... symlink resumed>) = 0 [pid 5190] memfd_create("syzkaller", 0) = 3 [pid 5187] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5190] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5187] <... openat resumed>) = 3 [pid 5075] <... umount2 resumed>) = 0 [pid 5187] chdir("./file0" [pid 5075] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5187] <... chdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5188] <... ioctl resumed>) = 0 [pid 5187] ioctl(4, LOOP_CLR_FD) = 0 [pid 5075] lstat("./16/file0", [pid 5187] close(4 [pid 5186] <... mount resumed>) = 0 [pid 5187] <... close resumed>) = 0 [pid 5186] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5186] chdir("./file0") = 0 [pid 5186] ioctl(4, LOOP_CLR_FD) = 0 [pid 5186] close(4) = 0 [pid 5186] exit_group(0) = ? [pid 5188] close(3 [pid 5186] +++ exited with 0 +++ [pid 5188] <... close resumed>) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5186, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5188] mkdir("./file0", 0777 [pid 5187] exit_group(0 [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5189] <... write resumed>) = 2097152 [pid 5187] <... exit_group resumed>) = ? [pid 5075] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5188] <... mkdir resumed>) = 0 [ 63.875557][ T5188] loop3: detected capacity change from 0 to 4096 [pid 5189] munmap(0x7f01462f5000, 2097152 [pid 5188] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5187] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5189] <... munmap resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5189] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5075] <... openat resumed>) = 4 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5187, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5071] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5189] <... openat resumed>) = 4 [pid 5075] fstat(4, [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] <... openat resumed>) = 3 [pid 5189] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] getdents64(3, [pid 5072] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5189] <... ioctl resumed>) = 0 [pid 5075] getdents64(4, [pid 5072] <... openat resumed>) = 3 [pid 5071] lstat("./17/binderfs", [pid 5189] close(3 [pid 5072] fstat(3, [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5189] <... close resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] unlink("./17/binderfs" [pid 5189] mkdir("./file0", 0777 [pid 5075] getdents64(4, [pid 5072] getdents64(3, [pid 5071] <... unlink resumed>) = 0 [pid 5189] <... mkdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5189] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] close(4 [pid 5072] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] unlink("./17/binderfs") = 0 [ 63.941688][ T5188] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 63.968312][ T5189] loop2: detected capacity change from 0 to 4096 [pid 5072] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5190] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5075] <... close resumed>) = 0 [pid 5075] rmdir("./16/file0") = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5075] close(3 [pid 5072] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] rmdir("./16" [pid 5072] lstat("./17/file0", [pid 5071] lstat("./17/file0", [pid 5075] <... rmdir resumed>) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] mkdir("./17", 0777 [pid 5072] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... mkdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5072] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... openat resumed>) = 3 [pid 5072] <... openat resumed>) = 4 [pid 5071] <... openat resumed>) = 4 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5072] fstat(4, [pid 5071] fstat(4, [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 63.985174][ T5189] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] close(3 [pid 5072] getdents64(4, [pid 5071] getdents64(4, [pid 5075] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5188] <... mount resumed>) = 0 [pid 5072] getdents64(4, [pid 5071] getdents64(4, [pid 5188] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5188] <... openat resumed>) = 3 [pid 5072] close(4 [pid 5071] close(4 [pid 5188] chdir("./file0" [pid 5072] <... close resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5188] <... chdir resumed>) = 0 [pid 5072] rmdir("./17/file0" [pid 5071] rmdir("./17/file0" [pid 5188] ioctl(4, LOOP_CLR_FD [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5188] <... ioctl resumed>) = 0 [pid 5072] getdents64(3, [pid 5071] getdents64(3, [pid 5188] close(4 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5188] <... close resumed>) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] close(3 [pid 5071] close(3 [pid 5188] exit_group(0 [pid 5072] <... close resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5188] <... exit_group resumed>) = ? [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5191 [pid 5072] rmdir("./17" [pid 5071] rmdir("./17" [pid 5188] +++ exited with 0 +++ [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5188, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5072] mkdir("./18", 0777 [pid 5071] mkdir("./18", 0777 [pid 5189] <... mount resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5191 attached [pid 5190] <... write resumed>) = 2097152 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5191] chdir("./17" [pid 5189] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5191] <... chdir resumed>) = 0 [pid 5189] <... openat resumed>) = 3 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5191] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5189] chdir("./file0" [pid 5074] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5191] <... prctl resumed>) = 0 [pid 5189] <... chdir resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5072] close(3 [pid 5071] close(3 [pid 5191] setpgid(0, 0 [pid 5189] ioctl(4, LOOP_CLR_FD [pid 5074] fstat(3, [pid 5072] <... close resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5191] <... setpgid resumed>) = 0 [pid 5189] <... ioctl resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5191] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5189] close(4 [pid 5074] getdents64(3, [pid 5191] <... openat resumed>) = 3 [pid 5189] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5192 [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5193 [pid 5191] write(3, "1000", 4 [pid 5190] munmap(0x7f01462f5000, 2097152 [pid 5189] exit_group(0 [pid 5074] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5191] <... write resumed>) = 4 [pid 5190] <... munmap resumed>) = 0 [pid 5189] <... exit_group resumed>) = ? [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5191] close(3 [pid 5074] lstat("./17/binderfs", ./strace-static-x86_64: Process 5193 attached [pid 5191] <... close resumed>) = 0 [pid 5189] +++ exited with 0 +++ [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5193] chdir("./18" [pid 5191] symlink("/dev/binderfs", "./binderfs" [pid 5074] unlink("./17/binderfs" [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5189, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=3 /* 0.03 s */} --- [pid 5193] <... chdir resumed>) = 0 [pid 5191] <... symlink resumed>) = 0 [pid 5074] <... unlink resumed>) = 0 [pid 5193] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5191] memfd_create("syzkaller", 0 [pid 5190] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5074] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5192 attached [pid 5193] <... prctl resumed>) = 0 [pid 5191] <... memfd_create resumed>) = 3 [pid 5190] <... openat resumed>) = 4 [pid 5073] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5193] setpgid(0, 0 [pid 5191] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5190] ioctl(4, LOOP_SET_FD, 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5193] <... setpgid resumed>) = 0 [pid 5192] chdir("./18" [pid 5191] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... umount2 resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5193] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5192] <... chdir resumed>) = 0 [pid 5074] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... openat resumed>) = 3 [pid 5193] <... openat resumed>) = 3 [pid 5192] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] fstat(3, [pid 5193] write(3, "1000", 4 [pid 5074] lstat("./17/file0", [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5193] <... write resumed>) = 4 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(3, [pid 5193] close(3 [pid 5074] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5193] <... close resumed>) = 0 [pid 5192] <... prctl resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5193] symlink("/dev/binderfs", "./binderfs" [pid 5192] setpgid(0, 0 [pid 5074] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5193] <... symlink resumed>) = 0 [pid 5192] <... setpgid resumed>) = 0 [pid 5074] <... openat resumed>) = 4 [pid 5073] lstat("./18/binderfs", [pid 5193] memfd_create("syzkaller", 0 [pid 5192] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] fstat(4, [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5193] <... memfd_create resumed>) = 3 [pid 5190] <... ioctl resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] unlink("./18/binderfs" [pid 5193] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5192] <... openat resumed>) = 3 [pid 5190] close(3 [pid 5074] getdents64(4, [pid 5073] <... unlink resumed>) = 0 [pid 5193] <... mmap resumed>) = 0x7f01462f5000 [pid 5192] write(3, "1000", 4 [pid 5190] <... close resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5192] <... write resumed>) = 4 [pid 5191] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5190] mkdir("./file0", 0777 [pid 5074] getdents64(4, [pid 5192] close(3 [pid 5190] <... mkdir resumed>) = 0 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... umount2 resumed>) = 0 [ 64.118823][ T5190] loop5: detected capacity change from 0 to 4096 [pid 5192] <... close resumed>) = 0 [pid 5190] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5074] close(4 [pid 5073] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5192] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5192] <... symlink resumed>) = 0 [pid 5074] rmdir("./17/file0" [pid 5073] lstat("./18/file0", [pid 5192] memfd_create("syzkaller", 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5192] <... memfd_create resumed>) = 3 [pid 5074] getdents64(3, [pid 5073] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5192] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5192] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] close(3 [pid 5073] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5074] rmdir("./17" [pid 5073] fstat(4, [pid 5074] <... rmdir resumed>) = 0 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] mkdir("./18", 0777 [pid 5073] getdents64(4, [pid 5074] <... mkdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5073] getdents64(4, [pid 5074] <... openat resumed>) = 3 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5073] close(4 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... close resumed>) = 0 [pid 5074] close(3 [pid 5073] rmdir("./18/file0" [pid 5074] <... close resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5194 [pid 5073] close(3) = 0 [pid 5073] rmdir("./18") = 0 [pid 5073] mkdir("./19", 0777./strace-static-x86_64: Process 5194 attached ) = 0 [pid 5194] chdir("./18" [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5194] <... chdir resumed>) = 0 [ 64.172013][ T5190] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5073] <... openat resumed>) = 3 [pid 5194] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5194] <... prctl resumed>) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5194] setpgid(0, 0 [pid 5073] close(3 [pid 5194] <... setpgid resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5194] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5194] <... openat resumed>) = 3 [pid 5194] write(3, "1000", 4 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5195 [pid 5194] <... write resumed>) = 4 [pid 5194] close(3 [pid 5193] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5194] <... close resumed>) = 0 ./strace-static-x86_64: Process 5195 attached [pid 5194] symlink("/dev/binderfs", "./binderfs" [pid 5195] chdir("./19" [pid 5194] <... symlink resumed>) = 0 [pid 5192] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5191] <... write resumed>) = 2097152 [pid 5195] <... chdir resumed>) = 0 [pid 5194] memfd_create("syzkaller", 0 [pid 5193] <... write resumed>) = 2097152 [pid 5190] <... mount resumed>) = 0 [pid 5194] <... memfd_create resumed>) = 3 [pid 5191] munmap(0x7f01462f5000, 2097152 [pid 5195] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5194] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5195] <... prctl resumed>) = 0 [pid 5193] munmap(0x7f01462f5000, 2097152 [pid 5191] <... munmap resumed>) = 0 [pid 5190] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5195] setpgid(0, 0 [pid 5193] <... munmap resumed>) = 0 [pid 5191] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5195] <... setpgid resumed>) = 0 [pid 5193] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5191] <... openat resumed>) = 4 [pid 5190] <... openat resumed>) = 3 [pid 5195] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5193] <... openat resumed>) = 4 [pid 5191] ioctl(4, LOOP_SET_FD, 3 [pid 5190] chdir("./file0" [pid 5195] <... openat resumed>) = 3 [pid 5190] <... chdir resumed>) = 0 [pid 5195] write(3, "1000", 4 [pid 5190] ioctl(4, LOOP_CLR_FD [pid 5195] <... write resumed>) = 4 [pid 5193] ioctl(4, LOOP_SET_FD, 3 [pid 5195] close(3 [pid 5190] <... ioctl resumed>) = 0 [pid 5190] close(4 [pid 5195] <... close resumed>) = 0 [pid 5190] <... close resumed>) = 0 [pid 5190] exit_group(0 [pid 5195] symlink("/dev/binderfs", "./binderfs" [pid 5190] <... exit_group resumed>) = ? [pid 5195] <... symlink resumed>) = 0 [pid 5193] <... ioctl resumed>) = 0 [pid 5190] +++ exited with 0 +++ [pid 5195] memfd_create("syzkaller", 0 [pid 5193] close(3 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5190, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=6 /* 0.06 s */} --- [pid 5195] <... memfd_create resumed>) = 3 [pid 5193] <... close resumed>) = 0 [pid 5192] <... write resumed>) = 2097152 [pid 5076] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5193] mkdir("./file0", 0777 [pid 5192] munmap(0x7f01462f5000, 2097152 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] <... mmap resumed>) = 0x7f01462f5000 [pid 5193] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5191] <... ioctl resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5191] close(3 [pid 5076] fstat(3, [pid 5191] <... close resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5191] mkdir("./file0", 0777 [pid 5076] getdents64(3, [pid 5191] <... mkdir resumed>) = 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5191] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 64.293018][ T5191] loop4: detected capacity change from 0 to 4096 [ 64.306715][ T5193] loop0: detected capacity change from 0 to 4096 [pid 5076] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5193] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5192] <... munmap resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5194] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5192] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5076] lstat("./17/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5076] unlink("./17/binderfs") = 0 [pid 5192] <... openat resumed>) = 4 [pid 5076] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5192] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... umount2 resumed>) = 0 [pid 5076] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5076] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5076] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] close(4 [pid 5192] <... ioctl resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./17/file0" [pid 5195] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5192] close(3 [pid 5076] <... rmdir resumed>) = 0 [pid 5192] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5192] mkdir("./file0", 0777 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5192] <... mkdir resumed>) = 0 [pid 5076] close(3 [pid 5192] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./17") = 0 [ 64.335628][ T5191] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 64.349718][ T5193] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 64.362050][ T5192] loop1: detected capacity change from 0 to 4096 [pid 5076] mkdir("./18", 0777) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5196 ./strace-static-x86_64: Process 5196 attached [pid 5196] chdir("./18") = 0 [pid 5196] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5196] setpgid(0, 0 [pid 5194] <... write resumed>) = 2097152 [pid 5196] <... setpgid resumed>) = 0 [pid 5196] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5191] <... mount resumed>) = 0 [pid 5196] write(3, "1000", 4 [pid 5191] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5196] <... write resumed>) = 4 [pid 5194] munmap(0x7f01462f5000, 2097152 [pid 5191] <... openat resumed>) = 3 [pid 5196] close(3 [pid 5194] <... munmap resumed>) = 0 [pid 5193] <... mount resumed>) = 0 [pid 5191] chdir("./file0" [pid 5196] <... close resumed>) = 0 [pid 5196] symlink("/dev/binderfs", "./binderfs" [pid 5193] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5191] <... chdir resumed>) = 0 [pid 5196] <... symlink resumed>) = 0 [pid 5193] <... openat resumed>) = 3 [pid 5191] ioctl(4, LOOP_CLR_FD [pid 5196] memfd_create("syzkaller", 0 [pid 5194] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5193] chdir("./file0" [pid 5191] <... ioctl resumed>) = 0 [pid 5196] <... memfd_create resumed>) = 3 [pid 5194] <... openat resumed>) = 4 [pid 5193] <... chdir resumed>) = 0 [pid 5191] close(4 [pid 5196] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5194] ioctl(4, LOOP_SET_FD, 3 [pid 5193] ioctl(4, LOOP_CLR_FD [pid 5191] <... close resumed>) = 0 [ 64.383334][ T5192] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5196] <... mmap resumed>) = 0x7f01462f5000 [pid 5193] <... ioctl resumed>) = 0 [pid 5191] exit_group(0 [pid 5195] <... write resumed>) = 2097152 [pid 5193] close(4 [pid 5192] <... mount resumed>) = 0 [pid 5191] <... exit_group resumed>) = ? [pid 5193] <... close resumed>) = 0 [pid 5191] +++ exited with 0 +++ [pid 5193] exit_group(0) = ? [pid 5192] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5191, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5193] +++ exited with 0 +++ [pid 5075] <... restart_syscall resumed>) = 0 [pid 5195] munmap(0x7f01462f5000, 2097152 [pid 5192] <... openat resumed>) = 3 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5193, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5192] chdir("./file0") = 0 [pid 5075] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5192] ioctl(4, LOOP_CLR_FD [pid 5075] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5192] <... ioctl resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5194] <... ioctl resumed>) = 0 [pid 5192] close(4 [pid 5075] fstat(3, [pid 5071] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5194] close(3 [pid 5192] <... close resumed>) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] <... munmap resumed>) = 0 [pid 5194] <... close resumed>) = 0 [pid 5192] exit_group(0 [pid 5075] getdents64(3, [pid 5071] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5194] mkdir("./file0", 0777 [pid 5192] <... exit_group resumed>) = ? [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] <... openat resumed>) = 3 [pid 5194] <... mkdir resumed>) = 0 [pid 5075] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5192] +++ exited with 0 +++ [ 64.444888][ T5194] loop3: detected capacity change from 0 to 4096 [pid 5071] fstat(3, [pid 5194] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5192, si_uid=0, si_status=0, si_utime=0, si_stime=6 /* 0.06 s */} --- [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5195] <... openat resumed>) = 4 [pid 5075] lstat("./17/binderfs", [pid 5071] getdents64(3, [pid 5196] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5195] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5075] unlink("./17/binderfs" [pid 5071] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... unlink resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] lstat("./18/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] unlink("./18/binderfs" [pid 5072] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... unlink resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... ioctl resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = 0 [pid 5195] close(3 [pid 5072] <... openat resumed>) = 3 [pid 5071] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5195] <... close resumed>) = 0 [pid 5072] fstat(3, [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5195] mkdir("./file0", 0777 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] lstat("./18/file0", [pid 5195] <... mkdir resumed>) = 0 [pid 5072] getdents64(3, [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [ 64.494744][ T5194] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 64.514978][ T5195] loop2: detected capacity change from 0 to 4096 [pid 5195] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... openat resumed>) = 4 [pid 5072] lstat("./18/binderfs", [pid 5071] fstat(4, [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] unlink("./18/binderfs" [pid 5071] getdents64(4, [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] getdents64(4, [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5194] <... mount resumed>) = 0 [pid 5075] lstat("./17/file0", [pid 5071] close(4 [pid 5194] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... close resumed>) = 0 [pid 5194] <... openat resumed>) = 3 [pid 5075] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] rmdir("./18/file0" [pid 5194] chdir("./file0" [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... rmdir resumed>) = 0 [pid 5194] <... chdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] getdents64(3, [pid 5194] ioctl(4, LOOP_CLR_FD [pid 5075] <... openat resumed>) = 4 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5194] <... ioctl resumed>) = 0 [pid 5075] fstat(4, [pid 5071] close(3 [pid 5194] close(4 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5194] <... close resumed>) = 0 [pid 5075] getdents64(4, [pid 5071] rmdir("./18" [pid 5194] exit_group(0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... rmdir resumed>) = 0 [pid 5194] <... exit_group resumed>) = ? [pid 5075] getdents64(4, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] mkdir("./19", 0777 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] lstat("./18/file0", [pid 5071] <... mkdir resumed>) = 0 [pid 5194] +++ exited with 0 +++ [pid 5075] close(4 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5075] <... close resumed>) = 0 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5194, si_uid=0, si_status=0, si_utime=0, si_stime=11 /* 0.11 s */} --- [pid 5072] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... openat resumed>) = 3 [pid 5075] rmdir("./17/file0" [pid 5074] restart_syscall(<... resuming interrupted clone ...> [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5075] <... rmdir resumed>) = 0 [pid 5074] <... restart_syscall resumed>) = 0 [ 64.553329][ T5195] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5072] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5075] getdents64(3, [pid 5072] <... openat resumed>) = 4 [pid 5071] close(3 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] fstat(4, [pid 5071] <... close resumed>) = 0 [pid 5075] close(3 [pid 5074] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] <... close resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] getdents64(4, [pid 5195] <... mount resumed>) = 0 [pid 5075] rmdir("./17" [pid 5074] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5197 ./strace-static-x86_64: Process 5197 attached [pid 5196] <... write resumed>) = 2097152 [pid 5195] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... rmdir resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5072] getdents64(4, [pid 5197] chdir("./19" [pid 5196] munmap(0x7f01462f5000, 2097152 [pid 5195] <... openat resumed>) = 3 [pid 5075] mkdir("./18", 0777 [pid 5074] fstat(3, [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5197] <... chdir resumed>) = 0 [pid 5195] chdir("./file0" [pid 5075] <... mkdir resumed>) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] close(4 [pid 5197] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5196] <... munmap resumed>) = 0 [pid 5195] <... chdir resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5074] getdents64(3, [pid 5072] <... close resumed>) = 0 [pid 5197] <... prctl resumed>) = 0 [pid 5196] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5195] ioctl(4, LOOP_CLR_FD [pid 5075] <... openat resumed>) = 3 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] rmdir("./18/file0" [pid 5197] setpgid(0, 0 [pid 5196] <... openat resumed>) = 4 [pid 5195] <... ioctl resumed>) = 0 [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5074] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... rmdir resumed>) = 0 [pid 5197] <... setpgid resumed>) = 0 [pid 5196] ioctl(4, LOOP_SET_FD, 3 [pid 5195] close(4 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] getdents64(3, [pid 5197] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] close(3 [pid 5074] lstat("./18/binderfs", [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] close(3 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] unlink("./18/binderfs" [pid 5072] <... close resumed>) = 0 [pid 5195] <... close resumed>) = 0 [pid 5074] <... unlink resumed>) = 0 [pid 5072] rmdir("./18" [pid 5195] exit_group(0 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5198 [pid 5074] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... rmdir resumed>) = 0 [pid 5197] <... openat resumed>) = 3 [pid 5195] <... exit_group resumed>) = ? [pid 5072] mkdir("./19", 0777 [pid 5197] write(3, "1000", 4 [pid 5195] +++ exited with 0 +++ [pid 5072] <... mkdir resumed>) = 0 [pid 5197] <... write resumed>) = 4 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5195, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=3 /* 0.03 s */} --- [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5198 attached [pid 5197] close(3 [pid 5196] <... ioctl resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5198] chdir("./18" [pid 5197] <... close resumed>) = 0 [pid 5196] close(3 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5198] <... chdir resumed>) = 0 [pid 5197] symlink("/dev/binderfs", "./binderfs" [pid 5196] <... close resumed>) = 0 [pid 5073] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5198] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] <... umount2 resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] close(3 [pid 5198] <... prctl resumed>) = 0 [pid 5197] <... symlink resumed>) = 0 [pid 5196] mkdir("./file0", 0777 [pid 5073] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... close resumed>) = 0 [pid 5198] setpgid(0, 0 [pid 5196] <... mkdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5198] <... setpgid resumed>) = 0 [pid 5197] memfd_create("syzkaller", 0 [pid 5196] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5073] fstat(3, [pid 5198] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5197] <... memfd_create resumed>) = 3 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5199 [pid 5198] <... openat resumed>) = 3 [pid 5074] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(3, [pid 5198] write(3, "1000", 4 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5198] <... write resumed>) = 4 [pid 5074] lstat("./18/file0", [pid 5073] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5198] close(3 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5199 attached [pid 5198] <... close resumed>) = 0 [pid 5074] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] lstat("./19/binderfs", [pid 5199] chdir("./19" [pid 5198] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5197] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5199] <... chdir resumed>) = 0 [pid 5198] <... symlink resumed>) = 0 [pid 5074] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] unlink("./19/binderfs" [pid 5199] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5198] memfd_create("syzkaller", 0 [pid 5197] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... openat resumed>) = 4 [pid 5073] <... unlink resumed>) = 0 [pid 5199] <... prctl resumed>) = 0 [pid 5198] <... memfd_create resumed>) = 3 [pid 5074] fstat(4, [pid 5073] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5199] setpgid(0, 0 [pid 5198] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5199] <... setpgid resumed>) = 0 [pid 5198] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] getdents64(4, [pid 5199] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5199] <... openat resumed>) = 3 [pid 5074] getdents64(4, [ 64.642527][ T5196] loop5: detected capacity change from 0 to 4096 [ 64.681402][ T5196] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5199] write(3, "1000", 4 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5199] <... write resumed>) = 4 [pid 5074] close(4 [pid 5199] close(3 [pid 5074] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5199] <... close resumed>) = 0 [pid 5074] rmdir("./18/file0" [pid 5199] symlink("/dev/binderfs", "./binderfs" [pid 5074] <... rmdir resumed>) = 0 [pid 5199] <... symlink resumed>) = 0 [pid 5074] getdents64(3, [pid 5199] memfd_create("syzkaller", 0 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5199] <... memfd_create resumed>) = 3 [pid 5074] close(3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5199] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] <... close resumed>) = 0 [pid 5073] lstat("./19/file0", [pid 5199] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] rmdir("./18" [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5196] <... mount resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5073] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5196] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] mkdir("./19", 0777 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5197] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5196] <... openat resumed>) = 3 [pid 5074] <... mkdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5196] chdir("./file0" [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5073] <... openat resumed>) = 4 [pid 5196] <... chdir resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5073] fstat(4, [pid 5196] ioctl(4, LOOP_CLR_FD [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5196] <... ioctl resumed>) = 0 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] getdents64(4, [pid 5196] close(4 [pid 5074] close(3 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5196] <... close resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5196] exit_group(0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] getdents64(4, [pid 5196] <... exit_group resumed>) = ? [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5200 [pid 5196] +++ exited with 0 +++ [pid 5073] close(4 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5196, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5073] <... close resumed>) = 0 [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5073] rmdir("./19/file0" [pid 5076] <... restart_syscall resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5073] getdents64(3, [pid 5076] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] close(3 [pid 5076] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... close resumed>) = 0 [pid 5076] <... openat resumed>) = 3 [pid 5073] rmdir("./19"./strace-static-x86_64: Process 5200 attached [pid 5076] fstat(3, [pid 5200] chdir("./19" [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5200] <... chdir resumed>) = 0 [pid 5198] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] getdents64(3, [pid 5073] mkdir("./20", 0777 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5200] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... mkdir resumed>) = 0 [pid 5200] <... prctl resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5200] setpgid(0, 0 [pid 5076] lstat("./18/binderfs", [pid 5073] <... openat resumed>) = 3 [pid 5200] <... setpgid resumed>) = 0 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5200] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5199] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] unlink("./18/binderfs" [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5200] <... openat resumed>) = 3 [pid 5076] <... unlink resumed>) = 0 [pid 5073] close(3 [pid 5076] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] write(3, "1000", 4 [pid 5073] <... close resumed>) = 0 [pid 5200] <... write resumed>) = 4 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5200] close(3) = 0 [pid 5200] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5201 [pid 5200] <... symlink resumed>) = 0 [pid 5200] memfd_create("syzkaller", 0) = 3 ./strace-static-x86_64: Process 5201 attached [pid 5200] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... umount2 resumed>) = 0 [pid 5200] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5201] chdir("./20" [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5201] <... chdir resumed>) = 0 [pid 5076] lstat("./18/file0", [pid 5201] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5201] <... prctl resumed>) = 0 [pid 5076] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5201] setpgid(0, 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5201] <... setpgid resumed>) = 0 [pid 5197] <... write resumed>) = 2097152 [pid 5076] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5201] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5197] munmap(0x7f01462f5000, 2097152 [pid 5076] <... openat resumed>) = 4 [pid 5201] <... openat resumed>) = 3 [pid 5197] <... munmap resumed>) = 0 [pid 5076] fstat(4, [pid 5201] write(3, "1000", 4 [pid 5197] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5201] <... write resumed>) = 4 [pid 5197] <... openat resumed>) = 4 [pid 5076] getdents64(4, [pid 5201] close(3 [pid 5197] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5201] <... close resumed>) = 0 [pid 5076] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] close(4) = 0 [pid 5076] rmdir("./18/file0") = 0 [pid 5076] getdents64(3, [pid 5201] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] close(3 [pid 5201] <... symlink resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5076] rmdir("./18" [pid 5201] memfd_create("syzkaller", 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./19", 0777 [pid 5201] <... memfd_create resumed>) = 3 [pid 5201] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5201] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5198] <... write resumed>) = 2097152 [pid 5076] <... openat resumed>) = 3 [pid 5198] munmap(0x7f01462f5000, 2097152 [pid 5076] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5199] <... write resumed>) = 2097152 [pid 5198] <... munmap resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5202 [pid 5197] <... ioctl resumed>) = 0 [pid 5197] close(3) = 0 ./strace-static-x86_64: Process 5202 attached [pid 5198] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5197] mkdir("./file0", 0777 [pid 5202] chdir("./19" [pid 5198] <... openat resumed>) = 4 [pid 5197] <... mkdir resumed>) = 0 [pid 5202] <... chdir resumed>) = 0 [pid 5198] ioctl(4, LOOP_SET_FD, 3 [ 64.860077][ T5197] loop0: detected capacity change from 0 to 4096 [pid 5197] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5200] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5202] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5202] setpgid(0, 0) = 0 [pid 5199] munmap(0x7f01462f5000, 2097152 [pid 5202] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5199] <... munmap resumed>) = 0 [pid 5202] <... openat resumed>) = 3 [pid 5202] write(3, "1000", 4) = 4 [pid 5202] close(3) = 0 [pid 5202] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5199] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5202] memfd_create("syzkaller", 0 [pid 5199] <... openat resumed>) = 4 [pid 5202] <... memfd_create resumed>) = 3 [pid 5199] ioctl(4, LOOP_SET_FD, 3 [pid 5202] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5201] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5202] <... mmap resumed>) = 0x7f01462f5000 [pid 5199] <... ioctl resumed>) = 0 [pid 5199] close(3) = 0 [pid 5199] mkdir("./file0", 0777) = 0 [ 64.909013][ T5197] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 64.909181][ T5198] loop4: detected capacity change from 0 to 4096 [ 64.948473][ T5199] loop1: detected capacity change from 0 to 4096 [pid 5199] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5200] <... write resumed>) = 2097152 [pid 5200] munmap(0x7f01462f5000, 2097152 [pid 5198] <... ioctl resumed>) = 0 [pid 5198] close(3) = 0 [pid 5198] mkdir("./file0", 0777 [pid 5197] <... mount resumed>) = 0 [pid 5198] <... mkdir resumed>) = 0 [pid 5200] <... munmap resumed>) = 0 [pid 5198] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5197] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5202] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5201] <... write resumed>) = 2097152 [pid 5200] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5197] <... openat resumed>) = 3 [pid 5201] munmap(0x7f01462f5000, 2097152 [pid 5200] <... openat resumed>) = 4 [pid 5197] chdir("./file0" [pid 5201] <... munmap resumed>) = 0 [pid 5200] ioctl(4, LOOP_SET_FD, 3 [pid 5197] <... chdir resumed>) = 0 [ 64.972163][ T5199] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 64.995623][ T5198] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5201] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5197] ioctl(4, LOOP_CLR_FD [pid 5201] <... openat resumed>) = 4 [pid 5200] <... ioctl resumed>) = 0 [pid 5201] ioctl(4, LOOP_SET_FD, 3 [pid 5200] close(3 [pid 5197] <... ioctl resumed>) = 0 [pid 5198] <... mount resumed>) = 0 [pid 5198] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5200] <... close resumed>) = 0 [pid 5198] <... openat resumed>) = 3 [pid 5197] close(4 [pid 5200] mkdir("./file0", 0777 [pid 5198] chdir("./file0" [pid 5197] <... close resumed>) = 0 [pid 5198] <... chdir resumed>) = 0 [pid 5198] ioctl(4, LOOP_CLR_FD) = 0 [pid 5198] close(4) = 0 [pid 5198] exit_group(0 [pid 5201] <... ioctl resumed>) = 0 [pid 5200] <... mkdir resumed>) = 0 [pid 5198] <... exit_group resumed>) = ? [pid 5197] exit_group(0 [pid 5201] close(3 [pid 5200] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5199] <... mount resumed>) = 0 [pid 5198] +++ exited with 0 +++ [pid 5197] <... exit_group resumed>) = ? [pid 5201] <... close resumed>) = 0 [pid 5201] mkdir("./file0", 0777 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5198, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=10 /* 0.10 s */} --- [pid 5201] <... mkdir resumed>) = 0 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5201] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5075] <... restart_syscall resumed>) = 0 [pid 5202] <... write resumed>) = 2097152 [pid 5199] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5197] +++ exited with 0 +++ [pid 5199] <... openat resumed>) = 3 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5197, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=7 /* 0.07 s */} --- [pid 5199] chdir("./file0" [pid 5075] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5199] <... chdir resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... restart_syscall resumed>) = 0 [pid 5199] ioctl(4, LOOP_CLR_FD [pid 5075] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5202] munmap(0x7f01462f5000, 2097152 [pid 5199] <... ioctl resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5199] close(4 [pid 5075] fstat(3, [pid 5071] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5199] <... close resumed>) = 0 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5199] exit_group(0 [pid 5075] getdents64(3, [pid 5071] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5199] <... exit_group resumed>) = ? [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] <... openat resumed>) = 3 [pid 5202] <... munmap resumed>) = 0 [pid 5075] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] fstat(3, [pid 5199] +++ exited with 0 +++ [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] lstat("./18/binderfs", [pid 5071] getdents64(3, [pid 5202] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5199, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5202] <... openat resumed>) = 4 [pid 5075] unlink("./18/binderfs" [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5202] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... unlink resumed>) = 0 [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 65.017803][ T5200] loop3: detected capacity change from 0 to 4096 [ 65.031430][ T5201] loop2: detected capacity change from 0 to 4096 [ 65.054045][ T5200] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 65.061652][ T5201] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5075] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] lstat("./19/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] unlink("./19/binderfs" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... unlink resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... openat resumed>) = 3 [pid 5072] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] getdents64(3, [pid 5075] <... umount2 resumed>) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5202] <... ioctl resumed>) = 0 [pid 5200] <... mount resumed>) = 0 [pid 5075] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5202] close(3 [pid 5200] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5202] <... close resumed>) = 0 [pid 5200] <... openat resumed>) = 3 [pid 5075] lstat("./18/file0", [pid 5072] lstat("./19/binderfs", [pid 5202] mkdir("./file0", 0777 [pid 5200] chdir("./file0" [pid 5075] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5202] <... mkdir resumed>) = 0 [pid 5200] <... chdir resumed>) = 0 [pid 5075] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] unlink("./19/binderfs" [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... unlink resumed>) = 0 [pid 5075] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... openat resumed>) = 4 [pid 5075] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(4, [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] getdents64(4, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5202] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 65.102882][ T5202] loop5: detected capacity change from 0 to 4096 [pid 5200] ioctl(4, LOOP_CLR_FD [pid 5075] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] lstat("./19/file0", [pid 5071] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5200] <... ioctl resumed>) = 0 [pid 5075] close(4 [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5200] close(4 [pid 5075] <... close resumed>) = 0 [pid 5072] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5200] <... close resumed>) = 0 [pid 5075] rmdir("./18/file0" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5200] exit_group(0 [pid 5075] <... rmdir resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] lstat("./19/file0", [pid 5201] <... mount resumed>) = 0 [pid 5200] <... exit_group resumed>) = ? [pid 5075] getdents64(3, [pid 5072] <... openat resumed>) = 4 [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5201] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] fstat(4, [pid 5071] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5201] <... openat resumed>) = 3 [pid 5200] +++ exited with 0 +++ [pid 5075] close(3 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5201] chdir("./file0" [pid 5075] <... close resumed>) = 0 [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5200, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=4 /* 0.04 s */} --- [pid 5072] getdents64(4, [pid 5071] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5201] <... chdir resumed>) = 0 [pid 5075] rmdir("./18" [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] <... openat resumed>) = 4 [pid 5201] ioctl(4, LOOP_CLR_FD [pid 5075] <... rmdir resumed>) = 0 [pid 5072] getdents64(4, [pid 5071] fstat(4, [pid 5201] <... ioctl resumed>) = 0 [pid 5075] mkdir("./19", 0777 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5201] close(4 [pid 5075] <... mkdir resumed>) = 0 [pid 5072] close(4 [pid 5071] getdents64(4, [pid 5201] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5072] <... close resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5201] exit_group(0 [pid 5072] rmdir("./19/file0" [pid 5071] getdents64(4, [pid 5201] <... exit_group resumed>) = ? [pid 5074] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5201] +++ exited with 0 +++ [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] getdents64(3, [pid 5071] close(4 [pid 5074] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] <... close resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5201, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5072] close(3 [pid 5071] rmdir("./19/file0" [pid 5074] fstat(3, [pid 5073] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... close resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5075] <... openat resumed>) = 3 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] rmdir("./19" [pid 5071] getdents64(3, [pid 5075] ioctl(3, LOOP_CLR_FD [pid 5074] getdents64(3, [pid 5073] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] <... openat resumed>) = 3 [pid 5072] mkdir("./20", 0777 [pid 5071] close(3 [pid 5075] close(3 [pid 5074] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] fstat(3, [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5075] <... close resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] rmdir("./19" [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5074] lstat("./19/binderfs", [pid 5073] getdents64(3, [pid 5072] <... openat resumed>) = 3 [pid 5071] <... rmdir resumed>) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [ 65.157900][ T5202] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5071] mkdir("./20", 0777 [pid 5075] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5203 [pid 5074] unlink("./19/binderfs" [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5203 attached [pid 5074] <... unlink resumed>) = 0 [pid 5072] close(3 [pid 5073] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5203] chdir("./19" [pid 5074] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... close resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5203] <... chdir resumed>) = 0 [pid 5073] lstat("./20/binderfs", [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5203] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5202] <... mount resumed>) = 0 [pid 5074] <... umount2 resumed>) = 0 [pid 5073] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5203] <... prctl resumed>) = 0 [pid 5202] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5204 [pid 5071] close(3 [pid 5203] setpgid(0, 0 [pid 5202] <... openat resumed>) = 3 [pid 5073] unlink("./20/binderfs" [pid 5071] <... close resumed>) = 0 [pid 5203] <... setpgid resumed>) = 0 [pid 5202] chdir("./file0" [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5203] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5202] <... chdir resumed>) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5202] ioctl(4, LOOP_CLR_FD [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5205 [pid 5203] <... openat resumed>) = 3 [pid 5202] <... ioctl resumed>) = 0 [pid 5073] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5202] close(4) = 0 [pid 5202] exit_group(0 [pid 5074] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5205 attached [pid 5202] <... exit_group resumed>) = ? [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5205] chdir("./20" [pid 5203] write(3, "1000", 4 [pid 5202] +++ exited with 0 +++ [pid 5074] lstat("./19/file0", [pid 5205] <... chdir resumed>) = 0 [pid 5203] <... write resumed>) = 4 [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5202, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5205] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5203] close(3 [pid 5074] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5205] <... prctl resumed>) = 0 [pid 5203] <... close resumed>) = 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5204 attached [pid 5205] setpgid(0, 0 [pid 5203] symlink("/dev/binderfs", "./binderfs" [pid 5074] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... umount2 resumed>) = 0 [pid 5205] <... setpgid resumed>) = 0 [pid 5074] <... openat resumed>) = 4 [pid 5203] <... symlink resumed>) = 0 [pid 5205] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5204] chdir("./20" [pid 5074] fstat(4, [pid 5073] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5205] <... openat resumed>) = 3 [pid 5076] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5203] memfd_create("syzkaller", 0 [pid 5205] write(3, "1000", 4 [pid 5204] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] getdents64(4, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5205] <... write resumed>) = 4 [pid 5204] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5203] <... memfd_create resumed>) = 3 [pid 5076] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5205] close(3 [pid 5204] <... prctl resumed>) = 0 [pid 5203] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... openat resumed>) = 3 [pid 5074] getdents64(4, [pid 5073] lstat("./20/file0", [pid 5205] <... close resumed>) = 0 [pid 5204] setpgid(0, 0 [pid 5203] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] fstat(3, [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5205] symlink("/dev/binderfs", "./binderfs" [pid 5204] <... setpgid resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] close(4 [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5205] <... symlink resumed>) = 0 [pid 5076] getdents64(3, [pid 5074] <... close resumed>) = 0 [pid 5205] memfd_create("syzkaller", 0 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] rmdir("./19/file0" [pid 5205] <... memfd_create resumed>) = 3 [pid 5204] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... rmdir resumed>) = 0 [pid 5073] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5205] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5204] <... openat resumed>) = 3 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] getdents64(3, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5205] <... mmap resumed>) = 0x7f01462f5000 [pid 5204] write(3, "1000", 4 [pid 5076] lstat("./19/binderfs", [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5204] <... write resumed>) = 4 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] close(3 [pid 5073] <... openat resumed>) = 4 [pid 5204] close(3 [pid 5076] unlink("./19/binderfs" [pid 5074] <... close resumed>) = 0 [pid 5204] <... close resumed>) = 0 [pid 5076] <... unlink resumed>) = 0 [pid 5074] rmdir("./19" [pid 5073] fstat(4, [pid 5204] symlink("/dev/binderfs", "./binderfs" [pid 5076] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... rmdir resumed>) = 0 [pid 5204] <... symlink resumed>) = 0 [pid 5203] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5074] mkdir("./20", 0777 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... mkdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5204] memfd_create("syzkaller", 0 [pid 5074] <... openat resumed>) = 3 [pid 5073] getdents64(4, [pid 5204] <... memfd_create resumed>) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5204] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5074] close(3) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] getdents64(4, [pid 5204] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] <... umount2 resumed>) = 0 [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5206 [pid 5073] close(4) = 0 [pid 5073] rmdir("./20/file0" [pid 5076] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] <... rmdir resumed>) = 0 [pid 5076] lstat("./19/file0", [pid 5073] getdents64(3, ./strace-static-x86_64: Process 5206 attached [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5206] chdir("./20" [pid 5076] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(3 [pid 5206] <... chdir resumed>) = 0 [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... close resumed>) = 0 [pid 5206] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] rmdir("./20" [pid 5206] <... prctl resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5206] setpgid(0, 0 [pid 5076] fstat(4, [pid 5206] <... setpgid resumed>) = 0 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5206] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] getdents64(4, [pid 5073] mkdir("./21", 0777 [pid 5206] <... openat resumed>) = 3 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5206] write(3, "1000", 4 [pid 5076] getdents64(4, [pid 5206] <... write resumed>) = 4 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5206] close(3 [pid 5076] close(4 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5206] <... close resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5206] symlink("/dev/binderfs", "./binderfs" [pid 5076] rmdir("./19/file0" [pid 5073] <... openat resumed>) = 3 [pid 5206] <... symlink resumed>) = 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5206] memfd_create("syzkaller", 0 [pid 5076] getdents64(3, [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5206] <... memfd_create resumed>) = 3 [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(3 [pid 5206] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] close(3 [pid 5073] <... close resumed>) = 0 [pid 5206] <... mmap resumed>) = 0x7f01462f5000 [pid 5076] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] rmdir("./19" [pid 5205] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... rmdir resumed>) = 0 [pid 5076] mkdir("./20", 0777 [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5207 ./strace-static-x86_64: Process 5207 attached [pid 5076] <... mkdir resumed>) = 0 [pid 5207] chdir("./21" [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5207] <... chdir resumed>) = 0 [pid 5204] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] <... openat resumed>) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD [pid 5207] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5207] <... prctl resumed>) = 0 [pid 5076] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5208 [pid 5207] setpgid(0, 0) = 0 [pid 5207] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5208 attached [pid 5208] chdir("./20" [pid 5207] <... openat resumed>) = 3 [pid 5208] <... chdir resumed>) = 0 [pid 5207] write(3, "1000", 4 [pid 5208] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5207] <... write resumed>) = 4 [pid 5208] <... prctl resumed>) = 0 [pid 5207] close(3 [pid 5208] setpgid(0, 0 [pid 5207] <... close resumed>) = 0 [pid 5208] <... setpgid resumed>) = 0 [pid 5208] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5207] symlink("/dev/binderfs", "./binderfs" [pid 5208] <... openat resumed>) = 3 [pid 5207] <... symlink resumed>) = 0 [pid 5208] write(3, "1000", 4) = 4 [pid 5208] close(3) = 0 [pid 5207] memfd_create("syzkaller", 0 [pid 5208] symlink("/dev/binderfs", "./binderfs" [pid 5207] <... memfd_create resumed>) = 3 [pid 5208] <... symlink resumed>) = 0 [pid 5206] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5203] <... write resumed>) = 2097152 [pid 5208] memfd_create("syzkaller", 0 [pid 5207] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5208] <... memfd_create resumed>) = 3 [pid 5207] <... mmap resumed>) = 0x7f01462f5000 [pid 5205] <... write resumed>) = 2097152 [pid 5203] munmap(0x7f01462f5000, 2097152 [pid 5208] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5203] <... munmap resumed>) = 0 [pid 5203] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5203] ioctl(4, LOOP_SET_FD, 3 [pid 5205] munmap(0x7f01462f5000, 2097152 [pid 5204] <... write resumed>) = 2097152 [pid 5205] <... munmap resumed>) = 0 [pid 5205] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5205] ioctl(4, LOOP_SET_FD, 3 [pid 5203] <... ioctl resumed>) = 0 [pid 5203] close(3 [pid 5204] munmap(0x7f01462f5000, 2097152 [pid 5203] <... close resumed>) = 0 [pid 5204] <... munmap resumed>) = 0 [ 65.446106][ T5203] loop4: detected capacity change from 0 to 4096 [ 65.483507][ T5205] loop0: detected capacity change from 0 to 4096 [pid 5203] mkdir("./file0", 0777 [pid 5204] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5203] <... mkdir resumed>) = 0 [pid 5207] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5204] <... openat resumed>) = 4 [pid 5203] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5205] <... ioctl resumed>) = 0 [pid 5205] close(3) = 0 [pid 5205] mkdir("./file0", 0777) = 0 [pid 5208] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5205] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5204] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5204] close(3) = 0 [pid 5204] mkdir("./file0", 0777 [pid 5206] <... write resumed>) = 2097152 [pid 5206] munmap(0x7f01462f5000, 2097152) = 0 [pid 5204] <... mkdir resumed>) = 0 [pid 5204] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5206] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [ 65.543306][ T5205] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 65.546711][ T5203] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 65.561721][ T5204] loop1: detected capacity change from 0 to 4096 [ 65.579882][ T5204] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [pid 5206] ioctl(4, LOOP_SET_FD, 3 [pid 5207] <... write resumed>) = 2097152 [pid 5207] munmap(0x7f01462f5000, 2097152 [pid 5206] <... ioctl resumed>) = 0 [pid 5207] <... munmap resumed>) = 0 [pid 5207] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5206] close(3 [pid 5207] <... openat resumed>) = 4 [pid 5206] <... close resumed>) = 0 [pid 5207] ioctl(4, LOOP_SET_FD, 3 [ 65.585138][ T5206] loop3: detected capacity change from 0 to 4096 [pid 5206] mkdir("./file0", 0777 [pid 5208] <... write resumed>) = 2097152 [pid 5207] <... ioctl resumed>) = 0 [pid 5206] <... mkdir resumed>) = 0 [pid 5206] mount("/dev/loop3", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5208] munmap(0x7f01462f5000, 2097152 [pid 5207] close(3 [pid 5205] <... mount resumed>) = 0 [pid 5203] <... mount resumed>) = 0 [pid 5208] <... munmap resumed>) = 0 [pid 5207] <... close resumed>) = 0 [pid 5205] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5203] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5207] mkdir("./file0", 0777 [pid 5205] <... openat resumed>) = 3 [pid 5203] <... openat resumed>) = 3 [pid 5208] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5207] <... mkdir resumed>) = 0 [pid 5205] chdir("./file0" [pid 5203] chdir("./file0" [pid 5208] <... openat resumed>) = 4 [pid 5207] mount("/dev/loop2", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5206] <... mount resumed>) = 0 [pid 5205] <... chdir resumed>) = 0 [pid 5204] <... mount resumed>) = 0 [pid 5203] <... chdir resumed>) = 0 [pid 5208] ioctl(4, LOOP_SET_FD, 3 [ 65.617642][ T5207] loop2: detected capacity change from 0 to 4096 [ 65.629427][ T5206] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 65.655896][ T5207] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [pid 5204] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5206] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5205] ioctl(4, LOOP_CLR_FD [pid 5203] ioctl(4, LOOP_CLR_FD [pid 5206] <... openat resumed>) = 3 [pid 5205] <... ioctl resumed>) = 0 [pid 5203] <... ioctl resumed>) = 0 [pid 5206] chdir("./file0" [pid 5205] close(4 [pid 5203] close(4 [pid 5208] <... ioctl resumed>) = 0 [pid 5206] <... chdir resumed>) = 0 [pid 5205] <... close resumed>) = 0 [pid 5204] <... openat resumed>) = 3 [pid 5208] close(3 [pid 5206] ioctl(4, LOOP_CLR_FD [pid 5204] chdir("./file0" [pid 5203] <... close resumed>) = 0 [pid 5205] exit_group(0 [pid 5208] <... close resumed>) = 0 [pid 5206] <... ioctl resumed>) = 0 [pid 5204] <... chdir resumed>) = 0 [pid 5203] exit_group(0 [pid 5205] <... exit_group resumed>) = ? [pid 5208] mkdir("./file0", 0777 [pid 5206] close(4 [pid 5204] ioctl(4, LOOP_CLR_FD [pid 5203] <... exit_group resumed>) = ? [pid 5208] <... mkdir resumed>) = 0 [pid 5206] <... close resumed>) = 0 [pid 5205] +++ exited with 0 +++ [pid 5204] <... ioctl resumed>) = 0 [pid 5208] mount("/dev/loop5", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [ 65.658083][ T5208] loop5: detected capacity change from 0 to 4096 [pid 5206] exit_group(0 [pid 5204] close(4 [pid 5203] +++ exited with 0 +++ [pid 5206] <... exit_group resumed>) = ? [pid 5204] <... close resumed>) = 0 [pid 5075] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5203, si_uid=0, si_status=0, si_utime=2 /* 0.02 s */, si_stime=7 /* 0.07 s */} --- [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5205, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5204] exit_group(0 [pid 5075] restart_syscall(<... resuming interrupted clone ...> [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5206] +++ exited with 0 +++ [pid 5204] <... exit_group resumed>) = ? [pid 5075] <... restart_syscall resumed>) = 0 [pid 5071] <... restart_syscall resumed>) = 0 [pid 5207] <... mount resumed>) = 0 [pid 5204] +++ exited with 0 +++ [pid 5074] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5206, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5204, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5075] umount2("./19", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./19", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5075] <... openat resumed>) = 3 [pid 5074] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5207] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5075] fstat(3, [pid 5074] fstat(3, [pid 5071] fstat(3, [pid 5207] <... openat resumed>) = 3 [pid 5075] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5207] chdir("./file0" [pid 5075] getdents64(3, [pid 5074] getdents64(3, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] getdents64(3, [pid 5207] <... chdir resumed>) = 0 [pid 5075] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5072] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5207] ioctl(4, LOOP_CLR_FD [pid 5075] umount2("./19/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... openat resumed>) = 3 [pid 5071] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5207] <... ioctl resumed>) = 0 [pid 5075] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] fstat(3, [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5207] close(4 [pid 5075] lstat("./19/binderfs", [pid 5074] lstat("./20/binderfs", [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] lstat("./20/binderfs", [pid 5207] <... close resumed>) = 0 [pid 5075] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5072] getdents64(3, [pid 5071] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5207] exit_group(0 [pid 5075] unlink("./19/binderfs" [pid 5074] unlink("./20/binderfs" [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5071] unlink("./20/binderfs" [pid 5207] <... exit_group resumed>) = ? [pid 5075] <... unlink resumed>) = 0 [pid 5074] <... unlink resumed>) = 0 [pid 5072] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... unlink resumed>) = 0 [pid 5207] +++ exited with 0 +++ [pid 5075] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5207, si_uid=0, si_status=0, si_utime=1 /* 0.01 s */, si_stime=6 /* 0.06 s */} --- [pid 5072] lstat("./20/binderfs", [pid 5073] umount2("./21", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] openat(AT_FDCWD, "./21", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5073] fstat(3, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] getdents64(3, [pid 5072] unlink("./20/binderfs" [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./21/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] lstat("./21/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5073] unlink("./21/binderfs") = 0 [ 65.691191][ T5208] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [pid 5073] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... unlink resumed>) = 0 [pid 5072] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5075] <... umount2 resumed>) = 0 [pid 5075] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] lstat("./19/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] umount2("./19/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5075] openat(AT_FDCWD, "./19/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5075] fstat(4, {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5075] getdents64(4, 0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5075] getdents64(4, 0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5075] close(4) = 0 [pid 5075] rmdir("./19/file0") = 0 [pid 5075] getdents64(3, 0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5075] close(3) = 0 [pid 5075] rmdir("./19") = 0 [pid 5075] mkdir("./20", 0777) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5075] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5075] close(3) = 0 [pid 5075] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5209 ./strace-static-x86_64: Process 5209 attached [pid 5209] chdir("./20") = 0 [pid 5209] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5209] setpgid(0, 0) = 0 [pid 5208] <... mount resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5209] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5208] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5074] <... umount2 resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5208] <... openat resumed>) = 3 [pid 5072] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] chdir("./file0" [pid 5071] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5208] <... chdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5208] ioctl(4, LOOP_CLR_FD [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] lstat("./20/file0", [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5208] <... ioctl resumed>) = 0 [pid 5209] <... openat resumed>) = 3 [pid 5208] close(4 [pid 5074] lstat("./20/file0", [pid 5072] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] lstat("./20/file0", [pid 5208] <... close resumed>) = 0 [pid 5209] write(3, "1000", 4 [pid 5208] exit_group(0 [pid 5074] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5209] <... write resumed>) = 4 [pid 5208] <... exit_group resumed>) = ? [pid 5074] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5209] close(3) = 0 [pid 5209] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5208] +++ exited with 0 +++ [pid 5209] memfd_create("syzkaller", 0 [pid 5074] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5208, si_uid=0, si_status=0, si_utime=0, si_stime=7 /* 0.07 s */} --- [pid 5074] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] restart_syscall(<... resuming interrupted clone ...> [pid 5072] <... openat resumed>) = 4 [pid 5071] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5209] <... memfd_create resumed>) = 3 [pid 5076] <... restart_syscall resumed>) = 0 [pid 5074] <... openat resumed>) = 4 [pid 5073] lstat("./21/file0", [pid 5072] fstat(4, [pid 5071] <... openat resumed>) = 4 [pid 5209] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5074] fstat(4, [pid 5073] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5071] fstat(4, [pid 5209] <... mmap resumed>) = 0x7f01462f5000 [pid 5074] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5073] umount2("./21/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(4, [pid 5071] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./20", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] getdents64(4, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5073] openat(AT_FDCWD, "./21/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(4, [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5076] openat(AT_FDCWD, "./20", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5074] getdents64(4, [pid 5073] <... openat resumed>) = 4 [pid 5072] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5071] getdents64(4, [pid 5076] <... openat resumed>) = 3 [pid 5074] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5073] fstat(4, [pid 5072] close(4 [pid 5071] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5076] fstat(3, [pid 5074] close(4 [pid 5073] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] close(4 [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5074] <... close resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] rmdir("./20/file0" [pid 5071] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5074] rmdir("./20/file0" [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] rmdir("./20/file0" [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 4 entries */, 32768) = 112 [pid 5074] <... rmdir resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] getdents64(3, [pid 5071] <... rmdir resumed>) = 0 [pid 5076] umount2("./20/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] getdents64(3, [pid 5073] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5071] getdents64(3, [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5074] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5073] close(4 [pid 5072] close(3 [pid 5071] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5076] lstat("./20/binderfs", [pid 5074] close(3 [pid 5073] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] close(3 [pid 5076] <... lstat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}) = 0 [pid 5074] <... close resumed>) = 0 [pid 5073] rmdir("./21/file0" [pid 5072] rmdir("./20" [pid 5071] <... close resumed>) = 0 [pid 5076] unlink("./20/binderfs" [pid 5074] rmdir("./20" [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] rmdir("./20" [pid 5076] <... unlink resumed>) = 0 [pid 5074] <... rmdir resumed>) = 0 [pid 5073] getdents64(3, [pid 5072] mkdir("./21", 0777 [pid 5071] <... rmdir resumed>) = 0 [pid 5076] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] mkdir("./21", 0777 [pid 5073] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5071] mkdir("./21", 0777 [pid 5076] <... umount2 resumed>) = 0 [pid 5074] <... mkdir resumed>) = 0 [pid 5073] close(3 [pid 5072] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] <... mkdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5073] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5071] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5074] <... openat resumed>) = 3 [pid 5073] rmdir("./21" [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] <... openat resumed>) = 3 [pid 5074] ioctl(3, LOOP_CLR_FD [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5074] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] mkdir("./22", 0777 [pid 5072] close(3 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5074] close(3 [pid 5073] <... mkdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] close(3 [pid 5074] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... close resumed>) = 0 [pid 5074] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... openat resumed>) = 3 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5072] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5210 [pid 5074] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5211 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5212 [pid 5073] close(3) = 0 [pid 5076] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5076] lstat("./20/file0", [pid 5073] <... clone resumed>, child_tidptr=0x5555557a15d0) = 5213 [pid 5076] <... lstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5076] umount2("./20/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5212 attached ) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5210 attached [pid 5212] chdir("./21" [pid 5076] openat(AT_FDCWD, "./20/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5212] <... chdir resumed>) = 0 [pid 5210] chdir("./21" [pid 5076] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5211 attached [pid 5212] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5210] <... chdir resumed>) = 0 [pid 5076] fstat(4, [pid 5212] <... prctl resumed>) = 0 [pid 5210] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5076] <... fstat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 [pid 5212] setpgid(0, 0 [pid 5211] chdir("./21" [pid 5210] <... prctl resumed>) = 0 [pid 5076] getdents64(4, [pid 5212] <... setpgid resumed>) = 0 [pid 5211] <... chdir resumed>) = 0 [pid 5210] setpgid(0, 0 [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 2 entries */, 32768) = 48 [pid 5212] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5210] <... setpgid resumed>) = 0 [pid 5076] getdents64(4, [pid 5211] prctl(PR_SET_PDEATHSIG, SIGKILL./strace-static-x86_64: Process 5213 attached [pid 5212] <... openat resumed>) = 3 [pid 5210] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5076] <... getdents64 resumed>0x5555557aa660 /* 0 entries */, 32768) = 0 [pid 5213] chdir("./22" [pid 5212] write(3, "1000", 4 [pid 5211] <... prctl resumed>) = 0 [pid 5210] <... openat resumed>) = 3 [pid 5076] close(4 [pid 5212] <... write resumed>) = 4 [pid 5211] setpgid(0, 0 [pid 5210] write(3, "1000", 4 [pid 5076] <... close resumed>) = 0 [pid 5213] <... chdir resumed>) = 0 [pid 5212] close(3 [pid 5211] <... setpgid resumed>) = 0 [pid 5210] <... write resumed>) = 4 [pid 5076] rmdir("./20/file0" [pid 5213] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5212] <... close resumed>) = 0 [pid 5211] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5210] close(3 [pid 5076] <... rmdir resumed>) = 0 [pid 5213] <... prctl resumed>) = 0 [pid 5212] symlink("/dev/binderfs", "./binderfs" [pid 5211] <... openat resumed>) = 3 [pid 5210] <... close resumed>) = 0 [pid 5076] getdents64(3, [pid 5213] setpgid(0, 0 [pid 5212] <... symlink resumed>) = 0 [pid 5211] write(3, "1000", 4 [pid 5210] symlink("/dev/binderfs", "./binderfs" [pid 5076] <... getdents64 resumed>0x5555557a2620 /* 0 entries */, 32768) = 0 [pid 5213] <... setpgid resumed>) = 0 [pid 5212] memfd_create("syzkaller", 0 [pid 5211] <... write resumed>) = 4 [pid 5210] <... symlink resumed>) = 0 [pid 5076] close(3 [pid 5213] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5212] <... memfd_create resumed>) = 3 [pid 5211] close(3 [pid 5210] memfd_create("syzkaller", 0 [pid 5076] <... close resumed>) = 0 [pid 5213] <... openat resumed>) = 3 [pid 5212] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5211] <... close resumed>) = 0 [pid 5210] <... memfd_create resumed>) = 3 [pid 5076] rmdir("./20" [pid 5213] write(3, "1000", 4 [pid 5212] <... mmap resumed>) = 0x7f01462f5000 [pid 5211] symlink("/dev/binderfs", "./binderfs" [pid 5210] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5076] <... rmdir resumed>) = 0 [pid 5213] <... write resumed>) = 4 [pid 5210] <... mmap resumed>) = 0x7f01462f5000 [pid 5209] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5076] mkdir("./21", 0777 [pid 5213] close(3 [pid 5211] <... symlink resumed>) = 0 [pid 5076] <... mkdir resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 3 [pid 5076] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5076] close(3) = 0 [pid 5076] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x5555557a15d0) = 5214 [pid 5213] <... close resumed>) = 0 ./strace-static-x86_64: Process 5214 attached [pid 5214] chdir("./21" [pid 5213] symlink("/dev/binderfs", "./binderfs" [pid 5211] memfd_create("syzkaller", 0 [pid 5214] <... chdir resumed>) = 0 [pid 5214] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5213] <... symlink resumed>) = 0 [pid 5211] <... memfd_create resumed>) = 3 [pid 5214] <... prctl resumed>) = 0 [pid 5214] setpgid(0, 0) = 0 [pid 5214] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5213] memfd_create("syzkaller", 0 [pid 5211] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5214] <... openat resumed>) = 3 [pid 5213] <... memfd_create resumed>) = 3 [pid 5211] <... mmap resumed>) = 0x7f01462f5000 [pid 5210] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5209] <... write resumed>) = 2097152 [pid 5214] write(3, "1000", 4 [pid 5213] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5214] <... write resumed>) = 4 [pid 5214] close(3) = 0 [pid 5214] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5214] memfd_create("syzkaller", 0) = 3 [pid 5214] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f01462f5000 [pid 5213] <... mmap resumed>) = 0x7f01462f5000 [pid 5212] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5209] munmap(0x7f01462f5000, 2097152) = 0 [pid 5209] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5209] ioctl(4, LOOP_SET_FD, 3 [pid 5214] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5212] <... write resumed>) = 2097152 [pid 5212] munmap(0x7f01462f5000, 2097152 [pid 5210] <... write resumed>) = 2097152 [pid 5210] munmap(0x7f01462f5000, 2097152 [pid 5212] <... munmap resumed>) = 0 [pid 5212] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [pid 5210] <... munmap resumed>) = 0 [ 65.985181][ T5209] loop4: detected capacity change from 0 to 4096 [pid 5212] ioctl(4, LOOP_SET_FD, 3 [pid 5209] <... ioctl resumed>) = 0 [pid 5213] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5211] write(3, "\xeb\x52\x90\x4e\x54\x46\x53\x20\x20\x20\x20\x00\x04\x04\x00\x00\x00\x00\x00\x00\x00\xf8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00\x80\x00\xff\x07\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00\xff\x00\x00\x00\x00\x00\x00\x00\xf6\x00\x00\x00\x01\x00\x00\x00\x65\x7e\xbb\x32\xdb\xa4\xaf\x02\x00\x00\x00\x00\x0e\x1f\xbe\x71\x7c\xac\x22\xc0\x74\x0b\x56\xb4\x0e\xbb\x07\x00"..., 2097152 [pid 5210] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5209] close(3 [pid 5210] <... openat resumed>) = 4 [pid 5209] <... close resumed>) = 0 [pid 5210] ioctl(4, LOOP_SET_FD, 3) = 0 [pid 5209] mkdir("./file0", 0777) = 0 [pid 5209] mount("/dev/loop4", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5212] <... ioctl resumed>) = 0 [pid 5212] close(3) = 0 [pid 5212] mkdir("./file0", 0777) = 0 [pid 5210] close(3 [pid 5212] mount("/dev/loop0", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5210] <... close resumed>) = 0 [ 66.045330][ T5212] loop0: detected capacity change from 0 to 4096 [ 66.067570][ T5210] loop1: detected capacity change from 0 to 4096 [ 66.080105][ T5209] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [pid 5210] mkdir("./file0", 0777) = 0 [pid 5210] mount("/dev/loop1", "./file0", "ntfs3", MS_SYNCHRONOUS|MS_I_VERSION, "" [pid 5214] <... write resumed>) = 2097152 [pid 5213] <... write resumed>) = 2097152 [pid 5211] <... write resumed>) = 2097152 [pid 5214] munmap(0x7f01462f5000, 2097152 [pid 5213] munmap(0x7f01462f5000, 2097152 [pid 5211] munmap(0x7f01462f5000, 2097152 [pid 5214] <... munmap resumed>) = 0 [pid 5213] <... munmap resumed>) = 0 [pid 5211] <... munmap resumed>) = 0 [pid 5213] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5211] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5213] <... openat resumed>) = 4 [pid 5211] <... openat resumed>) = 4 [ 66.110757][ T5212] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 66.123989][ T5210] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 66.136430][ C1] ================================================================== [ 66.144544][ C1] BUG: KASAN: out-of-bounds in end_buffer_read_sync+0xbd/0xd0 [ 66.152055][ C1] Write of size 4 at addr ffffc9000416f820 by task ksoftirqd/1/21 [pid 5213] ioctl(4, LOOP_SET_FD, 3 [pid 5211] ioctl(4, LOOP_SET_FD, 3 [pid 5214] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5214] ioctl(4, LOOP_SET_FD, 3 [pid 5213] <... ioctl resumed>) = 0 [pid 5213] close(3) = 0 [ 66.156375][ T5213] loop2: detected capacity change from 0 to 4096 [ 66.160025][ C1] [ 66.160032][ C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 6.2.0-rc1-syzkaller-00043-g2258c2dc850b #0 [ 66.160049][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 66.167311][ T5211] loop3: detected capacity change from 0 to 4096 [ 66.168672][ C1] Call Trace: [ 66.168681][ C1] [ 66.168688][ C1] dump_stack_lvl+0x1b1/0x290 [ 66.180852][ T5214] loop5: detected capacity change from 0 to 4096 [ 66.188606][ C1] ? nf_tcp_handle_invalid+0x630/0x630 [ 66.188635][ C1] ? __wake_up_klogd+0xcd/0x100 [ 66.188655][ C1] ? panic+0x710/0x710 [ 66.188668][ C1] ? _printk+0xc0/0x100 [ 66.188679][ C1] ? _raw_spin_lock_irqsave+0x8e/0x100 [ 66.188701][ C1] print_address_description+0x74/0x340 [ 66.226938][ T5213] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 66.230803][ C1] print_report+0x107/0x1f0 [ 66.230834][ C1] ? rcu_lock_release+0x5/0x20 [ 66.242721][ T5211] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 66.250809][ C1] ? __virt_addr_valid+0xb8/0x2d0 [ 66.250842][ C1] ? end_buffer_read_sync+0xbd/0xd0 [ 66.250860][ C1] kasan_report+0xcd/0x100 [ 66.250882][ C1] ? end_buffer_read_sync+0xbd/0xd0 [ 66.250901][ C1] ? __wait_on_buffer+0x70/0x70 [ 66.250918][ C1] kasan_check_range+0x2a7/0x2e0 [ 66.250939][ C1] end_buffer_read_sync+0xbd/0xd0 [ 66.250955][ C1] end_bio_bh_io_sync+0xb1/0x110 [ 66.268843][ T5214] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512) [ 66.269329][ C1] blk_update_request+0x51c/0x1040 [ 66.323324][ C1] blk_mq_end_request+0x39/0x70 [ 66.328203][ C1] blk_done_softirq+0x119/0x160 [ 66.333084][ C1] __do_softirq+0x277/0x738 [ 66.337623][ C1] ? run_ksoftirqd+0xa2/0x100 [ 66.342412][ C1] ? __lock_text_end+0x6/0x6 [ 66.347036][ C1] ? run_ksoftirqd+0x84/0x100 [ 66.351732][ C1] run_ksoftirqd+0xa2/0x100 [ 66.356344][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 66.361577][ C1] ? takeover_tasklets+0x890/0x890 [ 66.366709][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 66.371930][ C1] smpboot_thread_fn+0x533/0xa10 [ 66.376898][ C1] kthread+0x266/0x300 [ 66.380995][ C1] ? cpu_report_death+0x2a0/0x2a0 [ 66.386055][ C1] ? kthread_blkcg+0xd0/0xd0 [ 66.390674][ C1] ret_from_fork+0x1f/0x30 [ 66.395122][ C1] [ 66.398144][ C1] [ 66.400461][ C1] The buggy address belongs to the virtual mapping at [ 66.400461][ C1] [ffffc90004168000, ffffc90004171000) created by: [ 66.400461][ C1] dup_task_struct+0x8b/0x490 [ 66.418163][ C1] [ 66.420486][ C1] The buggy address belongs to the physical page: [ 66.426883][ C1] page:ffffea0000adc100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b704 [ 66.437031][ C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 66.444190][ C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 66.452773][ C1] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 66.461365][ C1] page dumped because: kasan: bad access detected [ 66.467875][ C1] page_owner tracks the page as allocated [ 66.473604][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 5071, tgid 5071 (syz-executor109), ts 65246359526, free_ts 65194198534 [ 66.493074][ C1] get_page_from_freelist+0x742/0x7c0 [ 66.498464][ C1] __alloc_pages+0x259/0x560 [ 66.503056][ C1] __vmalloc_node_range+0x9b2/0x1400 [ 66.508353][ C1] alloc_thread_stack_node+0x307/0x500 [ 66.514264][ C1] dup_task_struct+0x8b/0x490 [ 66.518946][ C1] copy_process+0x53c/0x3f00 [ 66.523544][ C1] kernel_clone+0x21b/0x630 [ 66.528067][ C1] __x64_sys_clone+0x228/0x290 [ 66.532831][ C1] do_syscall_64+0x3d/0xb0 [ 66.537234][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 66.543652][ C1] page last free stack trace: [ 66.548329][ C1] free_pcp_prepare+0x751/0x780 [ 66.553186][ C1] free_unref_page_list+0xb2/0x830 [ 66.558291][ C1] release_pages+0x233e/0x25e0 [ 66.563053][ C1] tlb_flush_mmu+0x860/0xa80 [ 66.567631][ C1] tlb_finish_mmu+0xcd/0x200 [ 66.572213][ C1] exit_mmap+0x275/0x630 [ 66.576467][ C1] __mmput+0x114/0x3b0 [ 66.580550][ C1] exit_mm+0x1ec/0x2c0 [ 66.584637][ C1] do_exit+0x5c7/0x2150 [ 66.588808][ C1] do_group_exit+0x1fd/0x2b0 [ 66.593396][ C1] __x64_sys_exit_group+0x3b/0x40 [ 66.598412][ C1] do_syscall_64+0x3d/0xb0 [ 66.602942][ C1] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 66.608861][ C1] [ 66.611185][ C1] Memory state around the buggy address: [ 66.616817][ C1] ffffc9000416f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.624885][ C1] ffffc9000416f780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.632952][ C1] >ffffc9000416f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.641138][ C1] ^ [ 66.646515][ C1] ffffc9000416f880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.654677][ C1] ffffc9000416f900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 66.662750][ C1] ================================================================== [ 66.670910][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 66.678105][ C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 6.2.0-rc1-syzkaller-00043-g2258c2dc850b #0 [ 66.687992][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 66.698072][ C1] Call Trace: [ 66.701365][ C1] [ 66.704304][ C1] dump_stack_lvl+0x1b1/0x290 [ 66.709002][ C1] ? nf_tcp_handle_invalid+0x630/0x630 [ 66.714481][ C1] ? panic+0x710/0x710 [ 66.718552][ C1] ? lock_release+0x81/0x820 [ 66.723156][ C1] ? vscnprintf+0x59/0x80 [ 66.727499][ C1] panic+0x2d6/0x710 [ 66.731425][ C1] ? check_panic_on_warn+0x1d/0xa0 [ 66.736544][ C1] ? memcpy_page_flushcache+0x100/0x100 [ 66.742124][ C1] ? _raw_spin_unlock_irqrestore+0xbc/0x120 [ 66.748040][ C1] ? _raw_spin_unlock_irqrestore+0xc1/0x120 [ 66.753946][ C1] ? _raw_spin_unlock+0x40/0x40 [ 66.758828][ C1] ? rcu_read_lock_sched_held+0x5d/0x110 [ 66.764487][ C1] ? __bpf_trace_rcu_stall_warning+0x10/0x10 [ 66.770507][ C1] check_panic_on_warn+0x80/0xa0 [ 66.775480][ C1] ? end_buffer_read_sync+0xbd/0xd0 [ 66.780708][ C1] end_report+0x47/0x90 [ 66.784886][ C1] kasan_report+0xda/0x100 [ 66.789307][ C1] ? end_buffer_read_sync+0xbd/0xd0 [ 66.794498][ C1] ? __wait_on_buffer+0x70/0x70 [ 66.799355][ C1] kasan_check_range+0x2a7/0x2e0 [ 66.804292][ C1] end_buffer_read_sync+0xbd/0xd0 [ 66.809320][ C1] end_bio_bh_io_sync+0xb1/0x110 [ 66.814283][ C1] blk_update_request+0x51c/0x1040 [ 66.819414][ C1] blk_mq_end_request+0x39/0x70 [ 66.824305][ C1] blk_done_softirq+0x119/0x160 [ 66.829257][ C1] __do_softirq+0x277/0x738 [ 66.833785][ C1] ? run_ksoftirqd+0xa2/0x100 [ 66.838480][ C1] ? __lock_text_end+0x6/0x6 [ 66.843100][ C1] ? run_ksoftirqd+0x84/0x100 [ 66.847793][ C1] run_ksoftirqd+0xa2/0x100 [ 66.852315][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 66.857543][ C1] ? takeover_tasklets+0x890/0x890 [ 66.862699][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 66.867902][ C1] smpboot_thread_fn+0x533/0xa10 [ 66.872833][ C1] kthread+0x266/0x300 [ 66.876910][ C1] ? cpu_report_death+0x2a0/0x2a0 [ 66.881953][ C1] ? kthread_blkcg+0xd0/0xd0 [ 66.886644][ C1] ret_from_fork+0x1f/0x30 [ 66.891093][ C1] [ 66.894352][ C1] Kernel Offset: disabled [ 66.898673][ C1] Rebooting in 86400 seconds..