./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor4216486164 <...> Warning: Permanently added '10.128.0.233' (ED25519) to the list of known hosts. execve("./syz-executor4216486164", ["./syz-executor4216486164"], 0x7ffcaa8befc0 /* 10 vars */) = 0 brk(NULL) = 0x55555566a000 brk(0x55555566ad00) = 0x55555566ad00 arch_prctl(ARCH_SET_FS, 0x55555566a380) = 0 set_tid_address(0x55555566a650) = 5067 set_robust_list(0x55555566a660, 24) = 0 rseq(0x55555566aca0, 0x20, 0, 0x53053053) = 0 prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0 readlink("/proc/self/exe", "/root/syz-executor4216486164", 4096) = 28 getrandom("\xf7\x5f\x41\x1b\xfc\x61\x82\x03", 8, GRND_NONBLOCK) = 8 brk(NULL) = 0x55555566ad00 brk(0x55555568bd00) = 0x55555568bd00 brk(0x55555568c000) = 0x55555568c000 mprotect(0x7faa018ae000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5068 attached [pid 5068] set_robust_list(0x55555566a660, 24 [pid 5067] <... clone resumed>, child_tidptr=0x55555566a650) = 5068 [pid 5068] <... set_robust_list resumed>) = 0 [pid 5068] mkdir("./syzkaller.5ZSqU6", 0700 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5069 attached , child_tidptr=0x55555566a650) = 5069 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... mkdir resumed>) = 0 [pid 5069] set_robust_list(0x55555566a660, 24 [pid 5068] chmod("./syzkaller.5ZSqU6", 0777 [pid 5069] <... set_robust_list resumed>) = 0 [pid 5069] mkdir("./syzkaller.1fnIlO", 0700 [pid 5068] <... chmod resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x55555566a650) = 5070 ./strace-static-x86_64: Process 5070 attached [pid 5069] <... mkdir resumed>) = 0 [pid 5068] chdir("./syzkaller.5ZSqU6" [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] set_robust_list(0x55555566a660, 24 [pid 5069] chmod("./syzkaller.1fnIlO", 0777 [pid 5070] <... set_robust_list resumed>) = 0 [pid 5068] <... chdir resumed>) = 0 [pid 5070] mkdir("./syzkaller.CGEoPB", 0700 [pid 5069] <... chmod resumed>) = 0 [pid 5069] chdir("./syzkaller.1fnIlO"./strace-static-x86_64: Process 5071 attached [pid 5070] <... mkdir resumed>) = 0 [pid 5068] mkdir("./0", 0777 [pid 5069] <... chdir resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x55555566a650) = 5071 [pid 5071] set_robust_list(0x55555566a660, 24 [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... set_robust_list resumed>) = 0 ./strace-static-x86_64: Process 5072 attached [pid 5070] chmod("./syzkaller.CGEoPB", 0777 [pid 5069] mkdir("./0", 0777 [pid 5068] <... mkdir resumed>) = 0 [pid 5071] mkdir("./syzkaller.tRCJaz", 0700 [pid 5070] <... chmod resumed>) = 0 [pid 5067] <... clone resumed>, child_tidptr=0x55555566a650) = 5072 [pid 5072] set_robust_list(0x55555566a660, 24 [pid 5071] <... mkdir resumed>) = 0 [pid 5070] chdir("./syzkaller.CGEoPB" [pid 5069] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5067] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... set_robust_list resumed>) = 0 [pid 5071] chmod("./syzkaller.tRCJaz", 0777 [pid 5070] <... chdir resumed>) = 0 [pid 5070] mkdir("./0", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5072] mkdir("./syzkaller.QK6Sbt", 0700./strace-static-x86_64: Process 5073 attached [pid 5073] set_robust_list(0x55555566a660, 24) = 0 [pid 5073] mkdir("./syzkaller.sstRm8", 0700 [pid 5071] <... chmod resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] <... openat resumed>) = 3 [pid 5070] <... openat resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5067] <... clone resumed>, child_tidptr=0x55555566a650) = 5073 [pid 5072] <... mkdir resumed>) = 0 [pid 5071] chdir("./syzkaller.tRCJaz" [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5071] <... chdir resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5069] close(3 [pid 5073] <... mkdir resumed>) = 0 [pid 5071] mkdir("./0", 0777 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... close resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] chmod("./syzkaller.QK6Sbt", 0777 [pid 5071] <... mkdir resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5074 attached [pid 5074] set_robust_list(0x55555566a660, 24) = 0 [pid 5074] chdir("./0") = 0 [pid 5074] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 ./strace-static-x86_64: Process 5075 attached [pid 5074] setpgid(0, 0 [pid 5075] set_robust_list(0x55555566a660, 24 [pid 5074] <... setpgid resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] <... set_robust_list resumed>) = 0 [pid 5074] <... openat resumed>) = 3 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5074 [pid 5075] chdir("./0") = 0 [pid 5074] write(3, "1000", 4 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5075 [pid 5075] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5074] <... write resumed>) = 4 [pid 5075] <... prctl resumed>) = 0 [pid 5074] close(3 [pid 5075] setpgid(0, 0) = 0 [pid 5074] <... close resumed>) = 0 [pid 5075] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5074] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5075] <... openat resumed>) = 3 [pid 5068] close(3 [pid 5072] <... chmod resumed>) = 0 [pid 5075] write(3, "1000", 4 [pid 5074] memfd_create("syzkaller", 0 [pid 5073] chmod("./syzkaller.sstRm8", 0777 [pid 5068] <... close resumed>) = 0 [pid 5075] <... write resumed>) = 4 [pid 5074] <... memfd_create resumed>) = 3 [pid 5073] <... chmod resumed>) = 0 [pid 5072] chdir("./syzkaller.QK6Sbt" [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5075] close(3 [pid 5074] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5075] <... close resumed>) = 0 [pid 5074] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5075] symlink("/dev/binderfs", "./binderfs" [pid 5071] <... openat resumed>) = 3 [pid 5072] <... chdir resumed>) = 0 [pid 5073] chdir("./syzkaller.sstRm8" [pid 5075] <... symlink resumed>) = 0 [pid 5073] <... chdir resumed>) = 0 [pid 5072] mkdir("./0", 0777 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5076 [pid 5073] mkdir("./0", 0777./strace-static-x86_64: Process 5076 attached [pid 5076] set_robust_list(0x55555566a660, 24 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5076] <... set_robust_list resumed>) = 0 [pid 5076] chdir("./0") = 0 [pid 5076] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5076] setpgid(0, 0 [pid 5071] close(3 [pid 5076] <... setpgid resumed>) = 0 [pid 5076] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] memfd_create("syzkaller", 0 [pid 5074] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] <... mkdir resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5076] <... openat resumed>) = 3 [pid 5075] <... memfd_create resumed>) = 3 [pid 5072] <... openat resumed>) = 3 [pid 5076] write(3, "1000", 4 [pid 5075] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5077 attached [pid 5076] <... write resumed>) = 4 [pid 5075] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5074] <... write resumed>) = 524288 [pid 5073] <... openat resumed>) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5077] set_robust_list(0x55555566a660, 24 [pid 5076] close(3 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5077 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5077] <... set_robust_list resumed>) = 0 [pid 5076] <... close resumed>) = 0 [pid 5075] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5074] munmap(0x7fa9f93fb000, 138412032 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] close(3 [pid 5077] chdir("./0" [pid 5076] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... chdir resumed>) = 0 [pid 5073] close(3 [pid 5072] <... close resumed>) = 0 [pid 5077] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... close resumed>) = 0 [pid 5077] <... prctl resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5077] setpgid(0, 0) = 0 [pid 5076] <... symlink resumed>) = 0 [pid 5074] <... munmap resumed>) = 0 [pid 5077] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 5080 attached [pid 5076] memfd_create("syzkaller", 0 [pid 5074] openat(AT_FDCWD, "/dev/loop2", O_RDWR./strace-static-x86_64: Process 5079 attached [pid 5080] set_robust_list(0x55555566a660, 24 [pid 5076] <... memfd_create resumed>) = 3 [pid 5074] <... openat resumed>) = 4 [pid 5079] set_robust_list(0x55555566a660, 24 [pid 5077] <... openat resumed>) = 3 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5080 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5079 [pid 5076] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... set_robust_list resumed>) = 0 [pid 5076] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5074] ioctl(4, LOOP_SET_FD, 3 [pid 5080] chdir("./0" [pid 5079] <... set_robust_list resumed>) = 0 [pid 5077] write(3, "1000", 4 [pid 5076] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] chdir("./0" [pid 5077] <... write resumed>) = 4 [pid 5075] <... write resumed>) = 524288 [pid 5080] <... chdir resumed>) = 0 [pid 5080] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5080] setpgid(0, 0 [pid 5077] close(3 [pid 5079] <... chdir resumed>) = 0 [pid 5079] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5077] <... close resumed>) = 0 [pid 5079] <... prctl resumed>) = 0 [pid 5077] symlink("/dev/binderfs", "./binderfs" [pid 5079] setpgid(0, 0 [pid 5080] <... setpgid resumed>) = 0 [pid 5075] munmap(0x7fa9f93fb000, 138412032 [pid 5080] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5079] <... setpgid resumed>) = 0 [pid 5077] <... symlink resumed>) = 0 [pid 5075] <... munmap resumed>) = 0 [pid 5080] <... openat resumed>) = 3 [pid 5079] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5075] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5075] ioctl(4, LOOP_SET_FD, 3 [pid 5079] <... openat resumed>) = 3 [pid 5077] memfd_create("syzkaller", 0 [pid 5080] write(3, "1000", 4 [pid 5079] write(3, "1000", 4 [pid 5077] <... memfd_create resumed>) = 3 [pid 5076] <... write resumed>) = 524288 [pid 5079] <... write resumed>) = 4 [pid 5079] close(3 [pid 5080] <... write resumed>) = 4 [pid 5080] close(3) = 0 [pid 5074] <... ioctl resumed>) = 0 [pid 5080] symlink("/dev/binderfs", "./binderfs" [pid 5074] close(3 [pid 5080] <... symlink resumed>) = 0 [pid 5074] <... close resumed>) = 0 [pid 5074] mkdir("./file0", 0777) = 0 [pid 5080] memfd_create("syzkaller", 0 [pid 5079] <... close resumed>) = 0 [pid 5077] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] <... memfd_create resumed>) = 3 [pid 5076] munmap(0x7fa9f93fb000, 138412032 [ 57.358496][ T5074] loop2: detected capacity change from 0 to 1024 [ 57.379490][ T5075] loop1: detected capacity change from 0 to 1024 [ 57.399431][ T5074] ======================================================= [pid 5074] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5080] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5079] symlink("/dev/binderfs", "./binderfs" [pid 5077] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5076] <... munmap resumed>) = 0 [pid 5080] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5080] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5079] <... symlink resumed>) = 0 [pid 5076] <... openat resumed>) = 4 [pid 5076] ioctl(4, LOOP_SET_FD, 3 [pid 5075] <... ioctl resumed>) = 0 [pid 5075] close(3) = 0 [pid 5075] mkdir("./file0", 0777) = 0 [pid 5079] memfd_create("syzkaller", 0 [pid 5075] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5079] <... memfd_create resumed>) = 3 [pid 5077] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5080] <... write resumed>) = 524288 [pid 5079] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5080] munmap(0x7fa9f93fb000, 138412032 [pid 5079] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5076] <... ioctl resumed>) = 0 [ 57.399431][ T5074] WARNING: The mand mount option has been deprecated and [ 57.399431][ T5074] and is ignored by this kernel. Remove the mand [ 57.399431][ T5074] option from the mount to silence this warning. [ 57.399431][ T5074] ======================================================= [ 57.441261][ T5076] loop0: detected capacity change from 0 to 1024 [pid 5080] <... munmap resumed>) = 0 [pid 5076] close(3) = 0 [pid 5076] mkdir("./file0", 0777 [pid 5080] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5076] <... mkdir resumed>) = 0 [pid 5080] <... openat resumed>) = 4 [pid 5076] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5080] ioctl(4, LOOP_SET_FD, 3 [pid 5079] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5077] <... write resumed>) = 524288 [pid 5075] <... mount resumed>) = 0 [pid 5076] <... mount resumed>) = 0 [pid 5080] <... ioctl resumed>) = 0 [pid 5076] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5080] close(3 [pid 5076] <... openat resumed>) = 3 [pid 5080] <... close resumed>) = 0 [pid 5076] chdir("./file0" [pid 5077] munmap(0x7fa9f93fb000, 138412032 [pid 5080] mkdir("./file0", 0777 [pid 5076] <... chdir resumed>) = 0 [pid 5080] <... mkdir resumed>) = 0 [pid 5077] <... munmap resumed>) = 0 [pid 5076] ioctl(4, LOOP_CLR_FD) = 0 [pid 5075] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] close(4 [pid 5075] <... openat resumed>) = 3 [pid 5076] <... close resumed>) = 0 [pid 5075] chdir("./file0" [pid 5076] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5075] <... chdir resumed>) = 0 [pid 5080] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5076] <... openat resumed>) = 4 [pid 5075] ioctl(4, LOOP_CLR_FD) = 0 [pid 5075] close(4) = 0 [pid 5075] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5076] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5075] <... openat resumed>) = 4 [pid 5075] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5077] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5077] ioctl(4, LOOP_SET_FD, 3 [pid 5080] <... mount resumed>) = 0 [pid 5080] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5080] chdir("./file0") = 0 [pid 5080] ioctl(4, LOOP_CLR_FD) = 0 [pid 5080] close(4) = 0 [pid 5080] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5080] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5074] <... mount resumed>) = 0 [pid 5079] <... write resumed>) = 524288 [pid 5077] <... ioctl resumed>) = 0 [pid 5079] munmap(0x7fa9f93fb000, 138412032 [pid 5077] close(3 [pid 5074] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5077] <... close resumed>) = 0 [pid 5077] mkdir("./file0", 0777 [pid 5074] <... openat resumed>) = 3 [pid 5079] <... munmap resumed>) = 0 [pid 5077] <... mkdir resumed>) = 0 [pid 5074] chdir("./file0" [pid 5079] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5077] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5074] <... chdir resumed>) = 0 [pid 5079] <... openat resumed>) = 4 [ 57.469169][ T5080] loop5: detected capacity change from 0 to 1024 [ 57.503497][ T5077] loop3: detected capacity change from 0 to 1024 [pid 5074] ioctl(4, LOOP_CLR_FD [pid 5080] <... ioctl resumed>) = 0 [pid 5079] ioctl(4, LOOP_SET_FD, 3 [pid 5076] <... ioctl resumed>) = 0 [pid 5075] <... ioctl resumed>) = 0 [pid 5074] <... ioctl resumed>) = 0 [pid 5080] exit_group(0 [pid 5079] <... ioctl resumed>) = 0 [pid 5077] <... mount resumed>) = 0 [pid 5076] exit_group(0 [pid 5075] exit_group(0 [pid 5074] close(4 [pid 5080] <... exit_group resumed>) = ? [pid 5077] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5076] <... exit_group resumed>) = ? [pid 5075] <... exit_group resumed>) = ? [pid 5080] +++ exited with 0 +++ [pid 5077] <... openat resumed>) = 3 [pid 5076] +++ exited with 0 +++ [pid 5075] +++ exited with 0 +++ [pid 5077] chdir("./file0" [pid 5074] <... close resumed>) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5080, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5076, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5077] <... chdir resumed>) = 0 [pid 5074] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5075, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5074] <... openat resumed>) = 4 [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5077] ioctl(4, LOOP_CLR_FD [pid 5074] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5073] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5074] <... ioctl resumed>) = 0 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5074] exit_group(0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5077] <... ioctl resumed>) = 0 [pid 5074] <... exit_group resumed>) = ? [pid 5077] close(4 [pid 5074] +++ exited with 0 +++ [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5077] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5074, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5073] <... openat resumed>) = 3 [pid 5070] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 5077] <... openat resumed>) = 4 [pid 5073] newfstatat(3, "", [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(3, "", [pid 5077] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5070] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5077] <... ioctl resumed>) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5069] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5077] exit_group(0 [pid 5073] getdents64(3, [pid 5070] newfstatat(3, "", [pid 5077] <... exit_group resumed>) = ? [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(3, [pid 5070] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] unlink("./0/binderfs" [pid 5069] <... openat resumed>) = 3 [pid 5068] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(3 [pid 5073] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... unlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] <... close resumed>) = 0 [pid 5070] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] mkdir("./file0", 0777 [pid 5077] +++ exited with 0 +++ [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(3, "", [pid 5068] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5079] <... mkdir resumed>) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5077, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] unlink("./0/binderfs" [pid 5073] newfstatat(AT_FDCWD, "./0/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] <... unlink resumed>) = 0 [pid 5073] unlink("./0/binderfs" [pid 5070] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... unlink resumed>) = 0 [pid 5071] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./0/file0", [pid 5069] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [ 57.553199][ T5079] loop4: detected capacity change from 0 to 1024 [pid 5071] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(3, "", [pid 5070] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] <... openat resumed>) = 4 [pid 5071] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5069] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(4, "", [pid 5071] unlink("./0/binderfs" [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5079] <... mount resumed>) = 0 [pid 5073] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... unlink resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5079] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] unlink("./0/binderfs" [pid 5073] newfstatat(AT_FDCWD, "./0/file0", [pid 5079] chdir("./file0") = 0 [pid 5079] ioctl(4, LOOP_CLR_FD [pid 5069] <... unlink resumed>) = 0 [pid 5079] <... ioctl resumed>) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] close(4 [pid 5073] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5068] newfstatat(AT_FDCWD, "./0/file0", [pid 5079] <... openat resumed>) = 4 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5079] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5068] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5079] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5079] exit_group(0 [pid 5068] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5079] <... exit_group resumed>) = ? [pid 5068] <... openat resumed>) = 4 [pid 5079] +++ exited with 0 +++ [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] close(4 [pid 5070] getdents64(4, [pid 5068] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] rmdir("./0/file0" [pid 5070] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] close(4 [pid 5068] getdents64(3, [pid 5070] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] rmdir("./0/file0" [pid 5068] close(3 [pid 5070] <... rmdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5070] getdents64(3, [pid 5068] rmdir("./0" [pid 5073] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5079, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5072] umount2("./0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... rmdir resumed>) = 0 [pid 5073] newfstatat(4, "", [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5072] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] mkdir("./1", 0777 [pid 5073] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] umount2("./0/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] rmdir("./0" [pid 5068] <... mkdir resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... rmdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] close(4 [pid 5072] newfstatat(AT_FDCWD, "./0/binderfs", [pid 5070] mkdir("./1", 0777 [pid 5068] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5073] rmdir("./0/file0" [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5072] unlink("./0/binderfs" [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... unlink resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5068] close(3 [pid 5073] getdents64(3, [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5068] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] close(3 [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] close(3./strace-static-x86_64: Process 5084 attached [pid 5073] <... close resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5084 [pid 5084] set_robust_list(0x55555566a660, 24 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5084] <... set_robust_list resumed>) = 0 [pid 5073] rmdir("./0" [pid 5084] chdir("./1") = 0 [pid 5084] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... rmdir resumed>) = 0 [pid 5084] <... prctl resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5085 [pid 5084] setpgid(0, 0) = 0 [pid 5073] mkdir("./1", 0777./strace-static-x86_64: Process 5085 attached [pid 5084] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... mkdir resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5085] set_robust_list(0x55555566a660, 24 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5085] <... set_robust_list resumed>) = 0 [pid 5084] <... openat resumed>) = 3 [pid 5073] <... openat resumed>) = 3 [pid 5072] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5085] chdir("./1" [pid 5084] write(3, "1000", 4 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5085] <... chdir resumed>) = 0 [pid 5084] <... write resumed>) = 4 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5085] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5084] close(3 [pid 5085] <... prctl resumed>) = 0 [pid 5084] <... close resumed>) = 0 [pid 5073] close(3 [pid 5085] setpgid(0, 0 [pid 5084] symlink("/dev/binderfs", "./binderfs" [pid 5085] <... setpgid resumed>) = 0 [pid 5084] <... symlink resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5069] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5085] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5084] memfd_create("syzkaller", 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] <... openat resumed>) = 3 [pid 5084] <... memfd_create resumed>) = 3 [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5085] write(3, "1000", 4 [pid 5084] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./0/file0", [pid 5085] <... write resumed>) = 4 [pid 5084] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5087 [pid 5072] newfstatat(AT_FDCWD, "./0/file0", ./strace-static-x86_64: Process 5087 attached [pid 5085] close(3 [pid 5084] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5087] set_robust_list(0x55555566a660, 24 [pid 5085] <... close resumed>) = 0 [pid 5085] symlink("/dev/binderfs", "./binderfs" [pid 5087] <... set_robust_list resumed>) = 0 [pid 5072] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5087] chdir("./1" [pid 5085] <... symlink resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] <... chdir resumed>) = 0 [pid 5087] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5087] setpgid(0, 0) = 0 [pid 5087] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] <... openat resumed>) = 4 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5087] <... openat resumed>) = 3 [pid 5085] memfd_create("syzkaller", 0 [pid 5072] newfstatat(4, "", [pid 5071] newfstatat(AT_FDCWD, "./0/file0", [pid 5069] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5085] <... memfd_create resumed>) = 3 [pid 5084] <... write resumed>) = 524288 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5085] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] write(3, "1000", 4 [pid 5072] getdents64(4, [pid 5087] <... write resumed>) = 4 [pid 5085] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] umount2("./0/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5087] close(3 [pid 5072] getdents64(4, [pid 5087] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5087] symlink("/dev/binderfs", "./binderfs" [pid 5072] close(4 [pid 5087] <... symlink resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5072] rmdir("./0/file0") = 0 [pid 5085] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 4 [pid 5071] openat(AT_FDCWD, "./0/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5087] memfd_create("syzkaller", 0 [pid 5072] getdents64(3, [pid 5071] <... openat resumed>) = 4 [pid 5069] newfstatat(4, "", [pid 5087] <... memfd_create resumed>) = 3 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] newfstatat(4, "", [pid 5087] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] close(3 [pid 5087] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5084] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5087] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] rmdir("./0" [pid 5071] getdents64(4, [pid 5069] getdents64(4, [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(4, [pid 5071] close(4 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5084] <... openat resumed>) = 4 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5069] close(4 [pid 5084] ioctl(4, LOOP_SET_FD, 3 [pid 5071] rmdir("./0/file0" [pid 5069] <... close resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5069] rmdir("./0/file0" [pid 5072] mkdir("./1", 0777) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5071] getdents64(3, [pid 5069] <... rmdir resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5069] getdents64(3, [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] <... ioctl resumed>) = 0 [pid 5071] close(3 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] close(3) = 0 [pid 5069] close(3 [pid 5071] <... close resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5087] <... write resumed>) = 524288 [pid 5085] <... write resumed>) = 524288 [pid 5071] rmdir("./0" [pid 5069] <... close resumed>) = 0 ./strace-static-x86_64: Process 5088 attached [pid 5071] <... rmdir resumed>) = 0 [pid 5069] rmdir("./0" [pid 5088] set_robust_list(0x55555566a660, 24 [pid 5071] mkdir("./1", 0777 [pid 5088] <... set_robust_list resumed>) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5088 [pid 5088] chdir("./1" [pid 5087] munmap(0x7fa9f93fb000, 138412032 [pid 5084] <... ioctl resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5088] <... chdir resumed>) = 0 [pid 5087] <... munmap resumed>) = 0 [pid 5084] close(3 [pid 5088] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5084] <... close resumed>) = 0 [pid 5088] <... prctl resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] mkdir("./1", 0777 [pid 5088] setpgid(0, 0 [pid 5087] <... openat resumed>) = 4 [pid 5084] mkdir("./file0", 0777 [pid 5071] <... openat resumed>) = 3 [pid 5088] <... setpgid resumed>) = 0 [pid 5087] ioctl(4, LOOP_SET_FD, 3 [pid 5085] munmap(0x7fa9f93fb000, 138412032 [pid 5084] <... mkdir resumed>) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5069] <... mkdir resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5088] write(3, "1000", 4) = 4 [pid 5088] close(3) = 0 [pid 5084] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5085] <... munmap resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [ 57.740769][ T5084] loop0: detected capacity change from 0 to 1024 [ 57.769934][ T5087] loop5: detected capacity change from 0 to 1024 [pid 5085] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 5085] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5089 attached [pid 5085] ioctl(4, LOOP_SET_FD, 3 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5084] <... mount resumed>) = 0 [pid 5084] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5088] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5084] chdir("./file0") = 0 [pid 5084] ioctl(4, LOOP_CLR_FD) = 0 [pid 5084] close(4 [pid 5088] memfd_create("syzkaller", 0 [pid 5084] <... close resumed>) = 0 [pid 5088] <... memfd_create resumed>) = 3 [pid 5084] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5088] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5084] <... openat resumed>) = 4 [pid 5089] set_robust_list(0x55555566a660, 24 [pid 5088] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5084] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5089 [pid 5089] <... set_robust_list resumed>) = 0 [pid 5089] chdir("./1" [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5090 [pid 5089] <... chdir resumed>) = 0 ./strace-static-x86_64: Process 5090 attached [pid 5089] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] <... ioctl resumed>) = 0 [pid 5089] <... prctl resumed>) = 0 [pid 5090] set_robust_list(0x55555566a660, 24 [pid 5087] close(3) = 0 [pid 5089] setpgid(0, 0 [pid 5087] mkdir("./file0", 0777 [pid 5090] <... set_robust_list resumed>) = 0 [pid 5087] <... mkdir resumed>) = 0 [pid 5090] chdir("./1" [pid 5089] <... setpgid resumed>) = 0 [pid 5090] <... chdir resumed>) = 0 [pid 5089] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5090] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5087] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5090] <... prctl resumed>) = 0 [pid 5089] <... openat resumed>) = 3 [pid 5090] setpgid(0, 0) = 0 [pid 5090] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5089] write(3, "1000", 4 [pid 5087] <... mount resumed>) = 0 [ 57.787288][ T5085] loop2: detected capacity change from 0 to 1024 [pid 5085] <... ioctl resumed>) = 0 [pid 5090] write(3, "1000", 4 [pid 5089] <... write resumed>) = 4 [pid 5088] <... write resumed>) = 524288 [pid 5087] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5090] <... write resumed>) = 4 [pid 5088] munmap(0x7fa9f93fb000, 138412032 [pid 5087] <... openat resumed>) = 3 [pid 5089] close(3 [pid 5085] close(3 [pid 5090] close(3 [pid 5089] <... close resumed>) = 0 [pid 5088] <... munmap resumed>) = 0 [pid 5087] chdir("./file0" [pid 5085] <... close resumed>) = 0 [pid 5089] symlink("/dev/binderfs", "./binderfs" [pid 5085] mkdir("./file0", 0777 [pid 5090] <... close resumed>) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5087] <... chdir resumed>) = 0 [pid 5089] <... symlink resumed>) = 0 [pid 5088] <... openat resumed>) = 4 [pid 5087] ioctl(4, LOOP_CLR_FD [pid 5085] <... mkdir resumed>) = 0 [pid 5085] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5090] symlink("/dev/binderfs", "./binderfs" [pid 5089] memfd_create("syzkaller", 0 [pid 5088] ioctl(4, LOOP_SET_FD, 3 [pid 5087] <... ioctl resumed>) = 0 [pid 5090] <... symlink resumed>) = 0 [pid 5089] <... memfd_create resumed>) = 3 [pid 5087] close(4 [pid 5085] <... mount resumed>) = 0 [pid 5085] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5085] chdir("./file0" [pid 5090] memfd_create("syzkaller", 0 [pid 5087] <... close resumed>) = 0 [pid 5084] <... ioctl resumed>) = 0 [pid 5090] <... memfd_create resumed>) = 3 [pid 5087] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5084] exit_group(0 [pid 5085] <... chdir resumed>) = 0 [pid 5089] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5085] ioctl(4, LOOP_CLR_FD [pid 5090] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5089] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5087] <... openat resumed>) = 4 [pid 5085] <... ioctl resumed>) = 0 [pid 5084] <... exit_group resumed>) = ? [pid 5090] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5087] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5084] +++ exited with 0 +++ [pid 5087] <... ioctl resumed>) = 0 [pid 5085] close(4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5084, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5087] exit_group(0 [pid 5085] <... close resumed>) = 0 [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5090] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5087] <... exit_group resumed>) = ? [pid 5085] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5068] <... restart_syscall resumed>) = 0 [pid 5089] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5087] +++ exited with 0 +++ [pid 5085] <... openat resumed>) = 4 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5087, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5068] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... write resumed>) = 524288 [pid 5088] <... ioctl resumed>) = 0 [pid 5085] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5073] <... restart_syscall resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5090] munmap(0x7fa9f93fb000, 138412032 [pid 5089] <... write resumed>) = 524288 [pid 5088] close(3 [pid 5085] <... ioctl resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5088] <... close resumed>) = 0 [pid 5088] mkdir("./file0", 0777 [pid 5089] munmap(0x7fa9f93fb000, 138412032 [pid 5088] <... mkdir resumed>) = 0 [pid 5085] exit_group(0 [pid 5068] newfstatat(3, "", [pid 5090] <... munmap resumed>) = 0 [pid 5089] <... munmap resumed>) = 0 [pid 5088] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5085] <... exit_group resumed>) = ? [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5089] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5088] <... mount resumed>) = 0 [pid 5085] +++ exited with 0 +++ [pid 5073] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5090] <... openat resumed>) = 4 [pid 5088] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5085, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [ 57.844898][ T5088] loop4: detected capacity change from 0 to 1024 [pid 5090] ioctl(4, LOOP_SET_FD, 3 [pid 5089] <... openat resumed>) = 4 [pid 5088] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5090] <... ioctl resumed>) = 0 [pid 5088] chdir("./file0" [pid 5089] ioctl(4, LOOP_SET_FD, 3 [pid 5073] <... openat resumed>) = 3 [pid 5068] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] newfstatat(3, "", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", [pid 5088] <... chdir resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5088] ioctl(4, LOOP_CLR_FD [pid 5070] getdents64(3, [pid 5088] <... ioctl resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5088] close(4 [pid 5070] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5088] <... close resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5070] unlink("./1/binderfs") = 0 [pid 5070] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5088] <... openat resumed>) = 4 [pid 5088] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5088] exit_group(0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5088] <... exit_group resumed>) = ? [pid 5088] +++ exited with 0 +++ [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] unlink("./1/binderfs" [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5088, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] close(3 [pid 5089] <... ioctl resumed>) = 0 [pid 5073] getdents64(3, [pid 5068] <... umount2 resumed>) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] <... umount2 resumed>) = 0 [pid 5068] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./1/file0", [pid 5073] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5090] mkdir("./file0", 0777 [pid 5089] close(3 [pid 5072] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5090] <... mkdir resumed>) = 0 [pid 5089] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5068] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5089] mkdir("./file0", 0777 [pid 5072] newfstatat(3, "", [pid 5089] <... mkdir resumed>) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(3, [pid 5090] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5089] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5070] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] unlink("./1/binderfs" [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... openat resumed>) = 4 [pid 5090] <... mount resumed>) = 0 [pid 5089] <... mount resumed>) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5072] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] newfstatat(AT_FDCWD, "./1/file0", [pid 5090] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5089] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(4, "", [pid 5090] <... openat resumed>) = 3 [pid 5089] <... openat resumed>) = 3 [pid 5072] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5090] chdir("./file0" [pid 5089] chdir("./file0" [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] getdents64(4, [pid 5090] <... chdir resumed>) = 0 [pid 5089] <... chdir resumed>) = 0 [pid 5072] unlink("./1/binderfs" [pid 5070] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5090] ioctl(4, LOOP_CLR_FD [pid 5089] ioctl(4, LOOP_CLR_FD [pid 5072] <... unlink resumed>) = 0 [ 57.892591][ T5090] loop1: detected capacity change from 0 to 1024 [ 57.902527][ T5089] loop3: detected capacity change from 0 to 1024 [pid 5068] getdents64(4, [pid 5090] <... ioctl resumed>) = 0 [pid 5089] <... ioctl resumed>) = 0 [pid 5072] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5090] close(4 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5090] <... close resumed>) = 0 [pid 5089] close(4 [pid 5068] close(4 [pid 5090] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5089] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... close resumed>) = 0 [pid 5090] <... openat resumed>) = 4 [pid 5089] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5068] rmdir("./1/file0" [pid 5090] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5089] <... openat resumed>) = 4 [pid 5090] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5089] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5068] <... rmdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] getdents64(3, [pid 5090] exit_group(0 [pid 5089] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5089] exit_group(0 [pid 5068] close(3 [pid 5089] <... exit_group resumed>) = ? [pid 5068] <... close resumed>) = 0 [pid 5090] <... exit_group resumed>) = ? [pid 5070] <... openat resumed>) = 4 [pid 5068] rmdir("./1" [pid 5090] +++ exited with 0 +++ [pid 5073] <... umount2 resumed>) = 0 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5089] +++ exited with 0 +++ [pid 5070] getdents64(4, [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5090, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5073] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5089, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(AT_FDCWD, "./1/file0", [pid 5070] getdents64(4, [pid 5069] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] mkdir("./2", 0777 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] umount2("./1", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] close(4 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... mkdir resumed>) = 0 [pid 5070] rmdir("./1/file0" [pid 5073] <... openat resumed>) = 4 [pid 5071] openat(AT_FDCWD, "./1", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] newfstatat(3, "", [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5073] newfstatat(4, "", [pid 5071] <... openat resumed>) = 3 [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] newfstatat(3, "", [pid 5070] getdents64(3, [pid 5069] getdents64(3, [pid 5073] getdents64(4, [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(3, [pid 5070] close(3 [pid 5069] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] getdents64(4, [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] close(3 [pid 5071] umount2("./1/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5068] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] rmdir("./1" [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] close(4 [pid 5072] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] newfstatat(AT_FDCWD, "./1/binderfs", [pid 5070] <... rmdir resumed>) = 0 [pid 5069] unlink("./1/binderfs"./strace-static-x86_64: Process 5092 attached [pid 5073] <... close resumed>) = 0 [pid 5070] mkdir("./2", 0777 [pid 5069] <... unlink resumed>) = 0 [pid 5073] rmdir("./1/file0" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5092 [pid 5072] newfstatat(AT_FDCWD, "./1/file0", [pid 5071] unlink("./1/binderfs" [pid 5070] <... mkdir resumed>) = 0 [pid 5092] set_robust_list(0x55555566a660, 24 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5092] <... set_robust_list resumed>) = 0 [pid 5073] getdents64(3, [pid 5092] chdir("./2" [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... openat resumed>) = 3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5072] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] close(4) = 0 [pid 5072] rmdir("./1/file0" [pid 5073] close(3 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5092] <... chdir resumed>) = 0 [pid 5092] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... close resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... umount2 resumed>) = 0 [pid 5070] close(3 [pid 5092] <... prctl resumed>) = 0 [pid 5073] rmdir("./1" [pid 5070] <... close resumed>) = 0 [pid 5092] setpgid(0, 0 [pid 5072] getdents64(3, [pid 5069] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] close(3 [pid 5073] <... rmdir resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./1/file0", [pid 5092] <... setpgid resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... close resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] rmdir("./1" [pid 5069] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... rmdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, [pid 5072] mkdir("./2", 0777 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] <... mkdir resumed>) = 0 [pid 5069] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5093 attached [pid 5092] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] mkdir("./2", 0777 [pid 5069] close(4 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] <... close resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5093 [pid 5072] <... openat resumed>) = 3 [pid 5069] rmdir("./1/file0" [pid 5093] set_robust_list(0x55555566a660, 24 [pid 5073] <... mkdir resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] <... umount2 resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5093] <... set_robust_list resumed>) = 0 [pid 5092] write(3, "1000", 4 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] getdents64(3, [pid 5093] chdir("./2" [pid 5092] <... write resumed>) = 4 [pid 5073] <... openat resumed>) = 3 [pid 5093] <... chdir resumed>) = 0 [pid 5092] close(3 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5092] <... close resumed>) = 0 [pid 5072] close(3 [pid 5071] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5093] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5092] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] close(3 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] newfstatat(AT_FDCWD, "./1/file0", [pid 5069] <... close resumed>) = 0 [pid 5093] <... prctl resumed>) = 0 [pid 5092] <... symlink resumed>) = 0 [pid 5073] close(3 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5094 attached [pid 5093] setpgid(0, 0 [pid 5092] memfd_create("syzkaller", 0 [pid 5073] <... close resumed>) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5094 [pid 5071] umount2("./1/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./1" [pid 5093] <... setpgid resumed>) = 0 [pid 5092] <... memfd_create resumed>) = 3 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5094] set_robust_list(0x55555566a660, 24 [pid 5093] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] openat(AT_FDCWD, "./1/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] mkdir("./2", 0777./strace-static-x86_64: Process 5095 attached [pid 5094] <... set_robust_list resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5092] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] <... openat resumed>) = 4 [pid 5069] <... mkdir resumed>) = 0 [pid 5095] set_robust_list(0x55555566a660, 24 [pid 5094] chdir("./2" [pid 5092] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5095 [pid 5071] newfstatat(4, "", [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] <... set_robust_list resumed>) = 0 [pid 5094] <... chdir resumed>) = 0 [pid 5093] write(3, "1000", 4 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5094] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] getdents64(4, [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5095] chdir("./2" [pid 5094] <... prctl resumed>) = 0 [pid 5093] <... write resumed>) = 4 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5094] setpgid(0, 0 [pid 5093] close(3 [pid 5071] getdents64(4, [pid 5069] close(3 [pid 5094] <... setpgid resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] <... close resumed>) = 0 [pid 5095] <... chdir resumed>) = 0 [pid 5094] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] close(4 [pid 5095] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5094] <... openat resumed>) = 3 [pid 5071] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] <... prctl resumed>) = 0 [pid 5094] write(3, "1000", 4 [pid 5093] symlink("/dev/binderfs", "./binderfs" [pid 5071] rmdir("./1/file0"./strace-static-x86_64: Process 5096 attached [pid 5095] setpgid(0, 0 [pid 5094] <... write resumed>) = 4 [pid 5093] <... symlink resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5096] set_robust_list(0x55555566a660, 24 [pid 5095] <... setpgid resumed>) = 0 [pid 5094] close(3 [pid 5071] getdents64(3, [pid 5095] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5096] <... set_robust_list resumed>) = 0 [pid 5095] <... openat resumed>) = 3 [pid 5094] <... close resumed>) = 0 [pid 5071] close(3 [pid 5096] chdir("./2" [pid 5095] write(3, "1000", 4 [pid 5094] symlink("/dev/binderfs", "./binderfs" [pid 5093] memfd_create("syzkaller", 0 [pid 5092] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5096 [pid 5096] <... chdir resumed>) = 0 [pid 5095] <... write resumed>) = 4 [pid 5094] <... symlink resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5096] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5095] close(3 [pid 5093] <... memfd_create resumed>) = 3 [pid 5071] rmdir("./1" [pid 5096] <... prctl resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5094] memfd_create("syzkaller", 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5096] setpgid(0, 0 [pid 5094] <... memfd_create resumed>) = 3 [pid 5071] mkdir("./2", 0777 [pid 5096] <... setpgid resumed>) = 0 [pid 5094] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5096] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5095] symlink("/dev/binderfs", "./binderfs" [pid 5093] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5093] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5096] <... openat resumed>) = 3 [pid 5095] <... symlink resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5071] close(3) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5095] memfd_create("syzkaller", 0 [pid 5093] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] <... write resumed>) = 524288 ./strace-static-x86_64: Process 5097 attached [pid 5094] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5097 [pid 5097] set_robust_list(0x55555566a660, 24 [pid 5096] write(3, "1000", 4 [pid 5095] <... memfd_create resumed>) = 3 [pid 5095] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5097] <... set_robust_list resumed>) = 0 [pid 5096] <... write resumed>) = 4 [pid 5095] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5097] chdir("./2" [pid 5096] close(3 [pid 5097] <... chdir resumed>) = 0 [pid 5096] <... close resumed>) = 0 [pid 5097] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5096] symlink("/dev/binderfs", "./binderfs" [pid 5097] <... prctl resumed>) = 0 [pid 5096] <... symlink resumed>) = 0 [pid 5097] setpgid(0, 0) = 0 [pid 5096] memfd_create("syzkaller", 0 [pid 5092] munmap(0x7fa9f93fb000, 138412032 [pid 5097] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5096] <... memfd_create resumed>) = 3 [pid 5092] <... munmap resumed>) = 0 [pid 5097] write(3, "1000", 4 [pid 5096] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5094] <... write resumed>) = 524288 [pid 5093] <... write resumed>) = 524288 [pid 5097] <... write resumed>) = 4 [pid 5096] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5095] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5097] close(3 [pid 5096] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5092] <... openat resumed>) = 4 [pid 5097] <... close resumed>) = 0 [pid 5097] symlink("/dev/binderfs", "./binderfs" [pid 5092] ioctl(4, LOOP_SET_FD, 3 [pid 5097] <... symlink resumed>) = 0 [pid 5097] memfd_create("syzkaller", 0) = 3 [pid 5097] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5097] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5094] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5095] <... write resumed>) = 524288 [pid 5094] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5093] munmap(0x7fa9f93fb000, 138412032 [pid 5097] <... write resumed>) = 524288 [pid 5095] munmap(0x7fa9f93fb000, 138412032 [pid 5093] <... munmap resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5094] <... openat resumed>) = 4 [pid 5095] <... munmap resumed>) = 0 [pid 5094] ioctl(4, LOOP_SET_FD, 3 [pid 5093] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5092] close(3 [pid 5096] <... write resumed>) = 524288 [pid 5095] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5093] <... openat resumed>) = 4 [pid 5092] <... close resumed>) = 0 [pid 5093] ioctl(4, LOOP_SET_FD, 3 [pid 5092] mkdir("./file0", 0777 [pid 5096] munmap(0x7fa9f93fb000, 138412032 [pid 5092] <... mkdir resumed>) = 0 [pid 5097] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5097] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5092] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5097] ioctl(4, LOOP_SET_FD, 3 [pid 5096] <... munmap resumed>) = 0 [pid 5095] <... openat resumed>) = 4 [ 58.149051][ T5092] loop0: detected capacity change from 0 to 1024 [ 58.170250][ T5094] loop4: detected capacity change from 0 to 1024 [ 58.179151][ T5093] loop2: detected capacity change from 0 to 1024 [ 58.187622][ T5097] loop3: detected capacity change from 0 to 1024 [pid 5096] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5095] ioctl(4, LOOP_SET_FD, 3 [pid 5094] <... ioctl resumed>) = 0 [pid 5093] <... ioctl resumed>) = 0 [pid 5092] <... mount resumed>) = 0 [pid 5097] <... ioctl resumed>) = 0 [pid 5096] <... openat resumed>) = 4 [pid 5095] <... ioctl resumed>) = 0 [pid 5094] close(3 [pid 5093] close(3 [pid 5092] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5097] close(3 [pid 5096] ioctl(4, LOOP_SET_FD, 3 [pid 5095] close(3 [pid 5094] <... close resumed>) = 0 [pid 5093] <... close resumed>) = 0 [pid 5092] <... openat resumed>) = 3 [pid 5097] <... close resumed>) = 0 [pid 5095] <... close resumed>) = 0 [pid 5095] mkdir("./file0", 0777) = 0 [pid 5095] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5097] mkdir("./file0", 0777 [pid 5096] <... ioctl resumed>) = 0 [pid 5094] mkdir("./file0", 0777 [pid 5093] mkdir("./file0", 0777 [pid 5092] chdir("./file0" [pid 5096] close(3) = 0 [pid 5096] mkdir("./file0", 0777 [pid 5097] <... mkdir resumed>) = 0 [pid 5096] <... mkdir resumed>) = 0 [pid 5094] <... mkdir resumed>) = 0 [pid 5093] <... mkdir resumed>) = 0 [pid 5092] <... chdir resumed>) = 0 [pid 5097] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5093] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5096] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5094] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5092] ioctl(4, LOOP_CLR_FD) = 0 [pid 5092] close(4 [pid 5095] <... mount resumed>) = 0 [pid 5094] <... mount resumed>) = 0 [pid 5092] <... close resumed>) = 0 [pid 5095] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5094] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5092] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5095] <... openat resumed>) = 3 [pid 5094] <... openat resumed>) = 3 [pid 5093] <... mount resumed>) = 0 [pid 5092] <... openat resumed>) = 4 [pid 5095] chdir("./file0" [pid 5094] chdir("./file0" [pid 5093] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5092] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5095] <... chdir resumed>) = 0 [pid 5094] <... chdir resumed>) = 0 [pid 5093] <... openat resumed>) = 3 [pid 5097] <... mount resumed>) = 0 [pid 5095] ioctl(4, LOOP_CLR_FD [pid 5094] ioctl(4, LOOP_CLR_FD [pid 5093] chdir("./file0" [pid 5097] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5095] <... ioctl resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5093] <... chdir resumed>) = 0 [pid 5097] <... openat resumed>) = 3 [pid 5096] <... mount resumed>) = 0 [pid 5095] close(4 [pid 5094] close(4 [pid 5093] ioctl(4, LOOP_CLR_FD [pid 5097] chdir("./file0" [pid 5096] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5095] <... close resumed>) = 0 [pid 5094] <... close resumed>) = 0 [pid 5093] <... ioctl resumed>) = 0 [pid 5097] <... chdir resumed>) = 0 [pid 5096] <... openat resumed>) = 3 [pid 5095] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5094] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5093] close(4 [pid 5097] ioctl(4, LOOP_CLR_FD [pid 5096] chdir("./file0" [pid 5095] <... openat resumed>) = 4 [pid 5094] <... openat resumed>) = 4 [pid 5097] <... ioctl resumed>) = 0 [pid 5096] <... chdir resumed>) = 0 [pid 5095] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5094] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5097] close(4 [pid 5096] ioctl(4, LOOP_CLR_FD [pid 5093] <... close resumed>) = 0 [pid 5097] <... close resumed>) = 0 [pid 5096] <... ioctl resumed>) = 0 [pid 5093] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5097] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5096] close(4 [pid 5093] <... openat resumed>) = 4 [ 58.197341][ T5095] loop5: detected capacity change from 0 to 1024 [ 58.213357][ T5096] loop1: detected capacity change from 0 to 1024 [pid 5097] <... openat resumed>) = 4 [pid 5096] <... close resumed>) = 0 [pid 5093] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5097] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5096] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5096] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5097] <... ioctl resumed>) = 0 [pid 5096] <... ioctl resumed>) = 0 [pid 5095] <... ioctl resumed>) = 0 [pid 5094] <... ioctl resumed>) = 0 [pid 5093] <... ioctl resumed>) = 0 [pid 5092] <... ioctl resumed>) = 0 [pid 5097] exit_group(0 [pid 5096] exit_group(0 [pid 5095] exit_group(0 [pid 5093] exit_group(0 [pid 5097] <... exit_group resumed>) = ? [pid 5096] <... exit_group resumed>) = ? [pid 5093] <... exit_group resumed>) = ? [pid 5095] <... exit_group resumed>) = ? [pid 5094] exit_group(0 [pid 5092] exit_group(0 [pid 5095] +++ exited with 0 +++ [pid 5094] <... exit_group resumed>) = ? [pid 5096] +++ exited with 0 +++ [pid 5094] +++ exited with 0 +++ [pid 5093] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5096, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5094, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5092] <... exit_group resumed>) = ? [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5093, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5097] +++ exited with 0 +++ [pid 5070] restart_syscall(<... resuming interrupted clone ...> [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5095, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5097, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5070] <... restart_syscall resumed>) = 0 [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5092] +++ exited with 0 +++ [pid 5073] <... restart_syscall resumed>) = 0 [pid 5072] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5092, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5072] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... openat resumed>) = 3 [pid 5071] umount2("./2", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./2", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... openat resumed>) = 3 [pid 5071] newfstatat(3, "", [pid 5070] <... openat resumed>) = 3 [pid 5069] newfstatat(3, "", [pid 5068] <... openat resumed>) = 3 [pid 5073] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] newfstatat(3, "", [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] newfstatat(3, "", [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] newfstatat(3, "", [pid 5073] getdents64(3, [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(3, [pid 5071] getdents64(3, [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] getdents64(3, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5072] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./2/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5073] unlink("./2/binderfs" [pid 5071] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5070] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5069] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5068] newfstatat(AT_FDCWD, "./2/binderfs", [pid 5073] <... unlink resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] unlink("./2/binderfs" [pid 5071] unlink("./2/binderfs" [pid 5070] unlink("./2/binderfs" [pid 5069] unlink("./2/binderfs" [pid 5068] unlink("./2/binderfs" [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5072] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5073] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(AT_FDCWD, "./2/file0", [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(AT_FDCWD, "./2/file0", [pid 5072] newfstatat(AT_FDCWD, "./2/file0", [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(AT_FDCWD, "./2/file0", [pid 5069] newfstatat(AT_FDCWD, "./2/file0", [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... openat resumed>) = 4 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... openat resumed>) = 4 [pid 5071] newfstatat(4, "", [pid 5070] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... openat resumed>) = 4 [pid 5073] <... openat resumed>) = 4 [pid 5072] newfstatat(4, "", [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... openat resumed>) = 4 [pid 5069] newfstatat(4, "", [pid 5073] newfstatat(4, "", [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] getdents64(4, [pid 5070] newfstatat(4, "", [pid 5069] getdents64(4, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] newfstatat(AT_FDCWD, "./2/file0", [pid 5072] getdents64(4, [pid 5071] getdents64(4, [pid 5070] getdents64(4, [pid 5069] getdents64(4, [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] umount2("./2/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] close(4 [pid 5070] getdents64(4, [pid 5069] close(4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] <... close resumed>) = 0 [pid 5071] rmdir("./2/file0" [pid 5070] close(4 [pid 5069] rmdir("./2/file0" [pid 5068] openat(AT_FDCWD, "./2/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5073] getdents64(4, [pid 5069] <... rmdir resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(3, [pid 5070] rmdir("./2/file0" [pid 5072] getdents64(4, [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5068] newfstatat(4, "", [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] close(3 [pid 5070] getdents64(3, [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] close(4 [pid 5071] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] <... close resumed>) = 0 [pid 5070] close(3 [pid 5068] getdents64(4, [pid 5072] rmdir("./2/file0" [pid 5071] rmdir("./2" [pid 5070] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5070] rmdir("./2" [pid 5069] getdents64(3, [pid 5073] getdents64(4, [pid 5072] getdents64(3, [pid 5071] mkdir("./3", 0777 [pid 5070] <... rmdir resumed>) = 0 [pid 5068] getdents64(4, [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] mkdir("./3", 0777 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] close(4 [pid 5072] close(3 [pid 5070] <... mkdir resumed>) = 0 [pid 5069] close(3 [pid 5068] close(4 [pid 5073] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5073] rmdir("./2/file0" [pid 5072] rmdir("./2" [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5069] rmdir("./2" [pid 5068] rmdir("./2/file0" [pid 5073] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5068] getdents64(3, [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] mkdir("./3", 0777 [pid 5068] close(3 [pid 5073] close(3 [pid 5072] mkdir("./3", 0777 [pid 5071] close(3 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5073] rmdir("./2" [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5068] rmdir("./2" [pid 5073] <... rmdir resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... rmdir resumed>) = 0 [pid 5073] mkdir("./3", 0777 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5098 attached [pid 5072] <... openat resumed>) = 3 [pid 5098] set_robust_list(0x55555566a660, 24 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5068] mkdir("./3", 0777 [pid 5098] <... set_robust_list resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5098 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... mkdir resumed>) = 0 [pid 5098] chdir("./3" [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] close(3 [pid 5098] <... chdir resumed>) = 0 [pid 5072] close(3 [pid 5069] <... close resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5098] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] <... mkdir resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5099 attached [pid 5098] <... prctl resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5098] setpgid(0, 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5099] set_robust_list(0x55555566a660, 24 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5099] <... set_robust_list resumed>) = 0 [pid 5098] <... setpgid resumed>) = 0 [pid 5070] close(3 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5099] chdir("./3" [pid 5098] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... close resumed>) = 0 [pid 5068] close(3) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5099] <... chdir resumed>) = 0 [pid 5098] <... openat resumed>) = 3 [pid 5099] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5098] write(3, "1000", 4 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5099 ./strace-static-x86_64: Process 5101 attached [pid 5099] <... prctl resumed>) = 0 [pid 5098] <... write resumed>) = 4 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5100 [pid 5101] set_robust_list(0x55555566a660, 24 [pid 5099] setpgid(0, 0 [pid 5098] close(3 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5102 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5101 [pid 5101] <... set_robust_list resumed>) = 0 [pid 5099] <... setpgid resumed>) = 0 [pid 5098] <... close resumed>) = 0 [pid 5101] chdir("./3" [pid 5099] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5098] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5102 attached ./strace-static-x86_64: Process 5100 attached [pid 5101] <... chdir resumed>) = 0 [pid 5098] <... symlink resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5102] set_robust_list(0x55555566a660, 24 [pid 5101] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5100] set_robust_list(0x55555566a660, 24 [pid 5099] <... openat resumed>) = 3 [pid 5098] memfd_create("syzkaller", 0 [pid 5073] <... openat resumed>) = 3 [pid 5102] <... set_robust_list resumed>) = 0 [pid 5101] <... prctl resumed>) = 0 [pid 5100] <... set_robust_list resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5102] chdir("./3" [pid 5101] setpgid(0, 0 [pid 5100] chdir("./3" [pid 5099] write(3, "1000", 4 [pid 5098] <... memfd_create resumed>) = 3 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5102] <... chdir resumed>) = 0 [pid 5101] <... setpgid resumed>) = 0 [pid 5100] <... chdir resumed>) = 0 [pid 5099] <... write resumed>) = 4 [pid 5098] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] close(3 [pid 5102] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5100] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5099] close(3 [pid 5098] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] <... close resumed>) = 0 [pid 5102] <... prctl resumed>) = 0 [pid 5101] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5100] <... prctl resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5102] setpgid(0, 0 [pid 5101] <... openat resumed>) = 3 [pid 5098] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5100] setpgid(0, 0 [pid 5102] <... setpgid resumed>) = 0 [pid 5101] write(3, "1000", 4 [pid 5099] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5103 attached [pid 5102] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5101] <... write resumed>) = 4 [pid 5100] <... setpgid resumed>) = 0 [pid 5099] <... symlink resumed>) = 0 [pid 5101] close(3 [pid 5102] <... openat resumed>) = 3 [pid 5101] <... close resumed>) = 0 [pid 5103] set_robust_list(0x55555566a660, 24 [pid 5102] write(3, "1000", 4 [pid 5101] symlink("/dev/binderfs", "./binderfs" [pid 5100] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5099] memfd_create("syzkaller", 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5103 [pid 5103] <... set_robust_list resumed>) = 0 [pid 5102] <... write resumed>) = 4 [pid 5101] <... symlink resumed>) = 0 [pid 5100] <... openat resumed>) = 3 [pid 5099] <... memfd_create resumed>) = 3 [pid 5103] chdir("./3" [pid 5102] close(3 [pid 5101] memfd_create("syzkaller", 0 [pid 5100] write(3, "1000", 4 [pid 5099] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5102] <... close resumed>) = 0 [pid 5100] <... write resumed>) = 4 [pid 5103] <... chdir resumed>) = 0 [pid 5102] symlink("/dev/binderfs", "./binderfs" [pid 5100] close(3 [pid 5103] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5102] <... symlink resumed>) = 0 [pid 5103] <... prctl resumed>) = 0 [pid 5100] <... close resumed>) = 0 [pid 5102] memfd_create("syzkaller", 0 [pid 5103] setpgid(0, 0 [pid 5100] symlink("/dev/binderfs", "./binderfs" [pid 5103] <... setpgid resumed>) = 0 [pid 5102] <... memfd_create resumed>) = 3 [pid 5100] <... symlink resumed>) = 0 [pid 5099] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5103] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5102] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5100] memfd_create("syzkaller", 0 [pid 5103] <... openat resumed>) = 3 [pid 5102] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5101] <... memfd_create resumed>) = 3 [pid 5100] <... memfd_create resumed>) = 3 [pid 5099] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5098] <... write resumed>) = 524288 [pid 5101] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5101] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5098] munmap(0x7fa9f93fb000, 138412032 [pid 5100] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5103] write(3, "1000", 4 [pid 5100] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5103] <... write resumed>) = 4 [pid 5098] <... munmap resumed>) = 0 [pid 5100] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5103] close(3 [pid 5102] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5103] <... close resumed>) = 0 [pid 5103] symlink("/dev/binderfs", "./binderfs" [pid 5101] <... write resumed>) = 524288 [pid 5099] <... write resumed>) = 524288 [pid 5098] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5103] <... symlink resumed>) = 0 [pid 5102] <... write resumed>) = 524288 [pid 5098] <... openat resumed>) = 4 [pid 5098] ioctl(4, LOOP_SET_FD, 3 [pid 5103] memfd_create("syzkaller", 0 [pid 5102] munmap(0x7fa9f93fb000, 138412032 [pid 5098] <... ioctl resumed>) = 0 [pid 5100] <... write resumed>) = 524288 [pid 5103] <... memfd_create resumed>) = 3 [pid 5102] <... munmap resumed>) = 0 [pid 5100] munmap(0x7fa9f93fb000, 138412032 [pid 5103] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5100] <... munmap resumed>) = 0 [pid 5103] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5102] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5100] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5101] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5103] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5102] <... openat resumed>) = 4 [pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5099] munmap(0x7fa9f93fb000, 138412032 [pid 5101] <... openat resumed>) = 4 [pid 5099] <... munmap resumed>) = 0 [pid 5101] ioctl(4, LOOP_SET_FD, 3 [pid 5102] ioctl(4, LOOP_SET_FD, 3 [pid 5101] <... ioctl resumed>) = 0 [pid 5100] <... openat resumed>) = 4 [pid 5099] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5098] close(3 [pid 5099] <... openat resumed>) = 4 [pid 5099] ioctl(4, LOOP_SET_FD, 3 [pid 5103] <... write resumed>) = 524288 [pid 5102] <... ioctl resumed>) = 0 [pid 5101] close(3 [pid 5100] ioctl(4, LOOP_SET_FD, 3 [pid 5098] <... close resumed>) = 0 [pid 5103] munmap(0x7fa9f93fb000, 138412032 [pid 5102] close(3) = 0 [pid 5102] mkdir("./file0", 0777) = 0 [pid 5102] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5103] <... munmap resumed>) = 0 [pid 5101] <... close resumed>) = 0 [pid 5100] <... ioctl resumed>) = 0 [pid 5099] <... ioctl resumed>) = 0 [pid 5098] mkdir("./file0", 0777 [pid 5103] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5101] mkdir("./file0", 0777 [pid 5100] close(3 [pid 5099] close(3 [pid 5098] <... mkdir resumed>) = 0 [pid 5103] <... openat resumed>) = 4 [pid 5102] <... mount resumed>) = 0 [pid 5101] <... mkdir resumed>) = 0 [ 58.533941][ T5098] loop3: detected capacity change from 0 to 1024 [ 58.552325][ T5101] loop0: detected capacity change from 0 to 1024 [ 58.559348][ T5102] loop2: detected capacity change from 0 to 1024 [ 58.561667][ T5099] loop1: detected capacity change from 0 to 1024 [ 58.568470][ T5100] loop4: detected capacity change from 0 to 1024 [pid 5100] <... close resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5098] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5103] ioctl(4, LOOP_SET_FD, 3 [pid 5102] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5101] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5100] mkdir("./file0", 0777 [pid 5102] <... openat resumed>) = 3 [pid 5102] chdir("./file0") = 0 [pid 5102] ioctl(4, LOOP_CLR_FD) = 0 [pid 5102] close(4 [pid 5103] <... ioctl resumed>) = 0 [pid 5101] <... mount resumed>) = 0 [pid 5100] <... mkdir resumed>) = 0 [pid 5099] mkdir("./file0", 0777 [pid 5098] <... mount resumed>) = 0 [pid 5103] close(3 [pid 5102] <... close resumed>) = 0 [pid 5101] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5100] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5099] <... mkdir resumed>) = 0 [pid 5098] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5102] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5098] <... openat resumed>) = 3 [pid 5102] <... openat resumed>) = 4 [pid 5099] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5098] chdir("./file0" [pid 5102] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5098] <... chdir resumed>) = 0 [pid 5098] ioctl(4, LOOP_CLR_FD) = 0 [pid 5098] close(4) = 0 [pid 5098] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5098] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5103] <... close resumed>) = 0 [pid 5100] <... mount resumed>) = 0 [pid 5103] mkdir("./file0", 0777 [pid 5101] <... openat resumed>) = 3 [pid 5103] <... mkdir resumed>) = 0 [pid 5101] chdir("./file0" [pid 5100] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5103] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5101] <... chdir resumed>) = 0 [pid 5100] <... openat resumed>) = 3 [pid 5101] ioctl(4, LOOP_CLR_FD [pid 5100] chdir("./file0") = 0 [pid 5100] ioctl(4, LOOP_CLR_FD [pid 5099] <... mount resumed>) = 0 [pid 5099] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5103] <... mount resumed>) = 0 [pid 5099] <... openat resumed>) = 3 [pid 5103] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5099] chdir("./file0" [pid 5103] <... openat resumed>) = 3 [pid 5099] <... chdir resumed>) = 0 [pid 5103] chdir("./file0" [pid 5099] ioctl(4, LOOP_CLR_FD [pid 5103] <... chdir resumed>) = 0 [pid 5103] ioctl(4, LOOP_CLR_FD) = 0 [pid 5102] <... ioctl resumed>) = 0 [pid 5101] <... ioctl resumed>) = 0 [pid 5100] <... ioctl resumed>) = 0 [pid 5099] <... ioctl resumed>) = 0 [pid 5098] <... ioctl resumed>) = 0 [pid 5103] close(4 [pid 5102] exit_group(0 [pid 5101] close(4 [pid 5100] close(4 [pid 5099] close(4 [ 58.585304][ T5103] loop5: detected capacity change from 0 to 1024 [pid 5098] exit_group(0 [pid 5102] <... exit_group resumed>) = ? [pid 5101] <... close resumed>) = 0 [pid 5098] <... exit_group resumed>) = ? [pid 5103] <... close resumed>) = 0 [pid 5102] +++ exited with 0 +++ [pid 5101] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5100] <... close resumed>) = 0 [pid 5099] <... close resumed>) = 0 [pid 5103] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5101] <... openat resumed>) = 4 [pid 5100] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5099] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5103] <... openat resumed>) = 4 [pid 5101] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5100] <... openat resumed>) = 4 [pid 5099] <... openat resumed>) = 4 [pid 5103] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5101] <... ioctl resumed>) = 0 [pid 5100] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5099] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5103] <... ioctl resumed>) = 0 [pid 5101] exit_group(0 [pid 5100] <... ioctl resumed>) = 0 [pid 5099] <... ioctl resumed>) = 0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5102, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5103] exit_group(0 [pid 5101] <... exit_group resumed>) = ? [pid 5100] exit_group(0 [pid 5099] exit_group(0 [pid 5070] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5103] <... exit_group resumed>) = ? [pid 5101] +++ exited with 0 +++ [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5101, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5103] +++ exited with 0 +++ [pid 5100] <... exit_group resumed>) = ? [pid 5099] <... exit_group resumed>) = ? [pid 5098] +++ exited with 0 +++ [pid 5070] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5100] +++ exited with 0 +++ [pid 5099] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5103, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5099, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5070] <... openat resumed>) = 3 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5098, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5100, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5073] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] newfstatat(3, "", [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... restart_syscall resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5070] getdents64(3, [pid 5068] <... openat resumed>) = 3 [pid 5073] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] getdents64(3, [pid 5069] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] newfstatat(3, "", [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./3", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5072] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5071] openat(AT_FDCWD, "./3", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] newfstatat(3, "", [pid 5071] newfstatat(3, "", [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] newfstatat(3, "", [pid 5068] getdents64(3, [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] unlink("./3/binderfs" [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] unlink("./3/binderfs" [pid 5071] getdents64(3, [pid 5070] <... unlink resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... unlink resumed>) = 0 [pid 5072] getdents64(3, [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./3/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5069] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./3/binderfs", [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./3/binderfs" [pid 5069] unlink("./3/binderfs" [pid 5068] <... unlink resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5068] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] unlink("./3/binderfs" [pid 5069] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... unlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5068] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = 0 [pid 5072] unlink("./3/binderfs" [pid 5071] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... unlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] newfstatat(AT_FDCWD, "./3/file0", [pid 5068] getdents64(4, [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(4 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./3/file0" [pid 5073] <... openat resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... rmdir resumed>) = 0 [pid 5073] newfstatat(4, "", [pid 5069] newfstatat(AT_FDCWD, "./3/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5073] getdents64(4, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] getdents64(4, [pid 5069] <... openat resumed>) = 4 [pid 5068] close(3 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... close resumed>) = 0 [pid 5073] close(4 [pid 5069] newfstatat(4, "", [pid 5073] <... close resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] rmdir("./3" [pid 5073] rmdir("./3/file0" [pid 5068] <... rmdir resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5069] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] getdents64(3, [pid 5071] <... umount2 resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] getdents64(4, [pid 5068] mkdir("./4", 0777 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5072] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./3/file0", [pid 5071] newfstatat(AT_FDCWD, "./3/file0", [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(3 [pid 5072] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5071] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] close(3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] close(4 [pid 5070] newfstatat(AT_FDCWD, "./3/file0", ./strace-static-x86_64: Process 5104 attached [pid 5072] newfstatat(4, "", [pid 5071] <... openat resumed>) = 4 [pid 5104] set_robust_list(0x55555566a660, 24 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] newfstatat(4, "", [pid 5104] <... set_robust_list resumed>) = 0 [pid 5072] getdents64(4, [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... close resumed>) = 0 [pid 5104] chdir("./4" [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] umount2("./3/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./3/file0" [pid 5104] <... chdir resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5072] getdents64(4, [pid 5071] getdents64(4, [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5104 [pid 5104] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] rmdir("./3" [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5104] <... prctl resumed>) = 0 [pid 5072] close(4 [pid 5071] getdents64(4, [pid 5069] <... rmdir resumed>) = 0 [pid 5104] setpgid(0, 0 [pid 5072] <... close resumed>) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5104] <... setpgid resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] rmdir("./3/file0" [pid 5071] close(4 [pid 5073] mkdir("./4", 0777 [pid 5071] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5104] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] <... rmdir resumed>) = 0 [pid 5071] rmdir("./3/file0" [pid 5104] <... openat resumed>) = 3 [pid 5073] <... mkdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./3/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] getdents64(3, [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5071] <... rmdir resumed>) = 0 [pid 5072] getdents64(3, [pid 5070] <... openat resumed>) = 4 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5069] close(3 [pid 5070] newfstatat(4, "", [pid 5104] write(3, "1000", 4 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] getdents64(3, [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5069] <... close resumed>) = 0 [pid 5104] <... write resumed>) = 4 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] close(3 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] getdents64(4, [pid 5069] rmdir("./3" [pid 5104] close(3 [pid 5072] <... close resumed>) = 0 [pid 5071] close(3 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5104] <... close resumed>) = 0 [pid 5072] rmdir("./3" [pid 5071] <... close resumed>) = 0 [pid 5104] symlink("/dev/binderfs", "./binderfs" [pid 5073] close(3 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] rmdir("./3" [pid 5070] getdents64(4, [pid 5069] <... rmdir resumed>) = 0 [pid 5104] <... symlink resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5104] memfd_create("syzkaller", 0 [pid 5072] mkdir("./4", 0777 [pid 5104] <... memfd_create resumed>) = 3 [pid 5072] <... mkdir resumed>) = 0 [pid 5071] mkdir("./4", 0777 [pid 5104] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... close resumed>) = 0 [pid 5070] close(4 [pid 5069] mkdir("./4", 0777 [pid 5104] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] <... mkdir resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5104] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... openat resumed>) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... openat resumed>) = 3 [pid 5072] close(3 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5072] <... close resumed>) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] close(3 [pid 5070] rmdir("./3/file0" [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5105 [pid 5071] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5105 attached [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5105] set_robust_list(0x55555566a660, 24 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5106 [pid 5070] getdents64(3, [pid 5069] ioctl(3, LOOP_CLR_FD./strace-static-x86_64: Process 5106 attached [pid 5105] <... set_robust_list resumed>) = 0 [pid 5104] <... write resumed>) = 524288 ./strace-static-x86_64: Process 5107 attached [pid 5106] set_robust_list(0x55555566a660, 24 [pid 5105] chdir("./4" [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5106] <... set_robust_list resumed>) = 0 [pid 5105] <... chdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3 [pid 5107] set_robust_list(0x55555566a660, 24 [pid 5106] chdir("./4" [pid 5070] close(3 [pid 5069] <... close resumed>) = 0 [pid 5106] <... chdir resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5106] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] rmdir("./3" [pid 5105] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5107] <... set_robust_list resumed>) = 0 [pid 5105] setpgid(0, 0 [pid 5070] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5108 attached [pid 5107] chdir("./4" [pid 5106] <... prctl resumed>) = 0 [pid 5070] mkdir("./4", 0777 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5108 [pid 5108] set_robust_list(0x55555566a660, 24 [pid 5106] setpgid(0, 0 [pid 5107] <... chdir resumed>) = 0 [pid 5105] <... setpgid resumed>) = 0 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5107 [pid 5108] <... set_robust_list resumed>) = 0 [pid 5107] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5106] <... setpgid resumed>) = 0 [pid 5105] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... mkdir resumed>) = 0 [pid 5108] chdir("./4" [pid 5107] <... prctl resumed>) = 0 [pid 5108] <... chdir resumed>) = 0 [pid 5107] setpgid(0, 0 [pid 5106] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5105] <... openat resumed>) = 3 [pid 5107] <... setpgid resumed>) = 0 [pid 5105] write(3, "1000", 4 [pid 5104] munmap(0x7fa9f93fb000, 138412032 [pid 5108] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5107] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5106] <... openat resumed>) = 3 [pid 5105] <... write resumed>) = 4 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5108] <... prctl resumed>) = 0 [pid 5107] <... openat resumed>) = 3 [pid 5108] setpgid(0, 0 [pid 5107] write(3, "1000", 4 [pid 5105] close(3 [pid 5104] <... munmap resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5106] write(3, "1000", 4 [pid 5108] <... setpgid resumed>) = 0 [pid 5107] <... write resumed>) = 4 [pid 5105] <... close resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5107] close(3 [pid 5106] <... write resumed>) = 4 [pid 5105] symlink("/dev/binderfs", "./binderfs" [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5108] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5107] <... close resumed>) = 0 [pid 5106] close(3 [pid 5105] <... symlink resumed>) = 0 [pid 5104] <... openat resumed>) = 4 [pid 5070] close(3 [pid 5108] <... openat resumed>) = 3 [pid 5107] symlink("/dev/binderfs", "./binderfs" [pid 5106] <... close resumed>) = 0 [pid 5105] memfd_create("syzkaller", 0 [pid 5104] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... close resumed>) = 0 [pid 5107] <... symlink resumed>) = 0 [pid 5108] write(3, "1000", 4 [pid 5106] symlink("/dev/binderfs", "./binderfs" [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5105] <... memfd_create resumed>) = 3 [pid 5105] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5107] memfd_create("syzkaller", 0 [pid 5106] <... symlink resumed>) = 0 [pid 5105] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5108] <... write resumed>) = 4 [pid 5108] close(3 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5109 [pid 5106] memfd_create("syzkaller", 0 [pid 5108] <... close resumed>) = 0 [pid 5108] symlink("/dev/binderfs", "./binderfs"./strace-static-x86_64: Process 5109 attached [pid 5106] <... memfd_create resumed>) = 3 [pid 5109] set_robust_list(0x55555566a660, 24 [pid 5108] <... symlink resumed>) = 0 [pid 5107] <... memfd_create resumed>) = 3 [pid 5106] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] <... set_robust_list resumed>) = 0 [pid 5107] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5109] chdir("./4" [pid 5106] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5109] <... chdir resumed>) = 0 [pid 5108] memfd_create("syzkaller", 0 [pid 5107] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5109] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5108] <... memfd_create resumed>) = 3 [pid 5107] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5109] <... prctl resumed>) = 0 [pid 5108] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5106] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5109] setpgid(0, 0 [pid 5108] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5109] <... setpgid resumed>) = 0 [pid 5104] <... ioctl resumed>) = 0 [pid 5104] close(3) = 0 [pid 5104] mkdir("./file0", 0777) = 0 [pid 5109] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5104] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5109] <... openat resumed>) = 3 [pid 5108] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5105] <... write resumed>) = 524288 [pid 5109] write(3, "1000", 4 [pid 5106] <... write resumed>) = 524288 [pid 5109] <... write resumed>) = 4 [pid 5109] close(3) = 0 [pid 5109] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5109] memfd_create("syzkaller", 0 [pid 5105] munmap(0x7fa9f93fb000, 138412032 [pid 5104] <... mount resumed>) = 0 [pid 5109] <... memfd_create resumed>) = 3 [pid 5107] <... write resumed>) = 524288 [pid 5106] munmap(0x7fa9f93fb000, 138412032 [pid 5105] <... munmap resumed>) = 0 [pid 5105] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5104] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5107] munmap(0x7fa9f93fb000, 138412032 [pid 5105] <... openat resumed>) = 4 [pid 5104] <... openat resumed>) = 3 [pid 5107] <... munmap resumed>) = 0 [pid 5105] ioctl(4, LOOP_SET_FD, 3 [ 58.787283][ T5104] loop0: detected capacity change from 0 to 1024 [pid 5104] chdir("./file0" [pid 5109] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5108] <... write resumed>) = 524288 [pid 5106] <... munmap resumed>) = 0 [pid 5104] <... chdir resumed>) = 0 [pid 5109] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5106] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5107] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5104] ioctl(4, LOOP_CLR_FD [pid 5107] <... openat resumed>) = 4 [pid 5104] <... ioctl resumed>) = 0 [pid 5106] <... openat resumed>) = 4 [pid 5107] ioctl(4, LOOP_SET_FD, 3 [pid 5104] close(4 [pid 5109] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5106] ioctl(4, LOOP_SET_FD, 3 [pid 5104] <... close resumed>) = 0 [pid 5104] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5104] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5105] <... ioctl resumed>) = 0 [pid 5105] close(3) = 0 [pid 5105] mkdir("./file0", 0777 [pid 5108] munmap(0x7fa9f93fb000, 138412032 [pid 5105] <... mkdir resumed>) = 0 [pid 5105] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5108] <... munmap resumed>) = 0 [pid 5105] <... mount resumed>) = 0 [pid 5108] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5105] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5108] <... openat resumed>) = 4 [pid 5105] <... openat resumed>) = 3 [pid 5105] chdir("./file0") = 0 [pid 5107] <... ioctl resumed>) = 0 [ 58.844836][ T5105] loop5: detected capacity change from 0 to 1024 [ 58.854020][ T5107] loop3: detected capacity change from 0 to 1024 [ 58.861872][ T5106] loop4: detected capacity change from 0 to 1024 [pid 5105] ioctl(4, LOOP_CLR_FD [pid 5108] ioctl(4, LOOP_SET_FD, 3 [pid 5107] close(3 [pid 5105] <... ioctl resumed>) = 0 [pid 5107] <... close resumed>) = 0 [pid 5107] mkdir("./file0", 0777) = 0 [pid 5107] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5105] close(4) = 0 [pid 5105] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5105] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5107] <... mount resumed>) = 0 [pid 5107] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5105] <... ioctl resumed>) = 0 [pid 5104] <... ioctl resumed>) = 0 [pid 5107] <... openat resumed>) = 3 [pid 5106] <... ioctl resumed>) = 0 [pid 5105] exit_group(0 [pid 5104] exit_group(0 [pid 5109] <... write resumed>) = 524288 [pid 5108] <... ioctl resumed>) = 0 [pid 5106] close(3 [pid 5105] <... exit_group resumed>) = ? [pid 5109] munmap(0x7fa9f93fb000, 138412032 [pid 5108] close(3 [pid 5107] chdir("./file0" [pid 5106] <... close resumed>) = 0 [pid 5105] +++ exited with 0 +++ [pid 5104] <... exit_group resumed>) = ? [pid 5106] mkdir("./file0", 0777 [pid 5108] <... close resumed>) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5105, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5109] <... munmap resumed>) = 0 [pid 5108] mkdir("./file0", 0777 [pid 5107] <... chdir resumed>) = 0 [pid 5106] <... mkdir resumed>) = 0 [pid 5104] +++ exited with 0 +++ [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5109] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5073] <... restart_syscall resumed>) = 0 [pid 5109] <... openat resumed>) = 4 [pid 5107] ioctl(4, LOOP_CLR_FD [pid 5108] <... mkdir resumed>) = 0 [pid 5108] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5107] <... ioctl resumed>) = 0 [pid 5106] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5104, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5107] close(4 [pid 5068] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5107] <... close resumed>) = 0 [pid 5073] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 58.885134][ T5108] loop1: detected capacity change from 0 to 1024 [pid 5073] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] ioctl(4, LOOP_SET_FD, 3 [pid 5107] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5106] <... mount resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5107] <... openat resumed>) = 4 [pid 5068] <... openat resumed>) = 3 [pid 5107] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5068] newfstatat(3, "", [pid 5107] <... ioctl resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5107] exit_group(0 [pid 5068] getdents64(3, [pid 5107] <... exit_group resumed>) = ? [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5107] +++ exited with 0 +++ [pid 5073] newfstatat(3, "", [pid 5068] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5107, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./4/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./4/binderfs" [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5071] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5106] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] getdents64(3, [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5106] <... openat resumed>) = 3 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... openat resumed>) = 3 [pid 5106] chdir("./file0" [pid 5071] newfstatat(3, "", [pid 5106] <... chdir resumed>) = 0 [pid 5073] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5106] ioctl(4, LOOP_CLR_FD [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] getdents64(3, [pid 5108] <... mount resumed>) = 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5109] close(3 [pid 5108] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5106] <... ioctl resumed>) = 0 [pid 5073] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5109] <... close resumed>) = 0 [pid 5108] <... openat resumed>) = 3 [pid 5106] close(4 [pid 5109] mkdir("./file0", 0777 [pid 5108] chdir("./file0" [pid 5106] <... close resumed>) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5109] <... mkdir resumed>) = 0 [pid 5108] <... chdir resumed>) = 0 [pid 5106] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5073] unlink("./4/binderfs" [pid 5071] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5108] ioctl(4, LOOP_CLR_FD [pid 5106] <... openat resumed>) = 4 [pid 5073] <... unlink resumed>) = 0 [pid 5068] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5106] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5108] <... ioctl resumed>) = 0 [pid 5073] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5108] close(4 [pid 5106] <... ioctl resumed>) = 0 [pid 5108] <... close resumed>) = 0 [ 58.937609][ T5109] loop2: detected capacity change from 0 to 1024 [pid 5108] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5109] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5108] <... openat resumed>) = 4 [pid 5106] exit_group(0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5108] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5106] <... exit_group resumed>) = ? [pid 5071] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5068] newfstatat(AT_FDCWD, "./4/file0", [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] unlink("./4/binderfs" [pid 5068] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... unlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5108] <... ioctl resumed>) = 0 [pid 5068] rmdir("./4/file0" [pid 5108] exit_group(0 [pid 5068] <... rmdir resumed>) = 0 [pid 5108] <... exit_group resumed>) = ? [pid 5068] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3) = 0 [pid 5068] rmdir("./4" [pid 5108] +++ exited with 0 +++ [pid 5068] <... rmdir resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5108, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5068] mkdir("./5", 0777 [pid 5071] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] <... mkdir resumed>) = 0 [pid 5071] newfstatat(AT_FDCWD, "./4/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5071] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 3 [pid 5106] +++ exited with 0 +++ [pid 5071] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] <... openat resumed>) = 3 [pid 5071] newfstatat(4, "", [pid 5069] newfstatat(3, "", [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5106, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] getdents64(4, [pid 5069] getdents64(3, [pid 5068] close(3 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] <... close resumed>) = 0 [pid 5072] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] getdents64(4, [pid 5069] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... umount2 resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] close(4 [pid 5069] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5110 ./strace-static-x86_64: Process 5110 attached [pid 5072] <... openat resumed>) = 3 [pid 5071] <... close resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5110] set_robust_list(0x55555566a660, 24 [pid 5072] newfstatat(3, "", [pid 5071] rmdir("./4/file0" [pid 5069] unlink("./4/binderfs" [pid 5110] <... set_robust_list resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5110] chdir("./5" [pid 5072] getdents64(3, [pid 5071] getdents64(3, [pid 5069] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5109] <... mount resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] close(3 [pid 5072] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5109] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] rmdir("./4" [pid 5110] <... chdir resumed>) = 0 [pid 5109] <... openat resumed>) = 3 [pid 5072] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5071] <... rmdir resumed>) = 0 [pid 5110] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5109] chdir("./file0" [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] mkdir("./5", 0777 [pid 5110] <... prctl resumed>) = 0 [pid 5109] <... chdir resumed>) = 0 [pid 5073] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] unlink("./4/binderfs" [pid 5071] <... mkdir resumed>) = 0 [pid 5110] setpgid(0, 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... unlink resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5109] ioctl(4, LOOP_CLR_FD [pid 5073] newfstatat(AT_FDCWD, "./4/file0", [pid 5072] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = 0 [pid 5110] <... setpgid resumed>) = 0 [pid 5109] <... ioctl resumed>) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5069] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5109] close(4 [pid 5073] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... ioctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5110] <... openat resumed>) = 3 [pid 5109] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] close(3 [pid 5073] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5109] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5069] newfstatat(AT_FDCWD, "./4/file0", [pid 5110] write(3, "1000", 4 [pid 5109] <... openat resumed>) = 4 [pid 5073] <... openat resumed>) = 4 [pid 5071] <... close resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5110] <... write resumed>) = 4 [pid 5069] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5110] close(3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5110] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5110] symlink("/dev/binderfs", "./binderfs" [pid 5069] <... openat resumed>) = 4 [pid 5110] <... symlink resumed>) = 0 [pid 5069] newfstatat(4, "", [pid 5110] memfd_create("syzkaller", 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5110] <... memfd_create resumed>) = 3 [pid 5069] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5110] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] rmdir("./4/file0" [pid 5109] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5073] newfstatat(4, "", [pid 5069] <... rmdir resumed>) = 0 [pid 5110] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5110] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5109] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] rmdir("./4" [pid 5109] exit_group(0 [pid 5073] getdents64(4, [pid 5072] <... umount2 resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5109] <... exit_group resumed>) = ? [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5111 attached [pid 5069] mkdir("./5", 0777 [pid 5111] set_robust_list(0x55555566a660, 24 [pid 5072] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5111 [pid 5069] <... mkdir resumed>) = 0 [pid 5111] <... set_robust_list resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] chdir("./5" [pid 5109] +++ exited with 0 +++ [pid 5073] getdents64(4, [pid 5072] newfstatat(AT_FDCWD, "./4/file0", [pid 5111] <... chdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5111] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] close(4 [pid 5072] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5109, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] <... openat resumed>) = 3 [pid 5111] <... prctl resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5111] setpgid(0, 0 [pid 5072] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... ioctl resumed>) = 0 [pid 5111] <... setpgid resumed>) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5069] close(3 [pid 5111] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5110] <... write resumed>) = 524288 [pid 5073] rmdir("./4/file0" [pid 5072] newfstatat(4, "", [pid 5070] umount2("./4", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5111] <... openat resumed>) = 3 [pid 5069] <... close resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(4, [pid 5111] write(3, "1000", 4 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5111] <... write resumed>) = 4 [pid 5072] getdents64(4, [pid 5111] close(3 [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5111] <... close resumed>) = 0 [pid 5072] close(4 [pid 5111] symlink("/dev/binderfs", "./binderfs" [pid 5072] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5111] <... symlink resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] rmdir("./4/file0" [pid 5070] openat(AT_FDCWD, "./4", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5111] memfd_create("syzkaller", 0 [pid 5073] getdents64(3, [pid 5072] <... rmdir resumed>) = 0 [pid 5111] <... memfd_create resumed>) = 3 [pid 5110] munmap(0x7fa9f93fb000, 138412032 [pid 5072] getdents64(3, [pid 5111] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5110] <... munmap resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5111] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] close(3 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... close resumed>) = 0 [pid 5111] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5110] <... openat resumed>) = 4 [pid 5072] rmdir("./4"./strace-static-x86_64: Process 5112 attached [pid 5112] set_robust_list(0x55555566a660, 24 [pid 5110] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... rmdir resumed>) = 0 [pid 5112] <... set_robust_list resumed>) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] mkdir("./5", 0777 [pid 5070] <... openat resumed>) = 3 [pid 5073] close(3 [pid 5072] <... mkdir resumed>) = 0 [pid 5070] newfstatat(3, "", [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5112 [pid 5072] <... openat resumed>) = 3 [pid 5112] chdir("./5" [pid 5111] <... write resumed>) = 524288 [pid 5073] <... close resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5112] <... chdir resumed>) = 0 [pid 5073] rmdir("./4" [pid 5072] <... ioctl resumed>) = 0 [pid 5070] getdents64(3, [pid 5112] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] close(3 [pid 5112] <... prctl resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5073] mkdir("./5", 0777 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5112] setpgid(0, 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5113 attached [pid 5112] <... setpgid resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5070] umount2("./4/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] set_robust_list(0x55555566a660, 24 [pid 5112] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] <... set_robust_list resumed>) = 0 [pid 5112] <... openat resumed>) = 3 [pid 5073] <... openat resumed>) = 3 [pid 5070] newfstatat(AT_FDCWD, "./4/binderfs", [pid 5113] chdir("./5" [pid 5112] write(3, "1000", 4 [pid 5111] munmap(0x7fa9f93fb000, 138412032 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5113 [pid 5112] <... write resumed>) = 4 [pid 5111] <... munmap resumed>) = 0 [pid 5112] close(3) = 0 [pid 5112] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5112] memfd_create("syzkaller", 0) = 3 [pid 5112] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5112] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5113] <... chdir resumed>) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5110] <... ioctl resumed>) = 0 [pid 5113] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5111] <... openat resumed>) = 4 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5113] <... prctl resumed>) = 0 [pid 5111] ioctl(4, LOOP_SET_FD, 3 [pid 5110] close(3 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [ 59.120795][ T5110] loop0: detected capacity change from 0 to 1024 [pid 5070] unlink("./4/binderfs" [pid 5113] setpgid(0, 0 [pid 5111] <... ioctl resumed>) = 0 [pid 5110] <... close resumed>) = 0 [pid 5073] close(3 [pid 5113] <... setpgid resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5070] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5110] mkdir("./file0", 0777 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5113] <... openat resumed>) = 3 [pid 5110] <... mkdir resumed>) = 0 [pid 5113] write(3, "1000", 4./strace-static-x86_64: Process 5114 attached ) = 4 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5114 [pid 5114] set_robust_list(0x55555566a660, 24 [pid 5113] close(3 [pid 5110] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5114] <... set_robust_list resumed>) = 0 [pid 5113] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5114] chdir("./5" [pid 5113] symlink("/dev/binderfs", "./binderfs" [pid 5070] newfstatat(AT_FDCWD, "./4/file0", [pid 5113] <... symlink resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5113] memfd_create("syzkaller", 0 [pid 5070] umount2("./4/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] <... memfd_create resumed>) = 3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./4/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5114] <... chdir resumed>) = 0 [pid 5070] newfstatat(4, "", [pid 5114] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5114] <... prctl resumed>) = 0 [pid 5113] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5112] <... write resumed>) = 524288 [pid 5070] getdents64(4, [pid 5113] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5114] setpgid(0, 0 [pid 5113] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5112] munmap(0x7fa9f93fb000, 138412032 [pid 5111] close(3 [pid 5110] <... mount resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5110] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5110] chdir("./file0" [pid 5114] <... setpgid resumed>) = 0 [pid 5112] <... munmap resumed>) = 0 [pid 5110] <... chdir resumed>) = 0 [pid 5070] getdents64(4, [pid 5110] ioctl(4, LOOP_CLR_FD [pid 5114] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5110] <... ioctl resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5111] <... close resumed>) = 0 [pid 5110] close(4 [pid 5111] mkdir("./file0", 0777 [pid 5110] <... close resumed>) = 0 [pid 5070] close(4 [pid 5114] <... openat resumed>) = 3 [pid 5112] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5111] <... mkdir resumed>) = 0 [ 59.162191][ T5111] loop3: detected capacity change from 0 to 1024 [pid 5110] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5070] <... close resumed>) = 0 [pid 5114] write(3, "1000", 4 [pid 5070] rmdir("./4/file0" [pid 5114] <... write resumed>) = 4 [pid 5111] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5114] close(3 [pid 5110] <... openat resumed>) = 4 [pid 5070] <... rmdir resumed>) = 0 [pid 5114] <... close resumed>) = 0 [pid 5110] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5070] getdents64(3, [pid 5114] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5112] <... openat resumed>) = 4 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5112] ioctl(4, LOOP_SET_FD, 3 [pid 5114] memfd_create("syzkaller", 0 [pid 5070] close(3 [pid 5114] <... memfd_create resumed>) = 3 [pid 5070] <... close resumed>) = 0 [pid 5114] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] rmdir("./4") = 0 [pid 5113] <... write resumed>) = 524288 [pid 5070] mkdir("./5", 0777 [pid 5114] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5114] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5070] <... mkdir resumed>) = 0 [pid 5113] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5111] <... mount resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5113] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5070] close(3 [pid 5113] <... openat resumed>) = 4 [pid 5070] <... close resumed>) = 0 [pid 5113] ioctl(4, LOOP_SET_FD, 3 [pid 5111] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5110] <... ioctl resumed>) = 0 [pid 5112] <... ioctl resumed>) = 0 [pid 5111] <... openat resumed>) = 3 [pid 5110] exit_group(0 [pid 5111] chdir("./file0" [pid 5112] close(3 [pid 5111] <... chdir resumed>) = 0 [pid 5110] <... exit_group resumed>) = ? [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5115 [pid 5111] ioctl(4, LOOP_CLR_FD [pid 5110] +++ exited with 0 +++ [pid 5111] <... ioctl resumed>) = 0 [pid 5111] close(4 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5110, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5111] <... close resumed>) = 0 [pid 5068] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5115 attached [pid 5112] <... close resumed>) = 0 [pid 5111] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5115] set_robust_list(0x55555566a660, 24 [pid 5112] mkdir("./file0", 0777 [pid 5111] <... openat resumed>) = 4 [pid 5068] <... restart_syscall resumed>) = 0 [pid 5115] <... set_robust_list resumed>) = 0 [pid 5112] <... mkdir resumed>) = 0 [pid 5115] chdir("./5") = 0 [pid 5115] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5114] <... write resumed>) = 524288 [pid 5112] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5111] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5115] setpgid(0, 0 [pid 5068] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5115] <... setpgid resumed>) = 0 [ 59.230126][ T5112] loop1: detected capacity change from 0 to 1024 [ 59.260349][ T5113] loop4: detected capacity change from 0 to 1024 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5115] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5111] <... ioctl resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5115] <... openat resumed>) = 3 [pid 5112] <... mount resumed>) = 0 [pid 5111] exit_group(0 [pid 5115] write(3, "1000", 4 [pid 5112] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5111] <... exit_group resumed>) = ? [pid 5068] <... openat resumed>) = 3 [pid 5115] <... write resumed>) = 4 [pid 5112] <... openat resumed>) = 3 [pid 5115] close(3) = 0 [pid 5115] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5115] memfd_create("syzkaller", 0 [pid 5114] munmap(0x7fa9f93fb000, 138412032 [pid 5113] <... ioctl resumed>) = 0 [pid 5112] chdir("./file0" [pid 5115] <... memfd_create resumed>) = 3 [pid 5114] <... munmap resumed>) = 0 [pid 5113] close(3 [pid 5112] <... chdir resumed>) = 0 [pid 5111] +++ exited with 0 +++ [pid 5068] newfstatat(3, "", [pid 5115] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5114] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5113] <... close resumed>) = 0 [pid 5115] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5114] <... openat resumed>) = 4 [pid 5113] mkdir("./file0", 0777 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5111, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5115] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5114] ioctl(4, LOOP_SET_FD, 3 [pid 5113] <... mkdir resumed>) = 0 [pid 5113] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5112] ioctl(4, LOOP_CLR_FD [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5112] <... ioctl resumed>) = 0 [pid 5071] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5112] close(4 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5112] <... close resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5115] <... write resumed>) = 524288 [pid 5112] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5113] <... mount resumed>) = 0 [pid 5112] <... openat resumed>) = 4 [pid 5071] newfstatat(3, "", [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] unlink("./5/binderfs" [pid 5113] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5112] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5113] <... openat resumed>) = 3 [pid 5112] <... ioctl resumed>) = 0 [pid 5071] getdents64(3, [pid 5068] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] chdir("./file0" [pid 5112] exit_group(0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5113] <... chdir resumed>) = 0 [pid 5071] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] ioctl(4, LOOP_CLR_FD [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5113] <... ioctl resumed>) = 0 [pid 5112] <... exit_group resumed>) = ? [pid 5071] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5113] close(4 [pid 5112] +++ exited with 0 +++ [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5113] <... close resumed>) = 0 [pid 5071] unlink("./5/binderfs" [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5112, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5113] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] <... unlink resumed>) = 0 [pid 5113] <... openat resumed>) = 4 [pid 5113] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5113] <... ioctl resumed>) = 0 [pid 5113] exit_group(0 [pid 5115] munmap(0x7fa9f93fb000, 138412032 [pid 5113] <... exit_group resumed>) = ? [pid 5115] <... munmap resumed>) = 0 [pid 5113] +++ exited with 0 +++ [pid 5115] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5114] <... ioctl resumed>) = 0 [pid 5115] <... openat resumed>) = 4 [pid 5114] close(3 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5113, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5069] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [ 59.299919][ T5114] loop5: detected capacity change from 0 to 1024 [pid 5115] ioctl(4, LOOP_SET_FD, 3 [pid 5114] <... close resumed>) = 0 [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5114] mkdir("./file0", 0777 [pid 5071] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 3 [pid 5114] <... mkdir resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(3, "", [pid 5071] newfstatat(AT_FDCWD, "./5/file0", [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] getdents64(3, [pid 5071] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... openat resumed>) = 4 [pid 5069] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5071] newfstatat(4, "", [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5114] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] unlink("./5/binderfs" [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] getdents64(4, [pid 5069] <... unlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5072] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] newfstatat(AT_FDCWD, "./5/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] getdents64(4, [pid 5072] unlink("./5/binderfs" [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] <... unlink resumed>) = 0 [pid 5071] close(4 [pid 5072] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5071] rmdir("./5/file0") = 0 [pid 5114] <... mount resumed>) = 0 [pid 5071] getdents64(3, [pid 5068] newfstatat(AT_FDCWD, "./5/file0", [pid 5114] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5115] <... ioctl resumed>) = 0 [pid 5114] <... openat resumed>) = 3 [pid 5071] close(3 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5115] close(3 [pid 5114] chdir("./file0" [pid 5071] <... close resumed>) = 0 [pid 5115] <... close resumed>) = 0 [pid 5114] <... chdir resumed>) = 0 [pid 5071] rmdir("./5" [pid 5115] mkdir("./file0", 0777 [pid 5114] ioctl(4, LOOP_CLR_FD [pid 5071] <... rmdir resumed>) = 0 [pid 5115] <... mkdir resumed>) = 0 [pid 5114] <... ioctl resumed>) = 0 [pid 5114] close(4 [pid 5071] mkdir("./6", 0777 [pid 5114] <... close resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5068] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5115] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5114] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5114] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5114] exit_group(0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5114] <... exit_group resumed>) = ? [pid 5071] <... openat resumed>) = 3 [pid 5114] +++ exited with 0 +++ [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5114, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5071] <... ioctl resumed>) = 0 [pid 5068] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5115] <... mount resumed>) = 0 [pid 5073] <... restart_syscall resumed>) = 0 [pid 5071] close(3 [pid 5068] <... openat resumed>) = 4 [pid 5115] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... close resumed>) = 0 [pid 5115] <... openat resumed>) = 3 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] newfstatat(4, "", [pid 5115] chdir("./file0" [pid 5073] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5115] <... chdir resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5115] ioctl(4, LOOP_CLR_FD [pid 5073] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... umount2 resumed>) = 0 [pid 5068] getdents64(4, [pid 5115] <... ioctl resumed>) = 0 [pid 5073] <... openat resumed>) = 3 ./strace-static-x86_64: Process 5116 attached [pid 5073] newfstatat(3, "", [pid 5116] set_robust_list(0x55555566a660, 24 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5116] <... set_robust_list resumed>) = 0 [pid 5115] close(4 [pid 5073] getdents64(3, [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5116 [pid 5116] chdir("./6" [pid 5115] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5115] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5073] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5115] <... openat resumed>) = 4 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5115] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5073] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5115] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5115] exit_group(0 [pid 5073] unlink("./5/binderfs" [pid 5068] getdents64(4, [pid 5116] <... chdir resumed>) = 0 [ 59.347093][ T5115] loop2: detected capacity change from 0 to 1024 [pid 5115] <... exit_group resumed>) = ? [pid 5073] <... unlink resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5116] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] close(4 [pid 5116] <... prctl resumed>) = 0 [pid 5115] +++ exited with 0 +++ [pid 5068] <... close resumed>) = 0 [pid 5116] setpgid(0, 0 [pid 5068] rmdir("./5/file0" [pid 5116] <... setpgid resumed>) = 0 [pid 5073] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5115, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5116] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5070] umount2("./5", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... rmdir resumed>) = 0 [pid 5116] write(3, "1000", 4 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(3, [pid 5116] <... write resumed>) = 4 [pid 5116] close(3 [pid 5070] openat(AT_FDCWD, "./5", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5116] <... close resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5116] symlink("/dev/binderfs", "./binderfs" [pid 5070] newfstatat(3, "", [pid 5069] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(3 [pid 5116] <... symlink resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5116] memfd_create("syzkaller", 0 [pid 5070] getdents64(3, [pid 5069] newfstatat(AT_FDCWD, "./5/file0", [pid 5068] <... close resumed>) = 0 [pid 5116] <... memfd_create resumed>) = 3 [pid 5073] <... umount2 resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5116] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", [pid 5070] umount2("./5/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(4, [pid 5070] newfstatat(AT_FDCWD, "./5/binderfs", [pid 5068] rmdir("./5" [pid 5116] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5116] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5070] unlink("./5/binderfs" [pid 5069] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] mkdir("./6", 0777 [pid 5072] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(4 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5072] newfstatat(AT_FDCWD, "./5/file0", [pid 5069] rmdir("./5/file0" [pid 5068] <... mkdir resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... openat resumed>) = 3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5073] newfstatat(AT_FDCWD, "./5/file0", [pid 5072] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5069] getdents64(3, [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5116] <... write resumed>) = 524288 [pid 5073] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] newfstatat(4, "", [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] close(3 [pid 5068] close(3 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... close resumed>) = 0 [pid 5072] getdents64(4, [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] getdents64(4, [pid 5069] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] rmdir("./5"./strace-static-x86_64: Process 5117 attached [pid 5072] close(4 [pid 5069] <... rmdir resumed>) = 0 [pid 5117] set_robust_list(0x55555566a660, 24 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5117 [pid 5117] <... set_robust_list resumed>) = 0 [pid 5073] newfstatat(4, "", [pid 5072] <... close resumed>) = 0 [pid 5069] mkdir("./6", 0777 [pid 5117] chdir("./6") = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] rmdir("./5/file0" [pid 5069] <... mkdir resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] <... rmdir resumed>) = 0 [pid 5117] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(3, [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5117] setpgid(0, 0 [pid 5073] getdents64(4, [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5117] <... setpgid resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5116] munmap(0x7fa9f93fb000, 138412032 [pid 5073] close(4 [pid 5072] <... close resumed>) = 0 [pid 5070] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5116] <... munmap resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5072] rmdir("./5" [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5117] <... openat resumed>) = 3 [pid 5073] rmdir("./5/file0" [pid 5072] <... rmdir resumed>) = 0 [pid 5069] close(3 [pid 5117] write(3, "1000", 4 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] mkdir("./6", 0777 [pid 5070] newfstatat(AT_FDCWD, "./5/file0", [pid 5069] <... close resumed>) = 0 [pid 5117] <... write resumed>) = 4 [pid 5116] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5073] getdents64(3, [pid 5072] <... mkdir resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5117] close(3 [pid 5116] <... openat resumed>) = 4 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR./strace-static-x86_64: Process 5118 attached [pid 5117] <... close resumed>) = 0 [pid 5116] ioctl(4, LOOP_SET_FD, 3 [pid 5073] close(3 [pid 5072] <... openat resumed>) = 3 [pid 5070] umount2("./5/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5118] set_robust_list(0x55555566a660, 24 [pid 5117] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5118 [pid 5118] <... set_robust_list resumed>) = 0 [pid 5116] <... ioctl resumed>) = 0 [pid 5073] rmdir("./5" [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5070] openat(AT_FDCWD, "./5/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5118] chdir("./6" [pid 5117] <... symlink resumed>) = 0 [pid 5116] close(3 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] <... openat resumed>) = 4 [pid 5116] <... close resumed>) = 0 [pid 5072] close(3 [pid 5070] newfstatat(4, "", [pid 5116] mkdir("./file0", 0777 [pid 5072] <... close resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5118] <... chdir resumed>) = 0 [pid 5117] memfd_create("syzkaller", 0 [pid 5116] <... mkdir resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] getdents64(4, [pid 5118] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] mkdir("./6", 0777 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5117] <... memfd_create resumed>) = 3 ./strace-static-x86_64: Process 5119 attached [pid 5118] <... prctl resumed>) = 0 [pid 5116] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5073] <... mkdir resumed>) = 0 [pid 5119] set_robust_list(0x55555566a660, 24 [pid 5118] setpgid(0, 0 [pid 5117] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5070] getdents64(4, [pid 5119] <... set_robust_list resumed>) = 0 [pid 5118] <... setpgid resumed>) = 0 [pid 5117] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] <... openat resumed>) = 3 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5119 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5119] chdir("./6" [pid 5118] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5070] close(4 [pid 5118] <... openat resumed>) = 3 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] <... close resumed>) = 0 [pid 5119] <... chdir resumed>) = 0 [pid 5118] write(3, "1000", 4 [pid 5073] close(3 [pid 5070] rmdir("./5/file0" [pid 5119] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5118] <... write resumed>) = 4 [pid 5073] <... close resumed>) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5119] <... prctl resumed>) = 0 [pid 5118] close(3 [pid 5119] setpgid(0, 0 [pid 5118] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5119] <... setpgid resumed>) = 0 [pid 5118] symlink("/dev/binderfs", "./binderfs" [pid 5070] getdents64(3, [pid 5119] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5118] <... symlink resumed>) = 0 [pid 5117] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5119] <... openat resumed>) = 3 [pid 5118] memfd_create("syzkaller", 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5118] <... memfd_create resumed>) = 3 [pid 5070] close(3 [pid 5116] <... mount resumed>) = 0 ./strace-static-x86_64: Process 5120 attached [pid 5119] write(3, "1000", 4 [pid 5118] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5116] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5070] <... close resumed>) = 0 [pid 5120] set_robust_list(0x55555566a660, 24 [pid 5119] <... write resumed>) = 4 [pid 5118] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5116] <... openat resumed>) = 3 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5120 [pid 5070] rmdir("./5" [pid 5120] <... set_robust_list resumed>) = 0 [pid 5119] close(3 [pid 5118] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5116] chdir("./file0" [pid 5070] <... rmdir resumed>) = 0 [pid 5120] chdir("./6" [pid 5116] <... chdir resumed>) = 0 [pid 5116] ioctl(4, LOOP_CLR_FD) = 0 [pid 5116] close(4) = 0 [pid 5120] <... chdir resumed>) = 0 [pid 5116] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5120] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5116] <... openat resumed>) = 4 [pid 5116] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5070] mkdir("./6", 0777) = 0 [pid 5120] setpgid(0, 0 [pid 5116] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5120] <... setpgid resumed>) = 0 [pid 5116] exit_group(0) = ? [pid 5120] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5116] +++ exited with 0 +++ [pid 5120] <... openat resumed>) = 3 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5120] write(3, "1000", 4 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5116, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5070] <... openat resumed>) = 3 [pid 5120] <... write resumed>) = 4 [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5119] <... close resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5120] close(3 [pid 5071] <... restart_syscall resumed>) = 0 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5120] <... close resumed>) = 0 [pid 5118] <... write resumed>) = 524288 [pid 5070] close(3 [pid 5120] symlink("/dev/binderfs", "./binderfs" [pid 5070] <... close resumed>) = 0 [pid 5119] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5120] <... symlink resumed>) = 0 [pid 5071] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5117] <... write resumed>) = 524288 [pid 5119] memfd_create("syzkaller", 0 [pid 5117] munmap(0x7fa9f93fb000, 138412032 [pid 5119] <... memfd_create resumed>) = 3 [pid 5071] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5117] <... munmap resumed>) = 0 [ 59.472956][ T5116] loop3: detected capacity change from 0 to 1024 [pid 5071] newfstatat(3, "", [pid 5119] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5120] memfd_create("syzkaller", 0) = 3 [pid 5071] getdents64(3, [pid 5120] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5120] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5071] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5120] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5118] munmap(0x7fa9f93fb000, 138412032 [pid 5117] <... openat resumed>) = 4 [pid 5071] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5119] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5118] <... munmap resumed>) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] unlink("./6/binderfs") = 0 [pid 5071] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5118] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5119] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5118] ioctl(4, LOOP_SET_FD, 3 [pid 5117] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5121 attached [pid 5121] set_robust_list(0x55555566a660, 24) = 0 [pid 5121] chdir("./6") = 0 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5121 [pid 5121] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5120] <... write resumed>) = 524288 [pid 5121] <... prctl resumed>) = 0 [pid 5121] setpgid(0, 0) = 0 [pid 5121] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5121] write(3, "1000", 4) = 4 [pid 5121] close(3) = 0 [pid 5121] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5121] memfd_create("syzkaller", 0) = 3 [pid 5121] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5121] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5119] <... write resumed>) = 524288 [pid 5117] <... ioctl resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5117] close(3 [pid 5071] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] <... close resumed>) = 0 [pid 5117] mkdir("./file0", 0777 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5118] <... ioctl resumed>) = 0 [pid 5118] close(3 [pid 5120] munmap(0x7fa9f93fb000, 138412032 [pid 5118] <... close resumed>) = 0 [pid 5120] <... munmap resumed>) = 0 [pid 5118] mkdir("./file0", 0777 [pid 5117] <... mkdir resumed>) = 0 [pid 5071] newfstatat(AT_FDCWD, "./6/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5118] <... mkdir resumed>) = 0 [pid 5121] <... write resumed>) = 524288 [pid 5120] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5119] munmap(0x7fa9f93fb000, 138412032 [pid 5118] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5117] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5120] <... openat resumed>) = 4 [pid 5119] <... munmap resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] newfstatat(4, "", [pid 5120] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5119] openat(AT_FDCWD, "/dev/loop4", O_RDWR [ 59.546812][ T5118] loop1: detected capacity change from 0 to 1024 [ 59.547086][ T5117] loop0: detected capacity change from 0 to 1024 [pid 5071] getdents64(4, [pid 5119] <... openat resumed>) = 4 [pid 5120] <... ioctl resumed>) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5118] <... mount resumed>) = 0 [pid 5118] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5118] chdir("./file0") = 0 [pid 5118] ioctl(4, LOOP_CLR_FD [pid 5121] munmap(0x7fa9f93fb000, 138412032 [pid 5118] <... ioctl resumed>) = 0 [pid 5121] <... munmap resumed>) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop2", O_RDWR) = 4 [pid 5121] ioctl(4, LOOP_SET_FD, 3 [pid 5119] ioctl(4, LOOP_SET_FD, 3 [pid 5071] getdents64(4, [pid 5118] close(4) = 0 [pid 5118] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] close(4) = 0 [pid 5118] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5120] close(3 [pid 5121] <... ioctl resumed>) = 0 [pid 5071] rmdir("./6/file0" [pid 5120] <... close resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5120] mkdir("./file0", 0777 [pid 5071] getdents64(3, [pid 5120] <... mkdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5120] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] close(3 [pid 5119] <... ioctl resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5071] rmdir("./6" [pid 5119] close(3 [pid 5071] <... rmdir resumed>) = 0 [pid 5119] <... close resumed>) = 0 [pid 5071] mkdir("./7", 0777 [pid 5119] mkdir("./file0", 0777 [pid 5071] <... mkdir resumed>) = 0 [pid 5120] <... mount resumed>) = 0 [pid 5119] <... mkdir resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5120] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... openat resumed>) = 3 [pid 5120] <... openat resumed>) = 3 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5120] chdir("./file0" [pid 5119] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] <... ioctl resumed>) = 0 [pid 5120] <... chdir resumed>) = 0 [pid 5071] close(3 [pid 5120] ioctl(4, LOOP_CLR_FD [pid 5118] <... ioctl resumed>) = 0 [pid 5120] <... ioctl resumed>) = 0 [pid 5120] close(4 [pid 5071] <... close resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5122 attached [pid 5118] exit_group(0 [pid 5122] set_robust_list(0x55555566a660, 24 [pid 5118] <... exit_group resumed>) = ? [pid 5122] <... set_robust_list resumed>) = 0 [pid 5118] +++ exited with 0 +++ [pid 5122] chdir("./7") = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5118, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5122] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5122 [pid 5069] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] <... prctl resumed>) = 0 [pid 5121] close(3 [pid 5120] <... close resumed>) = 0 [ 59.593477][ T5120] loop5: detected capacity change from 0 to 1024 [ 59.613105][ T5121] loop2: detected capacity change from 0 to 1024 [ 59.621663][ T5119] loop4: detected capacity change from 0 to 1024 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5122] setpgid(0, 0 [pid 5121] <... close resumed>) = 0 [pid 5120] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5121] mkdir("./file0", 0777 [pid 5120] <... openat resumed>) = 4 [pid 5121] <... mkdir resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5122] <... setpgid resumed>) = 0 [pid 5121] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5120] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5122] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5120] <... ioctl resumed>) = 0 [pid 5069] newfstatat(3, "", [pid 5122] <... openat resumed>) = 3 [pid 5120] exit_group(0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5120] <... exit_group resumed>) = ? [pid 5122] write(3, "1000", 4 [pid 5120] +++ exited with 0 +++ [pid 5069] getdents64(3, [pid 5122] <... write resumed>) = 4 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5120, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5122] close(3) = 0 [pid 5069] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] symlink("/dev/binderfs", "./binderfs" [pid 5073] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] <... symlink resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5122] memfd_create("syzkaller", 0 [pid 5069] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5122] <... memfd_create resumed>) = 3 [pid 5117] <... mount resumed>) = 0 [pid 5069] unlink("./6/binderfs" [pid 5122] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... unlink resumed>) = 0 [pid 5122] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5117] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] <... openat resumed>) = 3 [pid 5117] <... openat resumed>) = 3 [pid 5073] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(AT_FDCWD, "./6/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] unlink("./6/binderfs") = 0 [pid 5119] <... mount resumed>) = 0 [pid 5117] chdir("./file0") = 0 [pid 5073] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5117] ioctl(4, LOOP_CLR_FD) = 0 [pid 5117] close(4 [pid 5122] <... write resumed>) = 524288 [pid 5117] <... close resumed>) = 0 [pid 5117] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5121] <... mount resumed>) = 0 [pid 5119] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5117] <... openat resumed>) = 4 [pid 5117] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5117] exit_group(0) = ? [pid 5119] <... openat resumed>) = 3 [pid 5121] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5119] chdir("./file0" [pid 5121] <... openat resumed>) = 3 [pid 5122] munmap(0x7fa9f93fb000, 138412032 [pid 5121] chdir("./file0" [pid 5119] <... chdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5122] <... munmap resumed>) = 0 [pid 5117] +++ exited with 0 +++ [pid 5122] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5121] <... chdir resumed>) = 0 [pid 5119] ioctl(4, LOOP_CLR_FD [pid 5073] <... umount2 resumed>) = 0 [pid 5069] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5121] ioctl(4, LOOP_CLR_FD [pid 5119] <... ioctl resumed>) = 0 [pid 5073] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] <... openat resumed>) = 4 [pid 5121] <... ioctl resumed>) = 0 [pid 5119] close(4 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5117, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5121] close(4 [pid 5119] <... close resumed>) = 0 [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5122] ioctl(4, LOOP_SET_FD, 3 [pid 5121] <... close resumed>) = 0 [pid 5119] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5073] newfstatat(AT_FDCWD, "./6/file0", [pid 5069] newfstatat(AT_FDCWD, "./6/file0", [pid 5068] <... restart_syscall resumed>) = 0 [pid 5121] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5119] <... openat resumed>) = 4 [pid 5119] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5119] exit_group(0 [pid 5068] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5121] <... openat resumed>) = 4 [pid 5119] <... exit_group resumed>) = ? [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5121] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5119] +++ exited with 0 +++ [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5121] <... ioctl resumed>) = 0 [pid 5121] exit_group(0 [pid 5073] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5119, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... openat resumed>) = 3 [pid 5121] <... exit_group resumed>) = ? [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(3, "", [pid 5073] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... openat resumed>) = 4 [pid 5121] +++ exited with 0 +++ [pid 5072] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 4 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] newfstatat(4, "", [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(4, "", [pid 5068] getdents64(3, [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5121, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] getdents64(4, [pid 5072] <... openat resumed>) = 3 [pid 5070] restart_syscall(<... resuming interrupted clone ...> [pid 5069] getdents64(4, [pid 5068] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] newfstatat(3, "", [pid 5070] <... restart_syscall resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(4, [pid 5068] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5073] close(4 [pid 5072] getdents64(3, [pid 5073] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] rmdir("./6/file0" [pid 5072] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./6", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(4 [pid 5068] unlink("./6/binderfs" [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5122] <... ioctl resumed>) = 0 [pid 5073] getdents64(3, [pid 5072] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5070] openat(AT_FDCWD, "./6", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] rmdir("./6/file0" [pid 5068] <... unlink resumed>) = 0 [pid 5122] close(3 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5069] <... rmdir resumed>) = 0 [pid 5068] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] <... close resumed>) = 0 [pid 5073] close(3 [pid 5072] unlink("./6/binderfs" [pid 5070] newfstatat(3, "", [pid 5069] getdents64(3, [pid 5122] mkdir("./file0", 0777 [pid 5073] <... close resumed>) = 0 [pid 5072] <... unlink resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 59.749735][ T5122] loop3: detected capacity change from 0 to 1024 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5122] <... mkdir resumed>) = 0 [pid 5073] rmdir("./6" [pid 5072] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(3, [pid 5073] <... rmdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] <... umount2 resumed>) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./6") = 0 [pid 5068] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5122] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] mkdir("./7", 0777) = 0 [pid 5068] newfstatat(AT_FDCWD, "./6/file0", [pid 5070] umount2("./6/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(AT_FDCWD, "./6/binderfs", [pid 5068] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... openat resumed>) = 3 [pid 5073] mkdir("./7", 0777 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5073] <... mkdir resumed>) = 0 [pid 5070] unlink("./6/binderfs" [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] <... unlink resumed>) = 0 [pid 5069] close(3 [pid 5070] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... openat resumed>) = 3 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5068] <... openat resumed>) = 4 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] newfstatat(4, "", [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5123 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] close(3 [pid 5068] getdents64(4, ./strace-static-x86_64: Process 5123 attached [pid 5073] <... close resumed>) = 0 [pid 5123] set_robust_list(0x55555566a660, 24) = 0 [pid 5123] chdir("./7") = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5123] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5123] <... prctl resumed>) = 0 [pid 5123] setpgid(0, 0) = 0 ./strace-static-x86_64: Process 5124 attached [pid 5123] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5124] set_robust_list(0x55555566a660, 24 [pid 5123] <... openat resumed>) = 3 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5124 [pid 5124] <... set_robust_list resumed>) = 0 [pid 5123] write(3, "1000", 4 [pid 5124] chdir("./7" [pid 5123] <... write resumed>) = 4 [pid 5124] <... chdir resumed>) = 0 [pid 5123] close(3 [pid 5124] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5123] <... close resumed>) = 0 [pid 5124] <... prctl resumed>) = 0 [pid 5123] symlink("/dev/binderfs", "./binderfs" [pid 5124] setpgid(0, 0 [pid 5123] <... symlink resumed>) = 0 [pid 5124] <... setpgid resumed>) = 0 [pid 5124] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] getdents64(4, [pid 5124] <... openat resumed>) = 3 [pid 5124] write(3, "1000", 4 [pid 5072] <... umount2 resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5124] <... write resumed>) = 4 [pid 5124] close(3) = 0 [pid 5122] <... mount resumed>) = 0 [pid 5072] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] close(4 [pid 5124] symlink("/dev/binderfs", "./binderfs" [pid 5123] memfd_create("syzkaller", 0 [pid 5122] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5124] <... symlink resumed>) = 0 [pid 5123] <... memfd_create resumed>) = 3 [pid 5122] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5124] memfd_create("syzkaller", 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = 0 [pid 5068] rmdir("./6/file0" [pid 5072] newfstatat(AT_FDCWD, "./6/file0", [pid 5070] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5124] <... memfd_create resumed>) = 3 [pid 5124] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5124] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(AT_FDCWD, "./6/file0", [pid 5068] <... rmdir resumed>) = 0 [pid 5072] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./6/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5072] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5070] openat(AT_FDCWD, "./6/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] close(3 [pid 5072] newfstatat(4, "", [pid 5123] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5122] chdir("./file0" [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... openat resumed>) = 4 [pid 5072] getdents64(4, [pid 5068] <... close resumed>) = 0 [pid 5123] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5122] <... chdir resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] rmdir("./6" [pid 5072] getdents64(4, [pid 5123] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5122] ioctl(4, LOOP_CLR_FD [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5072] close(4 [pid 5070] newfstatat(4, "", [pid 5068] mkdir("./7", 0777 [pid 5072] <... close resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5122] <... ioctl resumed>) = 0 [pid 5122] close(4) = 0 [pid 5122] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5072] rmdir("./6/file0" [pid 5070] getdents64(4, [pid 5068] <... mkdir resumed>) = 0 [pid 5122] <... openat resumed>) = 4 [pid 5122] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5122] exit_group(0 [pid 5072] getdents64(3, [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5122] <... exit_group resumed>) = ? [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] getdents64(4, [pid 5122] +++ exited with 0 +++ [pid 5072] close(3 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5123] <... write resumed>) = 524288 [pid 5070] close(4 [pid 5072] <... close resumed>) = 0 [pid 5072] rmdir("./6" [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5122, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5070] <... close resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5070] rmdir("./6/file0" [pid 5072] <... rmdir resumed>) = 0 [pid 5123] munmap(0x7fa9f93fb000, 138412032 [pid 5072] mkdir("./7", 0777 [pid 5070] <... rmdir resumed>) = 0 [pid 5070] getdents64(3, [pid 5071] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] close(3 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] <... openat resumed>) = 3 [pid 5071] newfstatat(3, "", [pid 5070] <... close resumed>) = 0 [pid 5123] <... munmap resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] rmdir("./6" [pid 5124] <... write resumed>) = 524288 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] getdents64(3, [pid 5124] munmap(0x7fa9f93fb000, 138412032 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5124] <... munmap resumed>) = 0 [pid 5123] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... rmdir resumed>) = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5123] <... openat resumed>) = 4 [pid 5072] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5124] <... openat resumed>) = 4 [pid 5123] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... close resumed>) = 0 [pid 5071] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5070] mkdir("./7", 0777 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] unlink("./7/binderfs") = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5071] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] ioctl(4, LOOP_SET_FD, 3./strace-static-x86_64: Process 5125 attached [pid 5071] <... umount2 resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5125] set_robust_list(0x55555566a660, 24 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5125 [pid 5125] <... set_robust_list resumed>) = 0 [pid 5071] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] chdir("./7" [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] <... chdir resumed>) = 0 [pid 5125] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5125] setpgid(0, 0) = 0 [pid 5125] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5125] write(3, "1000", 4) = 4 [pid 5125] close(3) = 0 [pid 5125] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5125] memfd_create("syzkaller", 0 [pid 5123] <... ioctl resumed>) = 0 [pid 5071] newfstatat(AT_FDCWD, "./7/file0", [pid 5070] <... openat resumed>) = 3 [pid 5125] <... memfd_create resumed>) = 3 [pid 5123] close(3 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5125] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5123] <... close resumed>) = 0 [pid 5071] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5123] mkdir("./file0", 0777 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5123] <... mkdir resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... openat resumed>) = 4 [pid 5070] close(3 [pid 5125] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5123] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5070] <... close resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5126 ./strace-static-x86_64: Process 5126 attached [pid 5068] <... ioctl resumed>) = 0 [pid 5126] set_robust_list(0x55555566a660, 24 [pid 5071] getdents64(4, [pid 5068] close(3 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... close resumed>) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5124] <... ioctl resumed>) = 0 [pid 5071] close(4) = 0 ./strace-static-x86_64: Process 5127 attached [pid 5126] <... set_robust_list resumed>) = 0 [pid 5124] close(3 [pid 5071] rmdir("./7/file0" [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5127 [pid 5127] set_robust_list(0x55555566a660, 24 [pid 5126] chdir("./7" [pid 5124] <... close resumed>) = 0 [pid 5127] <... set_robust_list resumed>) = 0 [pid 5126] <... chdir resumed>) = 0 [pid 5124] mkdir("./file0", 0777 [pid 5127] chdir("./7" [pid 5126] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5125] <... write resumed>) = 524288 [pid 5124] <... mkdir resumed>) = 0 [pid 5123] <... mount resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [ 59.924327][ T5123] loop1: detected capacity change from 0 to 1024 [ 59.957759][ T5124] loop5: detected capacity change from 0 to 1024 [pid 5126] <... prctl resumed>) = 0 [pid 5124] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] getdents64(3, [pid 5127] <... chdir resumed>) = 0 [pid 5127] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5127] setpgid(0, 0 [pid 5126] setpgid(0, 0 [pid 5123] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5127] <... setpgid resumed>) = 0 [pid 5126] <... setpgid resumed>) = 0 [pid 5123] <... openat resumed>) = 3 [pid 5071] close(3 [pid 5126] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5123] chdir("./file0" [pid 5127] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] <... close resumed>) = 0 [pid 5126] <... openat resumed>) = 3 [pid 5123] <... chdir resumed>) = 0 [pid 5071] rmdir("./7" [pid 5127] <... openat resumed>) = 3 [pid 5126] write(3, "1000", 4 [pid 5125] munmap(0x7fa9f93fb000, 138412032 [pid 5124] <... mount resumed>) = 0 [pid 5123] ioctl(4, LOOP_CLR_FD [pid 5071] <... rmdir resumed>) = 0 [pid 5127] write(3, "1000", 4 [pid 5126] <... write resumed>) = 4 [pid 5127] <... write resumed>) = 4 [pid 5126] close(3 [pid 5127] close(3 [pid 5124] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5127] <... close resumed>) = 0 [pid 5126] <... close resumed>) = 0 [pid 5127] symlink("/dev/binderfs", "./binderfs" [pid 5126] symlink("/dev/binderfs", "./binderfs" [pid 5127] <... symlink resumed>) = 0 [pid 5126] <... symlink resumed>) = 0 [pid 5125] <... munmap resumed>) = 0 [pid 5123] <... ioctl resumed>) = 0 [pid 5071] mkdir("./8", 0777 [pid 5124] <... openat resumed>) = 3 [pid 5127] memfd_create("syzkaller", 0 [pid 5126] memfd_create("syzkaller", 0 [pid 5125] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5124] chdir("./file0" [pid 5123] close(4 [pid 5071] <... mkdir resumed>) = 0 [pid 5127] <... memfd_create resumed>) = 3 [pid 5126] <... memfd_create resumed>) = 3 [pid 5124] <... chdir resumed>) = 0 [pid 5127] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5126] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5124] ioctl(4, LOOP_CLR_FD [pid 5127] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5126] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5125] <... openat resumed>) = 4 [pid 5124] <... ioctl resumed>) = 0 [pid 5123] <... close resumed>) = 0 [pid 5125] ioctl(4, LOOP_SET_FD, 3 [pid 5123] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5124] close(4 [pid 5126] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5124] <... close resumed>) = 0 [pid 5123] <... openat resumed>) = 4 [pid 5071] <... openat resumed>) = 3 [pid 5123] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5123] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5123] exit_group(0 [pid 5071] close(3 [pid 5123] <... exit_group resumed>) = ? [pid 5071] <... close resumed>) = 0 [pid 5124] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5123] +++ exited with 0 +++ [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5124] <... openat resumed>) = 4 [pid 5124] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5128 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5123, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5124] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5124] exit_group(0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 ./strace-static-x86_64: Process 5128 attached [pid 5127] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5124] <... exit_group resumed>) = ? [pid 5128] set_robust_list(0x55555566a660, 24 [pid 5069] getdents64(3, [pid 5128] <... set_robust_list resumed>) = 0 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5128] chdir("./8" [pid 5124] +++ exited with 0 +++ [pid 5069] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5124, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5128] <... chdir resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5128] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] unlink("./7/binderfs" [pid 5128] <... prctl resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... unlink resumed>) = 0 [pid 5128] setpgid(0, 0 [pid 5126] <... write resumed>) = 524288 [pid 5125] <... ioctl resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5128] <... setpgid resumed>) = 0 [pid 5125] close(3 [pid 5073] <... openat resumed>) = 3 [pid 5128] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5125] <... close resumed>) = 0 [pid 5073] newfstatat(3, "", [pid 5128] <... openat resumed>) = 3 [pid 5125] mkdir("./file0", 0777 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5128] write(3, "1000", 4 [pid 5125] <... mkdir resumed>) = 0 [pid 5073] getdents64(3, [pid 5128] <... write resumed>) = 4 [pid 5125] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5128] close(3 [pid 5073] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5128] <... close resumed>) = 0 [pid 5127] <... write resumed>) = 524288 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5128] symlink("/dev/binderfs", "./binderfs" [pid 5073] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5128] <... symlink resumed>) = 0 [pid 5127] munmap(0x7fa9f93fb000, 138412032 [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [ 60.046900][ T5125] loop4: detected capacity change from 0 to 1024 [pid 5128] memfd_create("syzkaller", 0 [pid 5127] <... munmap resumed>) = 0 [pid 5125] <... mount resumed>) = 0 [pid 5073] unlink("./7/binderfs" [pid 5069] <... umount2 resumed>) = 0 [pid 5128] <... memfd_create resumed>) = 3 [pid 5073] <... unlink resumed>) = 0 [pid 5128] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5126] munmap(0x7fa9f93fb000, 138412032 [pid 5125] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5128] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5127] <... openat resumed>) = 4 [pid 5126] <... munmap resumed>) = 0 [pid 5125] <... openat resumed>) = 3 [pid 5069] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] ioctl(4, LOOP_SET_FD, 3 [pid 5126] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5125] chdir("./file0" [pid 5128] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5126] <... openat resumed>) = 4 [pid 5125] <... chdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./7/file0", [pid 5125] ioctl(4, LOOP_CLR_FD [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5125] <... ioctl resumed>) = 0 [pid 5069] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5125] close(4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5125] <... close resumed>) = 0 [pid 5069] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5126] ioctl(4, LOOP_SET_FD, 3 [pid 5125] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5069] <... openat resumed>) = 4 [pid 5125] <... openat resumed>) = 4 [pid 5069] newfstatat(4, "", [pid 5125] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./7/file0") = 0 [pid 5126] <... ioctl resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5069] getdents64(3, [pid 5127] <... ioctl resumed>) = 0 [pid 5128] <... write resumed>) = 524288 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5127] close(3 [pid 5126] close(3 [pid 5073] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5127] mkdir("./file0", 0777 [pid 5126] <... close resumed>) = 0 [pid 5073] newfstatat(AT_FDCWD, "./7/file0", [pid 5069] close(3 [pid 5127] <... mkdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5127] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5126] mkdir("./file0", 0777 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] rmdir("./7" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5126] <... mkdir resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5069] <... rmdir resumed>) = 0 [pid 5073] newfstatat(4, "", [pid 5128] munmap(0x7fa9f93fb000, 138412032 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] mkdir("./8", 0777 [pid 5073] getdents64(4, [pid 5128] <... munmap resumed>) = 0 [pid 5126] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... mkdir resumed>) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5128] <... openat resumed>) = 4 [pid 5073] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] close(4 [pid 5128] ioctl(4, LOOP_SET_FD, 3 [pid 5073] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [ 60.124805][ T5127] loop0: detected capacity change from 0 to 1024 [ 60.132599][ T5126] loop2: detected capacity change from 0 to 1024 [ 60.163942][ T5128] loop3: detected capacity change from 0 to 1024 [pid 5128] <... ioctl resumed>) = 0 [pid 5126] <... mount resumed>) = 0 [pid 5073] rmdir("./7/file0" [pid 5125] <... ioctl resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5125] exit_group(0) = ? [pid 5125] +++ exited with 0 +++ [pid 5069] <... ioctl resumed>) = 0 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5129 attached [pid 5129] set_robust_list(0x55555566a660, 24) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5129 [pid 5129] chdir("./8") = 0 [pid 5129] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5129] setpgid(0, 0) = 0 [pid 5129] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5129] write(3, "1000", 4) = 4 [pid 5129] close(3) = 0 [pid 5129] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5129] memfd_create("syzkaller", 0) = 3 [pid 5129] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5129] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5128] close(3) = 0 [pid 5128] mkdir("./file0", 0777) = 0 [pid 5128] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5129] <... write resumed>) = 524288 [pid 5128] <... mount resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5128] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] getdents64(3, [pid 5128] <... openat resumed>) = 3 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5128] chdir("./file0" [pid 5073] close(3 [pid 5128] <... chdir resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5128] ioctl(4, LOOP_CLR_FD [ 60.172618][ T5127] ================================================================== [ 60.180691][ T5127] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0xf82/0x1070 [ 60.188969][ T5127] Read of size 2 at addr ffff88801cdfa800 by task syz-executor421/5127 [ 60.197225][ T5127] [ 60.199991][ T5127] CPU: 1 PID: 5127 Comm: syz-executor421 Not tainted 6.7.0-rc5-syzkaller-00042-g88035e5694a8 #0 [ 60.210408][ T5127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 60.220637][ T5127] Call Trace: [pid 5073] rmdir("./7" [pid 5128] <... ioctl resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5128] close(4 [pid 5129] munmap(0x7fa9f93fb000, 138412032 [pid 5128] <... close resumed>) = 0 [pid 5129] <... munmap resumed>) = 0 [pid 5128] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5129] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5128] <... openat resumed>) = 4 [pid 5073] mkdir("./8", 0777 [pid 5129] <... openat resumed>) = 4 [pid 5128] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5073] <... mkdir resumed>) = 0 [pid 5129] ioctl(4, LOOP_SET_FD, 3 [pid 5128] <... ioctl resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5129] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5128] exit_group(0 [pid 5073] <... openat resumed>) = 3 [pid 5129] ioctl(4, LOOP_CLR_FD [pid 5128] <... exit_group resumed>) = ? [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5129] <... ioctl resumed>) = 0 [pid 5128] +++ exited with 0 +++ [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] close(3) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5128, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5071] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5130 attached [pid 5129] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... restart_syscall resumed>) = 0 [pid 5130] set_robust_list(0x55555566a660, 24 [pid 5129] <... ioctl resumed>) = -1 EBUSY (Device or resource busy) [pid 5129] close(4 [pid 5130] <... set_robust_list resumed>) = 0 [pid 5129] <... close resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5130 [pid 5071] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5130] chdir("./8" [pid 5129] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5129] <... close resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5130] <... chdir resumed>) = 0 [pid 5071] newfstatat(3, "", [pid 5130] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5130] <... prctl resumed>) = 0 [pid 5071] getdents64(3, [pid 5130] setpgid(0, 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5130] <... setpgid resumed>) = 0 [pid 5071] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5130] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5129] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] unlink("./8/binderfs" [pid 5130] <... openat resumed>) = 3 [pid 5129] <... openat resumed>) = 3 [pid 5071] <... unlink resumed>) = 0 [pid 5071] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5130] write(3, "1000", 4) = 4 [pid 5130] close(3) = 0 [pid 5130] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5130] memfd_create("syzkaller", 0) = 3 [pid 5129] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5130] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5129] <... ioctl resumed>) = 0 [ 60.223925][ T5127] [ 60.226909][ T5127] dump_stack_lvl+0xd9/0x1b0 [ 60.231538][ T5127] print_report+0xc4/0x620 [ 60.235996][ T5127] ? __virt_addr_valid+0x5e/0x2d0 [ 60.241037][ T5127] ? __phys_addr+0xc6/0x140 [ 60.245558][ T5127] kasan_report+0xda/0x110 [ 60.249992][ T5127] ? hfsplus_read_wrapper+0xf82/0x1070 [ 60.255479][ T5127] ? hfsplus_read_wrapper+0xf82/0x1070 [ 60.260957][ T5127] hfsplus_read_wrapper+0xf82/0x1070 [ 60.266260][ T5127] ? hfsplus_submit_bio+0x2b0/0x2b0 [pid 5129] exit_group(0 [pid 5130] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5129] <... exit_group resumed>) = ? [pid 5129] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5129, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x55555566b6f0 /* 3 entries */, 32768) = 80 [pid 5069] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./8/binderfs" [pid 5130] <... write resumed>) = 524288 [pid 5069] <... unlink resumed>) = 0 [pid 5069] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(3) = 0 [pid 5069] rmdir("./8") = 0 [pid 5069] mkdir("./9", 0777) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 3 [pid 5069] ioctl(3, LOOP_CLR_FD) = 0 [pid 5069] close(3) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5130] munmap(0x7fa9f93fb000, 138412032./strace-static-x86_64: Process 5131 attached [pid 5131] set_robust_list(0x55555566a660, 24 [pid 5130] <... munmap resumed>) = 0 [pid 5131] <... set_robust_list resumed>) = 0 [pid 5131] chdir("./9") = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5131 [pid 5130] <... openat resumed>) = 4 [pid 5131] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5131] setpgid(0, 0 [pid 5130] ioctl(4, LOOP_SET_FD, 3 [pid 5131] <... setpgid resumed>) = 0 [pid 5131] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5131] write(3, "1000", 4) = 4 [pid 5131] close(3) = 0 [pid 5131] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5131] memfd_create("syzkaller", 0) = 3 [pid 5131] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [ 60.271465][ T5127] ? do_raw_spin_lock+0x12e/0x2b0 [ 60.276507][ T5127] ? spin_bug+0x1d0/0x1d0 [ 60.280848][ T5127] ? do_raw_spin_unlock+0x173/0x230 [ 60.286062][ T5127] ? _raw_spin_unlock+0x28/0x40 [ 60.290923][ T5127] ? find_nls+0x125/0x160 [ 60.295286][ T5127] hfsplus_fill_super+0x352/0x1bc0 [ 60.300420][ T5127] ? hlock_class+0x4e/0x130 [ 60.302826][ T5130] loop5: detected capacity change from 0 to 1024 [ 60.304934][ T5127] ? mark_lock+0xb5/0xc50 [ 60.304963][ T5127] ? print_usage_bug.part.0+0x550/0x550 [ 60.321150][ T5127] ? hfsplus_iget+0x7a0/0x7a0 [pid 5131] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5130] <... ioctl resumed>) = 0 [pid 5131] <... write resumed>) = 524288 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5125, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5072] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5072] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] unlink("./7/binderfs") = 0 [pid 5072] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [ 60.326033][ T5127] ? bdev_name.constprop.0+0xa1/0x320 [ 60.331446][ T5127] ? lock_sync+0x190/0x190 [ 60.335881][ T5127] ? hfsplus_iget+0x7a0/0x7a0 [ 60.340575][ T5127] ? preempt_count_sub+0x160/0x160 [ 60.345706][ T5127] ? sb_set_blocksize+0xf6/0x120 [ 60.350663][ T5127] ? hfsplus_iget+0x7a0/0x7a0 [ 60.355362][ T5127] mount_bdev+0x1f3/0x2e0 [ 60.359712][ T5127] ? sget+0x640/0x640 [ 60.363728][ T5127] ? apparmor_capable+0x126/0x1e0 [ 60.368781][ T5127] ? zisofs_cleanup+0x20/0x20 [pid 5130] close(3) = 0 [pid 5130] mkdir("./file0", 0777) = 0 [pid 5131] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5130] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5131] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5131] ioctl(4, LOOP_SET_FD, 3 [pid 5130] <... mount resumed>) = 0 [pid 5130] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5130] chdir("./file0") = 0 [pid 5130] ioctl(4, LOOP_CLR_FD) = 0 [pid 5130] close(4) = 0 [pid 5130] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [ 60.373478][ T5127] legacy_get_tree+0x109/0x220 [ 60.378274][ T5127] vfs_get_tree+0x8c/0x370 [ 60.382725][ T5127] path_mount+0x1492/0x1ed0 [ 60.387251][ T5127] ? kmem_cache_free+0xf8/0x350 [ 60.392129][ T5127] ? finish_automount+0xa40/0xa40 [ 60.397190][ T5127] ? putname+0x12e/0x170 [ 60.401446][ T5127] __x64_sys_mount+0x293/0x310 [ 60.402587][ T5131] loop1: detected capacity change from 0 to 1024 [ 60.406209][ T5127] ? copy_mnt_ns+0xb60/0xb60 [ 60.417106][ T5127] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [pid 5130] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5130] exit_group(0) = ? [pid 5130] +++ exited with 0 +++ [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5130, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5073] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5073] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5073] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(AT_FDCWD, "./8/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] unlink("./8/binderfs") = 0 [pid 5073] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5131] <... ioctl resumed>) = 0 [pid 5131] close(3) = 0 [pid 5131] mkdir("./file0", 0777) = 0 [ 60.423363][ T5127] do_syscall_64+0x40/0x110 [ 60.427890][ T5127] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 60.433831][ T5127] RIP: 0033:0x7faa0183b61a [ 60.438257][ T5127] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 60.457885][ T5127] RSP: 002b:00007ffc7fdb6958 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 60.466321][ T5127] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faa0183b61a [pid 5131] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "") = 0 [pid 5131] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5131] chdir("./file0") = 0 [pid 5131] ioctl(4, LOOP_CLR_FD) = 0 [pid 5131] close(4) = 0 [pid 5131] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [ 60.474314][ T5127] RDX: 0000000020000100 RSI: 00000000200002c0 RDI: 00007ffc7fdb69a0 [ 60.482295][ T5127] RBP: 0000000000000004 R08: 00007ffc7fdb69e0 R09: 0000000000000672 [ 60.490279][ T5127] R10: 0000000000814054 R11: 0000000000000286 R12: 00007ffc7fdb69a0 [ 60.498257][ T5127] R13: 00007ffc7fdb69e0 R14: 0000000000080000 R15: 0000000000000003 [ 60.506238][ T5127] [ 60.509261][ T5127] [ 60.511587][ T5127] The buggy address belongs to the object at ffff88801cdfa800 [ 60.511587][ T5127] which belongs to the cache kmalloc-512 of size 512 [pid 5131] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5131] exit_group(0) = ? [pid 5131] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5131, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./9/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./9/binderfs") = 0 [ 60.525638][ T5127] The buggy address is located 0 bytes inside of [ 60.525638][ T5127] freed 512-byte region [ffff88801cdfa800, ffff88801cdfaa00) [ 60.539255][ T5127] [ 60.541583][ T5127] The buggy address belongs to the physical page: [ 60.547987][ T5127] page:ffffea0000737e00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1cdf8 [ 60.558139][ T5127] head:ffffea0000737e00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 60.567087][ T5127] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 60.575513][ T5127] page_type: 0xffffffff() [ 60.579856][ T5127] raw: 00fff00000000840 ffff888013041c80 0000000000000000 dead000000000001 [ 60.588446][ T5127] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 60.597895][ T5127] page dumped because: kasan: bad access detected [ 60.604306][ T5127] page_owner tracks the page as allocated [ 60.610013][ T5127] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 6469180379, free_ts 0 [ 60.629643][ T5127] post_alloc_hook+0x2d0/0x350 [ 60.634429][ T5127] get_page_from_freelist+0xa25/0x36d0 [ 60.639895][ T5127] __alloc_pages+0x22e/0x2420 [ 60.644620][ T5127] alloc_pages_mpol+0x258/0x5f0 [ 60.649475][ T5127] new_slab+0x283/0x3c0 [ 60.653635][ T5127] ___slab_alloc+0x979/0x1500 [ 60.658320][ T5127] __slab_alloc.constprop.0+0x56/0xa0 [ 60.663698][ T5127] __kmem_cache_alloc_node+0x131/0x310 [ 60.669159][ T5127] kmalloc_trace+0x25/0x60 [pid 5069] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5126] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5126] chdir("./file0") = 0 [pid 5126] ioctl(4, LOOP_CLR_FD) = 0 [ 60.673600][ T5127] nfcsim_device_new+0x8e/0x620 [ 60.678444][ T5127] nfcsim_init+0x59/0x200 [ 60.682749][ T5127] do_one_initcall+0x11c/0x650 [ 60.687493][ T5127] kernel_init_freeable+0x687/0xc10 [ 60.692670][ T5127] kernel_init+0x1c/0x2a0 [ 60.696987][ T5127] ret_from_fork+0x45/0x80 [ 60.701425][ T5127] ret_from_fork_asm+0x11/0x20 [ 60.706197][ T5127] page_owner free stack trace missing [ 60.711557][ T5127] [ 60.713875][ T5127] Memory state around the buggy address: [ 60.719489][ T5127] ffff88801cdfa700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [pid 5126] close(4) = 0 [pid 5126] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5126] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5126] exit_group(0) = ? [pid 5126] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5126, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5070] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./7/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./7/binderfs") = 0 [ 60.727543][ T5127] ffff88801cdfa780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 60.735615][ T5127] >ffff88801cdfa800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.743680][ T5127] ^ [ 60.747740][ T5127] ffff88801cdfa880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.755811][ T5127] ffff88801cdfa900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 60.763872][ T5127] ================================================================== [pid 5070] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5073] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = 0 [pid 5070] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5127] ioctl(4, LOOP_CLR_FD [pid 5071] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./9/file0", [pid 5073] newfstatat(AT_FDCWD, "./8/file0", [pid 5072] newfstatat(AT_FDCWD, "./7/file0", [pid 5071] newfstatat(AT_FDCWD, "./8/file0", [pid 5070] newfstatat(AT_FDCWD, "./7/file0", [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... openat resumed>) = 4 [pid 5070] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... openat resumed>) = 4 [pid 5072] <... openat resumed>) = 4 [pid 5071] newfstatat(4, "", [pid 5070] <... openat resumed>) = 4 [pid 5069] <... openat resumed>) = 4 [pid 5073] newfstatat(4, "", [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] newfstatat(4, "", [pid 5069] newfstatat(4, "", [pid 5072] newfstatat(4, "", [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] getdents64(4, [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] getdents64(4, [pid 5070] getdents64(4, [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] getdents64(4, [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, [pid 5070] getdents64(4, [pid 5069] getdents64(4, [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] getdents64(4, [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] close(4 [pid 5071] close(4 [pid 5070] close(4 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... close resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5069] getdents64(4, [ 60.773641][ T5127] Disabling lock debugging due to kernel taint [ 60.781005][ T5127] hfsplus: unable to set blocksize to 1024! [ 60.796517][ T5127] hfsplus: unable to find HFS+ superblock [pid 5073] rmdir("./8/file0" [pid 5072] close(4 [pid 5071] rmdir("./8/file0" [pid 5070] rmdir("./7/file0" [pid 5073] <... rmdir resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5073] getdents64(3, [pid 5072] <... close resumed>) = 0 [pid 5071] getdents64(3, [pid 5070] getdents64(3, [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] rmdir("./7/file0" [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] close(4 [pid 5073] close(3 [pid 5071] close(3 [pid 5070] close(3 [pid 5073] <... close resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5072] getdents64(3, [pid 5071] rmdir("./8" [pid 5069] rmdir("./9/file0" [pid 5073] rmdir("./8" [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5070] rmdir("./7" [pid 5069] <... rmdir resumed>) = 0 [pid 5072] close(3 [pid 5071] mkdir("./9", 0777 [pid 5069] getdents64(3, [pid 5073] <... rmdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5073] mkdir("./9", 0777 [pid 5072] rmdir("./7" [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] mkdir("./8", 0777 [pid 5069] close(3 [pid 5073] <... mkdir resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./9" [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5070] <... mkdir resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5069] mkdir("./10", 0777 [pid 5073] <... openat resumed>) = 3 [pid 5072] mkdir("./8", 0777 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] <... mkdir resumed>) = 0 [pid 5071] close(3 [pid 5070] <... openat resumed>) = 3 [pid 5072] <... mkdir resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5071] <... close resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5070] close(3./strace-static-x86_64: Process 5132 attached [pid 5072] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 5132] set_robust_list(0x55555566a660, 24 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5132] <... set_robust_list resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5132] chdir("./9" [pid 5069] close(3 [pid 5132] <... chdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5132] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5132 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5132] <... prctl resumed>) = 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5132] setpgid(0, 0) = 0 [pid 5132] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] close(3) = 0 [pid 5070] <... close resumed>) = 0 [pid 5132] <... openat resumed>) = 3 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5132] write(3, "1000", 4) = 4 [pid 5132] close(3) = 0 [pid 5132] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 5135 attached ./strace-static-x86_64: Process 5134 attached ./strace-static-x86_64: Process 5133 attached [pid 5132] memfd_create("syzkaller", 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5133 [pid 5135] set_robust_list(0x55555566a660, 24 [pid 5134] set_robust_list(0x55555566a660, 24 [pid 5133] set_robust_list(0x55555566a660, 24 [pid 5132] <... memfd_create resumed>) = 3 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5134 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5135 [pid 5135] <... set_robust_list resumed>) = 0 [pid 5134] <... set_robust_list resumed>) = 0 [pid 5133] <... set_robust_list resumed>) = 0 [pid 5132] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] close(3 [pid 5134] chdir("./8" [pid 5132] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5134] <... chdir resumed>) = 0 [pid 5134] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5134] setpgid(0, 0) = 0 [pid 5134] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5127] <... ioctl resumed>) = 0 [pid 5134] <... openat resumed>) = 3 [pid 5133] chdir("./10" [pid 5073] <... close resumed>) = 0 [pid 5135] chdir("./8" [pid 5134] write(3, "1000", 4 [pid 5133] <... chdir resumed>) = 0 [pid 5132] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5127] close(4 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5135] <... chdir resumed>) = 0 [pid 5133] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5134] <... write resumed>) = 4 [pid 5134] close(3) = 0 [pid 5134] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5134] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5136 attached [pid 5135] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5134] <... memfd_create resumed>) = 3 [pid 5133] <... prctl resumed>) = 0 [pid 5136] set_robust_list(0x55555566a660, 24 [pid 5135] <... prctl resumed>) = 0 [pid 5134] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5133] setpgid(0, 0 [pid 5127] <... close resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5136 [pid 5136] <... set_robust_list resumed>) = 0 [pid 5135] setpgid(0, 0 [pid 5134] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5133] <... setpgid resumed>) = 0 [pid 5127] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5136] chdir("./9" [pid 5127] <... openat resumed>) = 3 [pid 5136] <... chdir resumed>) = 0 [pid 5135] <... setpgid resumed>) = 0 [pid 5133] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5127] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5136] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5135] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5133] <... openat resumed>) = 3 [pid 5127] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5136] setpgid(0, 0 [pid 5133] write(3, "1000", 4 [pid 5136] <... setpgid resumed>) = 0 [pid 5135] <... openat resumed>) = 3 [pid 5133] <... write resumed>) = 4 [pid 5132] <... write resumed>) = 524288 [pid 5127] exit_group(0 [pid 5136] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5135] write(3, "1000", 4 [pid 5133] close(3 [pid 5127] <... exit_group resumed>) = ? [pid 5136] <... openat resumed>) = 3 [pid 5135] <... write resumed>) = 4 [pid 5134] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5133] <... close resumed>) = 0 [pid 5132] munmap(0x7fa9f93fb000, 138412032 [pid 5127] +++ exited with 0 +++ [pid 5136] write(3, "1000", 4 [pid 5135] close(3 [pid 5133] symlink("/dev/binderfs", "./binderfs" [pid 5135] <... close resumed>) = 0 [pid 5135] symlink("/dev/binderfs", "./binderfs" [pid 5134] <... write resumed>) = 524288 [pid 5133] <... symlink resumed>) = 0 [pid 5132] <... munmap resumed>) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5127, si_uid=0, si_status=0, si_utime=0, si_stime=5 /* 0.05 s */} --- [pid 5136] <... write resumed>) = 4 [pid 5135] <... symlink resumed>) = 0 [pid 5136] close(3 [pid 5133] memfd_create("syzkaller", 0 [pid 5068] umount2("./7", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5136] <... close resumed>) = 0 [pid 5135] memfd_create("syzkaller", 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5136] symlink("/dev/binderfs", "./binderfs" [pid 5133] <... memfd_create resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./7", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5135] <... memfd_create resumed>) = 3 [pid 5068] <... openat resumed>) = 3 [pid 5136] <... symlink resumed>) = 0 [pid 5133] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5135] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5068] newfstatat(3, "", [pid 5136] memfd_create("syzkaller", 0 [pid 5135] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5133] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5133] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5132] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 4 [pid 5068] getdents64(3, [pid 5132] ioctl(4, LOOP_SET_FD, 3 [pid 5136] <... memfd_create resumed>) = 3 [pid 5135] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5134] munmap(0x7fa9f93fb000, 138412032 [pid 5133] <... write resumed>) = 524288 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5136] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5136] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5068] umount2("./7/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5134] <... munmap resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5134] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5068] newfstatat(AT_FDCWD, "./7/binderfs", [pid 5134] <... openat resumed>) = 4 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5134] ioctl(4, LOOP_SET_FD, 3 [pid 5068] unlink("./7/binderfs" [pid 5133] munmap(0x7fa9f93fb000, 138412032 [pid 5132] <... ioctl resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5068] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5133] <... munmap resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5136] <... write resumed>) = 524288 [pid 5132] close(3 [pid 5068] newfstatat(AT_FDCWD, "./7/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5132] <... close resumed>) = 0 [pid 5133] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5132] mkdir("./file0", 0777 [pid 5068] umount2("./7/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5133] <... openat resumed>) = 4 [pid 5133] ioctl(4, LOOP_SET_FD, 3 [pid 5132] <... mkdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./7/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5132] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5068] <... openat resumed>) = 4 [pid 5135] <... write resumed>) = 524288 [pid 5136] munmap(0x7fa9f93fb000, 138412032 [pid 5135] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, [pid 5135] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5134] <... ioctl resumed>) = 0 [pid 5133] <... ioctl resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5136] <... munmap resumed>) = 0 [pid 5135] <... openat resumed>) = 4 [pid 5134] close(3 [pid 5133] close(3 [pid 5068] getdents64(4, [pid 5136] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5134] <... close resumed>) = 0 [pid 5133] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5135] ioctl(4, LOOP_SET_FD, 3 [pid 5134] mkdir("./file0", 0777 [pid 5133] mkdir("./file0", 0777 [pid 5068] close(4 [pid 5136] <... openat resumed>) = 4 [ 60.923838][ T5132] loop3: detected capacity change from 0 to 1024 [ 60.935274][ T5134] loop4: detected capacity change from 0 to 1024 [ 60.950037][ T5133] loop1: detected capacity change from 0 to 1024 [ 60.964667][ T5135] loop2: detected capacity change from 0 to 1024 [pid 5136] ioctl(4, LOOP_SET_FD, 3 [pid 5135] <... ioctl resumed>) = 0 [pid 5134] <... mkdir resumed>) = 0 [pid 5133] <... mkdir resumed>) = 0 [pid 5132] <... mount resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5135] close(3 [pid 5134] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5133] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5132] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] rmdir("./7/file0" [pid 5136] <... ioctl resumed>) = 0 [pid 5135] <... close resumed>) = 0 [pid 5132] <... openat resumed>) = 3 [pid 5136] close(3 [pid 5132] chdir("./file0" [pid 5068] <... rmdir resumed>) = 0 [pid 5136] <... close resumed>) = 0 [pid 5135] mkdir("./file0", 0777 [pid 5133] <... mount resumed>) = 0 [pid 5132] <... chdir resumed>) = 0 [pid 5068] getdents64(3, [pid 5136] mkdir("./file0", 0777 [pid 5132] ioctl(4, LOOP_CLR_FD [pid 5136] <... mkdir resumed>) = 0 [pid 5135] <... mkdir resumed>) = 0 [pid 5133] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5132] <... ioctl resumed>) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5132] close(4 [pid 5068] close(3 [pid 5135] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5134] <... mount resumed>) = 0 [pid 5133] <... openat resumed>) = 3 [pid 5132] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5132] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5068] rmdir("./7" [pid 5134] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5133] chdir("./file0" [pid 5132] <... openat resumed>) = 4 [pid 5068] <... rmdir resumed>) = 0 [pid 5136] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5135] <... mount resumed>) = 0 [pid 5134] <... openat resumed>) = 3 [pid 5133] <... chdir resumed>) = 0 [pid 5132] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5068] mkdir("./8", 0777 [pid 5134] chdir("./file0" [pid 5133] ioctl(4, LOOP_CLR_FD [pid 5132] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... mkdir resumed>) = 0 [pid 5135] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5134] <... chdir resumed>) = 0 [pid 5133] <... ioctl resumed>) = 0 [pid 5132] exit_group(0 [pid 5135] <... openat resumed>) = 3 [pid 5133] close(4 [pid 5132] <... exit_group resumed>) = ? [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5136] <... mount resumed>) = 0 [pid 5134] ioctl(4, LOOP_CLR_FD [pid 5136] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5135] chdir("./file0" [pid 5134] <... ioctl resumed>) = 0 [pid 5133] <... close resumed>) = 0 [pid 5136] <... openat resumed>) = 3 [pid 5135] <... chdir resumed>) = 0 [pid 5134] close(4 [pid 5133] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5132] +++ exited with 0 +++ [pid 5068] <... openat resumed>) = 3 [pid 5136] chdir("./file0" [pid 5135] ioctl(4, LOOP_CLR_FD [pid 5134] <... close resumed>) = 0 [pid 5133] <... openat resumed>) = 4 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5132, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5136] <... chdir resumed>) = 0 [pid 5135] <... ioctl resumed>) = 0 [pid 5134] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5133] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5136] ioctl(4, LOOP_CLR_FD [pid 5135] close(4 [pid 5134] <... openat resumed>) = 4 [pid 5133] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5136] <... ioctl resumed>) = 0 [pid 5135] <... close resumed>) = 0 [pid 5133] exit_group(0 [pid 5068] close(3 [pid 5136] close(4 [pid 5135] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5134] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5136] <... close resumed>) = 0 [pid 5135] <... openat resumed>) = 4 [pid 5133] <... exit_group resumed>) = ? [pid 5068] <... close resumed>) = 0 [pid 5136] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5134] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5136] <... openat resumed>) = 4 [pid 5135] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5134] exit_group(0 [pid 5071] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5136] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5135] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5134] <... exit_group resumed>) = ? [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5137 attached [pid 5136] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5135] exit_group(0 [pid 5134] +++ exited with 0 +++ [pid 5133] +++ exited with 0 +++ [pid 5071] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5136] exit_group(0 [pid 5071] <... openat resumed>) = 3 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5133, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5137] set_robust_list(0x55555566a660, 24 [pid 5136] <... exit_group resumed>) = ? [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5134, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5071] newfstatat(3, "", [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5135] <... exit_group resumed>) = ? [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] getdents64(3, [pid 5137] <... set_robust_list resumed>) = 0 [pid 5136] +++ exited with 0 +++ [pid 5135] +++ exited with 0 +++ [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5137] chdir("./8" [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5136, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [ 60.970025][ T5136] loop5: detected capacity change from 0 to 1024 [pid 5071] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5137 [pid 5137] <... chdir resumed>) = 0 [pid 5072] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5135, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5137] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5070] restart_syscall(<... resuming interrupted clone ...> [pid 5069] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5137] <... prctl resumed>) = 0 [pid 5073] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... restart_syscall resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5137] setpgid(0, 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... openat resumed>) = 3 [pid 5071] unlink("./9/binderfs" [pid 5069] newfstatat(3, "", [pid 5137] <... setpgid resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] newfstatat(3, "", [pid 5071] <... unlink resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5137] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... openat resumed>) = 3 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(3, [pid 5137] <... openat resumed>) = 3 [pid 5073] newfstatat(3, "", [pid 5072] getdents64(3, [pid 5070] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5137] write(3, "1000", 4 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... umount2 resumed>) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] getdents64(3, [pid 5072] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5137] <... write resumed>) = 4 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5071] newfstatat(AT_FDCWD, "./9/file0", [pid 5070] <... openat resumed>) = 3 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5137] close(3 [pid 5073] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(3, "", [pid 5069] unlink("./10/binderfs" [pid 5137] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] unlink("./8/binderfs" [pid 5071] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5137] symlink("/dev/binderfs", "./binderfs" [pid 5073] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5137] <... symlink resumed>) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] getdents64(3, [pid 5137] memfd_create("syzkaller", 0 [pid 5073] unlink("./9/binderfs" [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... openat resumed>) = 4 [pid 5069] <... umount2 resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] close(4) = 0 [pid 5071] rmdir("./9/file0") = 0 [pid 5070] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] getdents64(3, [pid 5137] <... memfd_create resumed>) = 3 [pid 5073] <... unlink resumed>) = 0 [pid 5072] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./9") = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5073] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5137] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5070] unlink("./8/binderfs" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5137] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5071] mkdir("./10", 0777 [pid 5069] newfstatat(AT_FDCWD, "./10/file0", [pid 5072] newfstatat(4, "", [pid 5071] <... mkdir resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] getdents64(4, [pid 5069] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] getdents64(4, [pid 5071] <... openat resumed>) = 3 [pid 5069] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5069] <... openat resumed>) = 4 [pid 5137] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5072] close(4 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(4, "", [pid 5072] <... close resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] rmdir("./8/file0" [pid 5069] getdents64(4, [pid 5072] <... rmdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] close(3 [pid 5069] getdents64(4, [pid 5071] <... close resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] close(4 [pid 5072] getdents64(3, [pid 5069] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] rmdir("./10/file0"./strace-static-x86_64: Process 5138 attached [pid 5072] close(3 [pid 5069] <... rmdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5138] set_robust_list(0x55555566a660, 24 [pid 5072] rmdir("./8" [pid 5138] <... set_robust_list resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5138] chdir("./10" [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5138 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5138] <... chdir resumed>) = 0 [pid 5072] mkdir("./9", 0777 [pid 5069] close(3 [pid 5138] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5069] <... close resumed>) = 0 [pid 5138] setpgid(0, 0 [pid 5069] rmdir("./10" [pid 5138] <... setpgid resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5138] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5069] mkdir("./11", 0777 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5138] write(3, "1000", 4 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5138] <... write resumed>) = 4 [pid 5072] close(3 [pid 5069] <... mkdir resumed>) = 0 [pid 5138] close(3 [pid 5072] <... close resumed>) = 0 [pid 5138] <... close resumed>) = 0 [pid 5138] symlink("/dev/binderfs", "./binderfs" [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5138] <... symlink resumed>) = 0 [pid 5137] <... write resumed>) = 524288 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR./strace-static-x86_64: Process 5139 attached [pid 5138] memfd_create("syzkaller", 0 [pid 5139] set_robust_list(0x55555566a660, 24 [pid 5137] munmap(0x7fa9f93fb000, 138412032 [pid 5073] <... umount2 resumed>) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5139 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5139] <... set_robust_list resumed>) = 0 [pid 5138] <... memfd_create resumed>) = 3 [pid 5139] chdir("./9" [pid 5138] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5137] <... munmap resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5139] <... chdir resumed>) = 0 [pid 5138] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5139] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5137] <... openat resumed>) = 4 [pid 5070] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./8/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5137] ioctl(4, LOOP_SET_FD, 3 [pid 5070] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5139] <... prctl resumed>) = 0 [pid 5139] setpgid(0, 0 [pid 5138] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5069] close(3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5070] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(4, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] newfstatat(AT_FDCWD, "./9/file0", [pid 5070] getdents64(4, [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5139] <... setpgid resumed>) = 0 [pid 5073] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] close(4 [pid 5139] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... close resumed>) = 0 [pid 5070] rmdir("./8/file0" [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... rmdir resumed>) = 0 [pid 5070] getdents64(3, [pid 5073] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(3 [pid 5139] <... openat resumed>) = 3 [pid 5070] <... close resumed>) = 0 ./strace-static-x86_64: Process 5140 attached [pid 5070] rmdir("./8" [pid 5140] set_robust_list(0x55555566a660, 24 [pid 5139] write(3, "1000", 4 [pid 5073] <... openat resumed>) = 4 [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5140 [pid 5139] <... write resumed>) = 4 [pid 5140] <... set_robust_list resumed>) = 0 [pid 5073] newfstatat(4, "", [pid 5070] mkdir("./9", 0777 [pid 5140] chdir("./11" [pid 5139] close(3 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5140] <... chdir resumed>) = 0 [pid 5139] <... close resumed>) = 0 [pid 5073] getdents64(4, [pid 5140] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5139] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5140] <... prctl resumed>) = 0 [pid 5139] <... symlink resumed>) = 0 [pid 5073] getdents64(4, [pid 5140] setpgid(0, 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5140] <... setpgid resumed>) = 0 [pid 5073] close(4) = 0 [pid 5140] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] rmdir("./9/file0" [pid 5140] <... openat resumed>) = 3 [pid 5139] memfd_create("syzkaller", 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5139] <... memfd_create resumed>) = 3 [pid 5070] <... mkdir resumed>) = 0 [pid 5139] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5140] write(3, "1000", 4 [pid 5073] getdents64(3, [pid 5140] <... write resumed>) = 4 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5073] close(3 [pid 5070] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5073] rmdir("./9" [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5140] close(3 [pid 5073] <... rmdir resumed>) = 0 [pid 5070] close(3 [pid 5140] <... close resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5140] symlink("/dev/binderfs", "./binderfs" [pid 5139] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] mkdir("./10", 0777 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5141 attached [pid 5140] <... symlink resumed>) = 0 [pid 5139] <... write resumed>) = 524288 [pid 5137] <... ioctl resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5141] set_robust_list(0x55555566a660, 24 [pid 5140] memfd_create("syzkaller", 0 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5141 [pid 5141] <... set_robust_list resumed>) = 0 [pid 5137] close(3 [pid 5141] chdir("./9" [pid 5137] <... close resumed>) = 0 [pid 5141] <... chdir resumed>) = 0 [pid 5137] mkdir("./file0", 0777 [pid 5141] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5137] <... mkdir resumed>) = 0 [pid 5141] <... prctl resumed>) = 0 [pid 5141] setpgid(0, 0) = 0 [pid 5141] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5137] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5073] <... openat resumed>) = 3 [pid 5138] <... write resumed>) = 524288 [pid 5141] <... openat resumed>) = 3 [pid 5140] <... memfd_create resumed>) = 3 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5141] write(3, "1000", 4 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5141] <... write resumed>) = 4 [pid 5073] close(3 [pid 5141] close(3 [pid 5073] <... close resumed>) = 0 [pid 5141] <... close resumed>) = 0 [pid 5139] munmap(0x7fa9f93fb000, 138412032 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5141] symlink("/dev/binderfs", "./binderfs" [pid 5139] <... munmap resumed>) = 0 [pid 5141] <... symlink resumed>) = 0 [pid 5141] memfd_create("syzkaller", 0 [pid 5140] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0./strace-static-x86_64: Process 5142 attached [pid 5141] <... memfd_create resumed>) = 3 [pid 5139] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5142 [pid 5142] set_robust_list(0x55555566a660, 24 [pid 5141] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5142] <... set_robust_list resumed>) = 0 [pid 5140] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5139] <... openat resumed>) = 4 [pid 5138] munmap(0x7fa9f93fb000, 138412032 [pid 5141] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5142] chdir("./10" [pid 5140] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5139] ioctl(4, LOOP_SET_FD, 3 [pid 5138] <... munmap resumed>) = 0 [ 61.082589][ T5137] loop0: detected capacity change from 0 to 1024 [pid 5142] <... chdir resumed>) = 0 [pid 5138] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5142] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5142] setpgid(0, 0) = 0 [pid 5142] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5141] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288) = 524288 [pid 5140] <... write resumed>) = 524288 [pid 5138] <... openat resumed>) = 4 [pid 5142] write(3, "1000", 4) = 4 [pid 5142] close(3) = 0 [pid 5138] ioctl(4, LOOP_SET_FD, 3 [pid 5142] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5142] memfd_create("syzkaller", 0 [pid 5137] <... mount resumed>) = 0 [pid 5142] <... memfd_create resumed>) = 3 [pid 5141] munmap(0x7fa9f93fb000, 138412032 [pid 5137] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5142] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5141] <... munmap resumed>) = 0 [pid 5137] <... openat resumed>) = 3 [pid 5142] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5137] chdir("./file0") = 0 [pid 5142] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5137] ioctl(4, LOOP_CLR_FD [pid 5141] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5137] <... ioctl resumed>) = 0 [pid 5141] <... openat resumed>) = 4 [pid 5137] close(4 [pid 5141] ioctl(4, LOOP_SET_FD, 3 [pid 5137] <... close resumed>) = 0 [pid 5140] munmap(0x7fa9f93fb000, 138412032 [pid 5139] <... ioctl resumed>) = 0 [pid 5138] <... ioctl resumed>) = 0 [pid 5137] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5139] close(3) = 0 [pid 5139] mkdir("./file0", 0777 [pid 5140] <... munmap resumed>) = 0 [pid 5139] <... mkdir resumed>) = 0 [pid 5138] close(3 [pid 5142] <... write resumed>) = 524288 [pid 5140] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5139] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5138] <... close resumed>) = 0 [pid 5137] <... openat resumed>) = 4 [pid 5138] mkdir("./file0", 0777 [pid 5140] <... openat resumed>) = 4 [pid 5140] ioctl(4, LOOP_SET_FD, 3 [pid 5138] <... mkdir resumed>) = 0 [pid 5137] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5142] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5142] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5142] ioctl(4, LOOP_SET_FD, 3 [pid 5138] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5141] <... ioctl resumed>) = 0 [pid 5141] close(3) = 0 [pid 5141] mkdir("./file0", 0777) = 0 [pid 5141] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5142] <... ioctl resumed>) = 0 [pid 5142] close(3) = 0 [pid 5142] mkdir("./file0", 0777) = 0 [pid 5142] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5141] <... mount resumed>) = 0 [pid 5140] <... ioctl resumed>) = 0 [pid 5139] <... mount resumed>) = 0 [pid 5138] <... mount resumed>) = 0 [pid 5140] close(3 [pid 5139] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5141] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5139] <... openat resumed>) = 3 [pid 5140] <... close resumed>) = 0 [pid 5138] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5141] <... openat resumed>) = 3 [pid 5140] mkdir("./file0", 0777 [pid 5139] chdir("./file0" [pid 5138] <... openat resumed>) = 3 [pid 5141] chdir("./file0" [pid 5139] <... chdir resumed>) = 0 [pid 5141] <... chdir resumed>) = 0 [pid 5139] ioctl(4, LOOP_CLR_FD [pid 5141] ioctl(4, LOOP_CLR_FD [pid 5140] <... mkdir resumed>) = 0 [pid 5139] <... ioctl resumed>) = 0 [pid 5138] chdir("./file0" [pid 5141] <... ioctl resumed>) = 0 [pid 5139] close(4 [pid 5138] <... chdir resumed>) = 0 [pid 5141] close(4 [pid 5139] <... close resumed>) = 0 [pid 5138] ioctl(4, LOOP_CLR_FD [pid 5141] <... close resumed>) = 0 [pid 5139] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5137] <... ioctl resumed>) = 0 [pid 5141] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5140] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5139] <... openat resumed>) = 4 [pid 5138] <... ioctl resumed>) = 0 [pid 5137] exit_group(0 [pid 5141] <... openat resumed>) = 4 [pid 5139] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5137] <... exit_group resumed>) = ? [pid 5141] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5139] <... ioctl resumed>) = 0 [pid 5138] close(4 [pid 5137] +++ exited with 0 +++ [pid 5141] <... ioctl resumed>) = 0 [pid 5139] exit_group(0 [pid 5141] exit_group(0 [pid 5139] <... exit_group resumed>) = ? [pid 5138] <... close resumed>) = 0 [pid 5141] <... exit_group resumed>) = ? [pid 5139] +++ exited with 0 +++ [pid 5138] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5137, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5142] <... mount resumed>) = 0 [pid 5141] +++ exited with 0 +++ [pid 5140] <... mount resumed>) = 0 [pid 5068] umount2("./8", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] <... openat resumed>) = 3 [pid 5140] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5139, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5141, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] openat(AT_FDCWD, "./8", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5142] chdir("./file0" [pid 5140] <... openat resumed>) = 3 [pid 5070] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... openat resumed>) = 3 [pid 5142] <... chdir resumed>) = 0 [pid 5070] <... restart_syscall resumed>) = 0 [pid 5068] newfstatat(3, "", [pid 5142] ioctl(4, LOOP_CLR_FD [pid 5140] chdir("./file0" [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5142] <... ioctl resumed>) = 0 [ 61.124393][ T5139] loop4: detected capacity change from 0 to 1024 [ 61.138888][ T5138] loop3: detected capacity change from 0 to 1024 [ 61.145130][ T5141] loop2: detected capacity change from 0 to 1024 [ 61.161615][ T5142] loop5: detected capacity change from 0 to 1024 [ 61.162230][ T5140] loop1: detected capacity change from 0 to 1024 [pid 5072] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5142] close(4 [pid 5140] <... chdir resumed>) = 0 [pid 5138] <... openat resumed>) = 4 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] <... close resumed>) = 0 [pid 5140] ioctl(4, LOOP_CLR_FD [pid 5138] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5072] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5140] <... ioctl resumed>) = 0 [pid 5138] <... ioctl resumed>) = 0 [pid 5070] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5142] <... openat resumed>) = 4 [pid 5140] close(4 [pid 5138] exit_group(0 [pid 5072] <... openat resumed>) = 3 [pid 5070] <... openat resumed>) = 3 [pid 5068] umount2("./8/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5142] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5138] <... exit_group resumed>) = ? [pid 5072] newfstatat(3, "", [pid 5070] newfstatat(3, "", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5142] <... ioctl resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] newfstatat(AT_FDCWD, "./8/binderfs", [pid 5142] exit_group(0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] getdents64(3, [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5142] <... exit_group resumed>) = ? [pid 5138] +++ exited with 0 +++ [pid 5140] <... close resumed>) = 0 [pid 5072] getdents64(3, [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] unlink("./8/binderfs" [pid 5142] +++ exited with 0 +++ [pid 5140] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... unlink resumed>) = 0 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5142, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5138, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5140] <... openat resumed>) = 4 [pid 5072] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5070] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5068] <... umount2 resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... restart_syscall resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] unlink("./9/binderfs" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5070] <... unlink resumed>) = 0 [pid 5068] newfstatat(AT_FDCWD, "./8/file0", [pid 5071] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5140] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5072] unlink("./9/binderfs" [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5140] <... ioctl resumed>) = 0 [pid 5073] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... umount2 resumed>) = 0 [pid 5068] umount2("./8/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... openat resumed>) = 3 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... openat resumed>) = 3 [pid 5071] newfstatat(3, "", [pid 5073] newfstatat(3, "", [pid 5068] openat(AT_FDCWD, "./8/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5140] exit_group(0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] <... unlink resumed>) = 0 [pid 5071] getdents64(3, [pid 5068] <... openat resumed>) = 4 [pid 5073] getdents64(3, [pid 5140] <... exit_group resumed>) = ? [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] newfstatat(4, "", [pid 5073] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./9/file0", [pid 5140] +++ exited with 0 +++ [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5068] getdents64(4, [pid 5073] unlink("./10/binderfs" [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5140, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5069] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] newfstatat(3, "", [pid 5071] unlink("./10/binderfs" [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, [pid 5073] <... unlink resumed>) = 0 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... unlink resumed>) = 0 [pid 5069] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(AT_FDCWD, "./11/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... umount2 resumed>) = 0 [pid 5069] unlink("./11/binderfs") = 0 [pid 5069] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5072] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] close(4) = 0 [pid 5072] rmdir("./9/file0") = 0 [pid 5072] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] close(3) = 0 [pid 5072] rmdir("./9") = 0 [pid 5072] mkdir("./10", 0777) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... openat resumed>) = 3 [pid 5068] getdents64(4, [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] close(3) = 0 [pid 5070] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... openat resumed>) = 4 [pid 5068] close(4 [pid 5070] newfstatat(4, "", [pid 5068] <... close resumed>) = 0 ./strace-static-x86_64: Process 5143 attached [pid 5143] set_robust_list(0x55555566a660, 24) = 0 [pid 5143] chdir("./10" [pid 5071] <... umount2 resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] rmdir("./8/file0" [pid 5143] <... chdir resumed>) = 0 [pid 5143] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5143 [pid 5143] <... prctl resumed>) = 0 [pid 5070] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5143] setpgid(0, 0 [pid 5070] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5143] <... setpgid resumed>) = 0 [pid 5070] close(4 [pid 5143] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5070] <... close resumed>) = 0 [pid 5070] rmdir("./9/file0" [pid 5068] getdents64(3, [pid 5143] <... openat resumed>) = 3 [pid 5143] write(3, "1000", 4 [pid 5070] <... rmdir resumed>) = 0 [pid 5143] <... write resumed>) = 4 [pid 5143] close(3) = 0 [pid 5143] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5070] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5143] memfd_create("syzkaller", 0) = 3 [pid 5143] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5073] <... umount2 resumed>) = 0 [pid 5070] close(3 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5143] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] rmdir("./9" [pid 5071] newfstatat(AT_FDCWD, "./10/file0", [pid 5069] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... rmdir resumed>) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] rmdir("./8" [pid 5073] newfstatat(AT_FDCWD, "./10/file0", [pid 5071] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] mkdir("./10", 0777 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... mkdir resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./11/file0", [pid 5068] <... rmdir resumed>) = 0 [pid 5143] <... write resumed>) = 524288 [pid 5143] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5143] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 4 [pid 5073] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] mkdir("./9", 0777 [pid 5143] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... openat resumed>) = 3 [pid 5069] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... mkdir resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... openat resumed>) = 4 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5073] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5071] newfstatat(4, "", [pid 5073] newfstatat(4, "", [pid 5069] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 3 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] close(3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5071] getdents64(4, [pid 5070] <... close resumed>) = 0 [pid 5073] getdents64(4, [pid 5069] <... openat resumed>) = 4 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] close(3 [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] newfstatat(4, "", [pid 5068] <... close resumed>) = 0 [pid 5073] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5143] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5144 attached [pid 5144] set_robust_list(0x55555566a660, 24./strace-static-x86_64: Process 5145 attached ) = 0 [pid 5073] close(4 [pid 5071] getdents64(4, [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5144 [pid 5069] getdents64(4, [pid 5145] set_robust_list(0x55555566a660, 24 [pid 5144] chdir("./10" [pid 5143] close(3 [pid 5073] <... close resumed>) = 0 [pid 5145] <... set_robust_list resumed>) = 0 [pid 5144] <... chdir resumed>) = 0 [pid 5073] rmdir("./10/file0" [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5145 [pid 5145] chdir("./9" [pid 5144] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5143] <... close resumed>) = 0 [pid 5069] getdents64(4, [pid 5145] <... chdir resumed>) = 0 [pid 5144] <... prctl resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5071] close(4 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5145] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5073] getdents64(3, [pid 5145] <... prctl resumed>) = 0 [pid 5144] setpgid(0, 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] <... close resumed>) = 0 [pid 5069] close(4 [pid 5145] setpgid(0, 0 [pid 5144] <... setpgid resumed>) = 0 [pid 5143] mkdir("./file0", 0777 [pid 5145] <... setpgid resumed>) = 0 [pid 5144] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5143] <... mkdir resumed>) = 0 [pid 5073] close(3 [pid 5071] rmdir("./10/file0" [pid 5069] <... close resumed>) = 0 [pid 5145] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5144] <... openat resumed>) = 3 [pid 5073] <... close resumed>) = 0 [pid 5143] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] <... rmdir resumed>) = 0 [pid 5069] rmdir("./11/file0" [pid 5145] <... openat resumed>) = 3 [pid 5073] rmdir("./10" [pid 5071] getdents64(3, [pid 5069] <... rmdir resumed>) = 0 [pid 5145] write(3, "1000", 4 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5145] <... write resumed>) = 4 [pid 5069] getdents64(3, [pid 5144] write(3, "1000", 4 [pid 5145] close(3 [pid 5073] <... rmdir resumed>) = 0 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5145] <... close resumed>) = 0 [pid 5073] mkdir("./11", 0777 [pid 5071] close(3 [pid 5069] close(3 [pid 5145] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5144] <... write resumed>) = 4 [pid 5143] <... mount resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5143] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] rmdir("./10" [pid 5069] rmdir("./11" [pid 5145] memfd_create("syzkaller", 0 [pid 5143] <... openat resumed>) = 3 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5144] close(3 [pid 5143] chdir("./file0" [pid 5069] <... rmdir resumed>) = 0 [pid 5145] <... memfd_create resumed>) = 3 [pid 5143] <... chdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5144] <... close resumed>) = 0 [pid 5143] ioctl(4, LOOP_CLR_FD [pid 5144] symlink("/dev/binderfs", "./binderfs" [pid 5143] <... ioctl resumed>) = 0 [pid 5144] <... symlink resumed>) = 0 [pid 5143] close(4 [pid 5071] <... rmdir resumed>) = 0 [pid 5144] memfd_create("syzkaller", 0 [pid 5143] <... close resumed>) = 0 [pid 5069] mkdir("./12", 0777 [pid 5145] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5144] <... memfd_create resumed>) = 3 [pid 5143] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5145] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5144] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5143] <... openat resumed>) = 4 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] mkdir("./11", 0777 [pid 5069] <... mkdir resumed>) = 0 [pid 5144] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5143] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5144] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5143] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... mkdir resumed>) = 0 [pid 5145] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] close(3 [ 61.327215][ T5143] loop4: detected capacity change from 0 to 1024 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5143] exit_group(0) = ? [pid 5143] +++ exited with 0 +++ [pid 5073] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5143, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] close(3 [pid 5072] newfstatat(3, "", [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5146 attached [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5146] set_robust_list(0x55555566a660, 24 [pid 5072] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5146] <... set_robust_list resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5146] chdir("./11" [pid 5144] <... write resumed>) = 524288 [pid 5072] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5146 ./strace-static-x86_64: Process 5147 attached [pid 5146] <... chdir resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5147] set_robust_list(0x55555566a660, 24 [pid 5146] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] unlink("./10/binderfs" [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5147 [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5146] <... prctl resumed>) = 0 [pid 5071] close(3 [pid 5146] setpgid(0, 0) = 0 [pid 5147] <... set_robust_list resumed>) = 0 [pid 5146] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5147] chdir("./12" [pid 5072] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5147] <... chdir resumed>) = 0 [pid 5146] <... openat resumed>) = 3 [pid 5147] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5146] write(3, "1000", 4 [pid 5147] <... prctl resumed>) = 0 [pid 5146] <... write resumed>) = 4 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5148 [pid 5147] setpgid(0, 0 [pid 5146] close(3) = 0 [pid 5146] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5146] memfd_create("syzkaller", 0./strace-static-x86_64: Process 5148 attached [pid 5147] <... setpgid resumed>) = 0 [pid 5148] set_robust_list(0x55555566a660, 24 [pid 5147] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5146] <... memfd_create resumed>) = 3 [pid 5144] munmap(0x7fa9f93fb000, 138412032 [pid 5148] <... set_robust_list resumed>) = 0 [pid 5147] <... openat resumed>) = 3 [pid 5146] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5145] <... write resumed>) = 524288 [pid 5144] <... munmap resumed>) = 0 [pid 5148] chdir("./11" [pid 5147] write(3, "1000", 4 [pid 5146] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5145] munmap(0x7fa9f93fb000, 138412032 [pid 5144] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5072] <... umount2 resumed>) = 0 [pid 5148] <... chdir resumed>) = 0 [pid 5147] <... write resumed>) = 4 [pid 5145] <... munmap resumed>) = 0 [pid 5144] <... openat resumed>) = 4 [pid 5072] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5147] close(3 [pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5144] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] <... prctl resumed>) = 0 [pid 5148] setpgid(0, 0 [pid 5147] <... close resumed>) = 0 [pid 5146] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5145] <... openat resumed>) = 4 [pid 5072] newfstatat(AT_FDCWD, "./10/file0", [pid 5148] <... setpgid resumed>) = 0 [pid 5147] symlink("/dev/binderfs", "./binderfs" [pid 5145] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5148] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5147] <... symlink resumed>) = 0 [pid 5072] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5148] <... openat resumed>) = 3 [pid 5147] memfd_create("syzkaller", 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5148] write(3, "1000", 4 [pid 5147] <... memfd_create resumed>) = 3 [pid 5146] <... write resumed>) = 524288 [pid 5072] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5148] <... write resumed>) = 4 [pid 5147] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5072] <... openat resumed>) = 4 [pid 5072] newfstatat(4, "", [pid 5148] close(3 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, [pid 5148] <... close resumed>) = 0 [pid 5148] symlink("/dev/binderfs", "./binderfs" [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] close(4) = 0 [pid 5072] rmdir("./10/file0" [pid 5147] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5072] <... rmdir resumed>) = 0 [pid 5148] <... symlink resumed>) = 0 [pid 5072] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5146] munmap(0x7fa9f93fb000, 138412032 [pid 5072] close(3 [pid 5146] <... munmap resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5148] memfd_create("syzkaller", 0) = 3 [pid 5147] <... write resumed>) = 524288 [pid 5146] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5072] rmdir("./10" [pid 5148] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5145] <... ioctl resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5145] close(3 [pid 5146] <... openat resumed>) = 4 [pid 5145] <... close resumed>) = 0 [pid 5072] mkdir("./11", 0777 [pid 5145] mkdir("./file0", 0777 [pid 5146] ioctl(4, LOOP_SET_FD, 3 [pid 5145] <... mkdir resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5148] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5146] <... ioctl resumed>) = 0 [pid 5145] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5144] <... ioctl resumed>) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5144] close(3 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5144] <... close resumed>) = 0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5144] mkdir("./file0", 0777 [pid 5072] close(3 [pid 5144] <... mkdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5144] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5149 attached [pid 5148] <... write resumed>) = 524288 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5149 [pid 5149] set_robust_list(0x55555566a660, 24 [pid 5148] munmap(0x7fa9f93fb000, 138412032 [pid 5147] munmap(0x7fa9f93fb000, 138412032 [pid 5149] <... set_robust_list resumed>) = 0 [pid 5148] <... munmap resumed>) = 0 [pid 5147] <... munmap resumed>) = 0 [pid 5145] <... mount resumed>) = 0 [pid 5149] chdir("./11" [pid 5148] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5145] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5144] <... mount resumed>) = 0 [pid 5149] <... chdir resumed>) = 0 [pid 5149] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5148] <... openat resumed>) = 4 [pid 5147] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5145] <... openat resumed>) = 3 [pid 5144] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5149] <... prctl resumed>) = 0 [ 61.445864][ T5144] loop2: detected capacity change from 0 to 1024 [ 61.449578][ T5145] loop0: detected capacity change from 0 to 1024 [ 61.483874][ T5146] loop5: detected capacity change from 0 to 1024 [pid 5148] ioctl(4, LOOP_SET_FD, 3 [pid 5149] setpgid(0, 0 [pid 5147] <... openat resumed>) = 4 [pid 5144] <... openat resumed>) = 3 [pid 5147] ioctl(4, LOOP_SET_FD, 3 [pid 5144] chdir("./file0" [pid 5149] <... setpgid resumed>) = 0 [pid 5145] chdir("./file0" [pid 5144] <... chdir resumed>) = 0 [pid 5149] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5148] <... ioctl resumed>) = 0 [pid 5145] <... chdir resumed>) = 0 [pid 5149] <... openat resumed>) = 3 [pid 5148] close(3 [pid 5145] ioctl(4, LOOP_CLR_FD [pid 5149] write(3, "1000", 4 [pid 5148] <... close resumed>) = 0 [pid 5149] <... write resumed>) = 4 [pid 5145] <... ioctl resumed>) = 0 [pid 5148] mkdir("./file0", 0777 [pid 5144] ioctl(4, LOOP_CLR_FD [pid 5148] <... mkdir resumed>) = 0 [pid 5145] close(4 [pid 5144] <... ioctl resumed>) = 0 [pid 5145] <... close resumed>) = 0 [pid 5146] close(3 [pid 5144] close(4 [pid 5146] <... close resumed>) = 0 [pid 5144] <... close resumed>) = 0 [pid 5145] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5146] mkdir("./file0", 0777 [pid 5145] <... openat resumed>) = 4 [pid 5144] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5148] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5146] <... mkdir resumed>) = 0 [pid 5145] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5144] <... openat resumed>) = 4 [pid 5149] close(3 [pid 5146] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5144] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5149] <... close resumed>) = 0 [pid 5147] <... ioctl resumed>) = 0 [pid 5149] symlink("/dev/binderfs", "./binderfs" [pid 5148] <... mount resumed>) = 0 [pid 5146] <... mount resumed>) = 0 [pid 5148] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5146] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5148] <... openat resumed>) = 3 [pid 5146] <... openat resumed>) = 3 [pid 5148] chdir("./file0" [pid 5147] close(3 [pid 5146] chdir("./file0" [pid 5149] <... symlink resumed>) = 0 [pid 5148] <... chdir resumed>) = 0 [pid 5147] <... close resumed>) = 0 [pid 5146] <... chdir resumed>) = 0 [pid 5148] ioctl(4, LOOP_CLR_FD [pid 5147] mkdir("./file0", 0777 [pid 5148] <... ioctl resumed>) = 0 [pid 5146] ioctl(4, LOOP_CLR_FD [pid 5148] close(4 [pid 5149] memfd_create("syzkaller", 0 [pid 5148] <... close resumed>) = 0 [pid 5147] <... mkdir resumed>) = 0 [pid 5146] <... ioctl resumed>) = 0 [pid 5149] <... memfd_create resumed>) = 3 [pid 5148] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5147] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5146] close(4 [pid 5149] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5148] <... openat resumed>) = 4 [pid 5146] <... close resumed>) = 0 [pid 5149] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5146] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5149] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5146] <... openat resumed>) = 4 [ 61.504340][ T5148] loop3: detected capacity change from 0 to 1024 [ 61.507682][ T5147] loop1: detected capacity change from 0 to 1024 [pid 5146] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5149] <... write resumed>) = 524288 [pid 5148] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5147] <... mount resumed>) = 0 [pid 5146] <... ioctl resumed>) = 0 [pid 5145] <... ioctl resumed>) = 0 [pid 5144] <... ioctl resumed>) = 0 [pid 5148] <... ioctl resumed>) = 0 [pid 5147] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5146] exit_group(0 [pid 5144] exit_group(0 [pid 5148] exit_group(0 [pid 5146] <... exit_group resumed>) = ? [pid 5144] <... exit_group resumed>) = ? [pid 5149] munmap(0x7fa9f93fb000, 138412032 [pid 5148] <... exit_group resumed>) = ? [pid 5147] <... openat resumed>) = 3 [pid 5146] +++ exited with 0 +++ [pid 5145] exit_group(0 [pid 5144] +++ exited with 0 +++ [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5144, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5148] +++ exited with 0 +++ [pid 5147] chdir("./file0" [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5146, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5148, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5149] <... munmap resumed>) = 0 [pid 5073] <... restart_syscall resumed>) = 0 [pid 5147] <... chdir resumed>) = 0 [pid 5145] <... exit_group resumed>) = ? [pid 5071] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5147] ioctl(4, LOOP_CLR_FD [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5147] <... ioctl resumed>) = 0 [pid 5145] +++ exited with 0 +++ [pid 5071] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5147] close(4 [pid 5073] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5149] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5147] <... close resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... openat resumed>) = 3 [pid 5070] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5145, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5149] <... openat resumed>) = 4 [pid 5147] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5073] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] newfstatat(3, "", [pid 5068] umount2("./9", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5149] ioctl(4, LOOP_SET_FD, 3 [pid 5147] <... openat resumed>) = 4 [pid 5073] <... openat resumed>) = 3 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5147] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] getdents64(3, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(3, "", [pid 5147] <... ioctl resumed>) = 0 [pid 5073] newfstatat(3, "", [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] openat(AT_FDCWD, "./9", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5147] exit_group(0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5147] <... exit_group resumed>) = ? [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(3, [pid 5068] <... openat resumed>) = 3 [pid 5073] getdents64(3, [pid 5068] newfstatat(3, "", [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(3, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5071] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5068] umount2("./9/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5071] unlink("./11/binderfs" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5068] newfstatat(AT_FDCWD, "./9/binderfs", [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5147] +++ exited with 0 +++ [pid 5073] unlink("./11/binderfs" [pid 5071] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] unlink("./10/binderfs" [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] <... unlink resumed>) = 0 [pid 5068] unlink("./9/binderfs" [pid 5073] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... unlink resumed>) = 0 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5147, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5068] <... unlink resumed>) = 0 [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5149] <... ioctl resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5070] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... restart_syscall resumed>) = 0 [pid 5068] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5149] close(3) = 0 [pid 5149] mkdir("./file0", 0777 [pid 5071] <... umount2 resumed>) = 0 [pid 5073] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = 0 [pid 5069] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5149] <... mkdir resumed>) = 0 [pid 5073] newfstatat(AT_FDCWD, "./11/file0", [pid 5071] newfstatat(AT_FDCWD, "./11/file0", [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5149] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... openat resumed>) = 3 [pid 5073] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(3, "", [pid 5149] <... mount resumed>) = 0 [pid 5149] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5149] chdir("./file0") = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5149] ioctl(4, LOOP_CLR_FD) = 0 [ 61.604649][ T5149] loop4: detected capacity change from 0 to 1024 [pid 5149] close(4) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... openat resumed>) = 4 [pid 5149] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5073] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./9/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./9/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5149] <... openat resumed>) = 4 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./9/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] newfstatat(AT_FDCWD, "./10/file0", [pid 5068] <... openat resumed>) = 4 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] newfstatat(4, "", [pid 5070] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5071] newfstatat(4, "", [pid 5069] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5149] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(4, [pid 5149] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5149] exit_group(0 [pid 5073] newfstatat(4, "", [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... openat resumed>) = 4 [pid 5069] unlink("./12/binderfs" [pid 5068] getdents64(4, [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] getdents64(4, [pid 5149] <... exit_group resumed>) = ? [pid 5070] newfstatat(4, "", [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5149] +++ exited with 0 +++ [pid 5073] getdents64(4, [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5068] close(4 [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] getdents64(4, [pid 5070] getdents64(4, [pid 5069] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5149, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] rmdir("./9/file0" [pid 5072] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] close(4 [pid 5070] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] getdents64(3, [pid 5073] close(4 [pid 5072] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] rmdir("./11/file0" [pid 5070] close(4 [pid 5073] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5073] rmdir("./11/file0" [pid 5072] newfstatat(3, "", [pid 5071] getdents64(3, [pid 5070] rmdir("./10/file0" [pid 5068] close(3 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5072] getdents64(3, [pid 5068] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] getdents64(3, [pid 5072] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./9" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5072] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5070] close(3 [pid 5068] mkdir("./10", 0777 [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... close resumed>) = 0 [pid 5068] <... mkdir resumed>) = 0 [pid 5072] unlink("./11/binderfs") = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] rmdir("./10" [pid 5068] <... openat resumed>) = 3 [pid 5073] <... rmdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5073] getdents64(3, [pid 5072] <... umount2 resumed>) = 0 [pid 5071] close(3 [pid 5070] mkdir("./11", 0777 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5073] close(3 [pid 5071] <... close resumed>) = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] rmdir("./11" [pid 5073] <... close resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5068] close(3 [pid 5072] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5073] rmdir("./11" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... rmdir resumed>) = 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] newfstatat(AT_FDCWD, "./11/file0", [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] close(3 [pid 5072] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... close resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] <... rmdir resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] mkdir("./12", 0777 [pid 5073] mkdir("./12", 0777 [pid 5069] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5151 attached [pid 5072] <... openat resumed>) = 4 [pid 5151] set_robust_list(0x55555566a660, 24 [pid 5072] newfstatat(4, "", [pid 5151] <... set_robust_list resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5151] chdir("./11" [pid 5072] getdents64(4, [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5150 [pid 5151] <... chdir resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5151] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] getdents64(4, [pid 5151] <... prctl resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5150 attached [pid 5151] setpgid(0, 0 [pid 5072] close(4 [pid 5150] set_robust_list(0x55555566a660, 24 [pid 5151] <... setpgid resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5151 [pid 5150] <... set_robust_list resumed>) = 0 [pid 5151] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] rmdir("./11/file0") = 0 [pid 5150] chdir("./10" [pid 5151] <... openat resumed>) = 3 [pid 5072] getdents64(3, [pid 5150] <... chdir resumed>) = 0 [pid 5151] write(3, "1000", 4 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5151] <... write resumed>) = 4 [pid 5151] close(3 [pid 5072] close(3 [pid 5151] <... close resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5150] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5151] symlink("/dev/binderfs", "./binderfs" [pid 5072] rmdir("./11" [pid 5150] <... prctl resumed>) = 0 [pid 5151] <... symlink resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5150] setpgid(0, 0) = 0 [pid 5150] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5151] memfd_create("syzkaller", 0 [pid 5150] <... openat resumed>) = 3 [pid 5151] <... memfd_create resumed>) = 3 [pid 5072] mkdir("./12", 0777 [pid 5071] <... mkdir resumed>) = 0 [pid 5150] write(3, "1000", 4 [pid 5151] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5150] <... write resumed>) = 4 [pid 5151] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5069] newfstatat(AT_FDCWD, "./12/file0", [pid 5150] close(3 [pid 5073] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5150] <... close resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5150] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] <... openat resumed>) = 3 [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] close(3 [pid 5150] <... symlink resumed>) = 0 [pid 5073] close(3 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5071] <... close resumed>) = 0 [pid 5069] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... close resumed>) = 0 [pid 5072] <... ioctl resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] close(3 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... close resumed>) = 0 [pid 5150] memfd_create("syzkaller", 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5150] <... memfd_create resumed>) = 3 [pid 5150] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5150] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5151] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5152 [pid 5069] <... openat resumed>) = 4 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5154 ./strace-static-x86_64: Process 5154 attached ./strace-static-x86_64: Process 5153 attached ./strace-static-x86_64: Process 5152 attached [pid 5069] newfstatat(4, "", [pid 5152] set_robust_list(0x55555566a660, 24 [pid 5153] set_robust_list(0x55555566a660, 24 [pid 5152] <... set_robust_list resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5154] set_robust_list(0x55555566a660, 24 [pid 5153] <... set_robust_list resumed>) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5153 [pid 5152] chdir("./12" [pid 5154] <... set_robust_list resumed>) = 0 [pid 5069] getdents64(4, [pid 5153] chdir("./12") = 0 [pid 5153] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5154] chdir("./12" [pid 5153] <... prctl resumed>) = 0 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5154] <... chdir resumed>) = 0 [pid 5153] setpgid(0, 0 [pid 5069] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5154] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] close(4 [pid 5153] <... setpgid resumed>) = 0 [pid 5153] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5152] <... chdir resumed>) = 0 [pid 5150] <... write resumed>) = 524288 [pid 5069] <... close resumed>) = 0 [pid 5154] <... prctl resumed>) = 0 [pid 5152] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] rmdir("./12/file0" [pid 5153] <... openat resumed>) = 3 [pid 5153] write(3, "1000", 4) = 4 [pid 5153] close(3) = 0 [pid 5153] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5153] memfd_create("syzkaller", 0 [pid 5151] <... write resumed>) = 524288 [pid 5154] setpgid(0, 0 [pid 5153] <... memfd_create resumed>) = 3 [pid 5152] <... prctl resumed>) = 0 [pid 5150] munmap(0x7fa9f93fb000, 138412032 [pid 5151] munmap(0x7fa9f93fb000, 138412032 [pid 5069] <... rmdir resumed>) = 0 [pid 5154] <... setpgid resumed>) = 0 [pid 5153] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5152] setpgid(0, 0 [pid 5150] <... munmap resumed>) = 0 [pid 5151] <... munmap resumed>) = 0 [pid 5069] getdents64(3, [pid 5154] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5153] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5152] <... setpgid resumed>) = 0 [pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5151] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5154] <... openat resumed>) = 3 [pid 5152] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5150] <... openat resumed>) = 4 [pid 5069] close(3 [pid 5150] ioctl(4, LOOP_SET_FD, 3 [pid 5151] <... openat resumed>) = 4 [pid 5153] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5152] <... openat resumed>) = 3 [pid 5154] write(3, "1000", 4 [pid 5069] <... close resumed>) = 0 [pid 5154] <... write resumed>) = 4 [pid 5152] write(3, "1000", 4 [pid 5069] rmdir("./12" [pid 5152] <... write resumed>) = 4 [pid 5151] ioctl(4, LOOP_SET_FD, 3 [pid 5154] close(3 [pid 5152] close(3 [pid 5069] <... rmdir resumed>) = 0 [pid 5154] <... close resumed>) = 0 [pid 5152] <... close resumed>) = 0 [pid 5069] mkdir("./13", 0777 [pid 5152] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5152] memfd_create("syzkaller", 0 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5152] <... memfd_create resumed>) = 3 [pid 5152] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5069] <... openat resumed>) = 3 [pid 5152] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5069] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5153] <... write resumed>) = 524288 [pid 5069] close(3 [pid 5152] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5069] <... close resumed>) = 0 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5153] munmap(0x7fa9f93fb000, 138412032) = 0 ./strace-static-x86_64: Process 5155 attached [pid 5154] symlink("/dev/binderfs", "./binderfs" [pid 5152] <... write resumed>) = 524288 [pid 5150] <... ioctl resumed>) = 0 [pid 5151] <... ioctl resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5155 [pid 5150] close(3) = 0 [pid 5155] set_robust_list(0x55555566a660, 24 [pid 5154] <... symlink resumed>) = 0 [pid 5153] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5152] munmap(0x7fa9f93fb000, 138412032 [pid 5150] mkdir("./file0", 0777 [pid 5151] close(3 [pid 5153] <... openat resumed>) = 4 [pid 5152] <... munmap resumed>) = 0 [pid 5150] <... mkdir resumed>) = 0 [pid 5151] <... close resumed>) = 0 [ 61.747425][ T5150] loop0: detected capacity change from 0 to 1024 [ 61.762188][ T5151] loop2: detected capacity change from 0 to 1024 [pid 5155] <... set_robust_list resumed>) = 0 [pid 5154] memfd_create("syzkaller", 0 [pid 5153] ioctl(4, LOOP_SET_FD, 3 [pid 5150] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5151] mkdir("./file0", 0777 [pid 5155] chdir("./13" [pid 5154] <... memfd_create resumed>) = 3 [pid 5153] <... ioctl resumed>) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5151] <... mkdir resumed>) = 0 [pid 5155] <... chdir resumed>) = 0 [pid 5154] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5153] close(3 [pid 5152] <... openat resumed>) = 4 [pid 5150] <... mount resumed>) = 0 [pid 5151] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5155] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5154] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5153] <... close resumed>) = 0 [pid 5152] ioctl(4, LOOP_SET_FD, 3 [pid 5150] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5155] <... prctl resumed>) = 0 [pid 5154] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5153] mkdir("./file0", 0777 [pid 5150] <... openat resumed>) = 3 [pid 5151] <... mount resumed>) = 0 [pid 5153] <... mkdir resumed>) = 0 [pid 5150] chdir("./file0" [pid 5151] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5150] <... chdir resumed>) = 0 [pid 5151] <... openat resumed>) = 3 [pid 5150] ioctl(4, LOOP_CLR_FD [pid 5153] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5150] <... ioctl resumed>) = 0 [pid 5151] chdir("./file0" [pid 5155] setpgid(0, 0 [pid 5154] <... write resumed>) = 524288 [pid 5153] <... mount resumed>) = 0 [pid 5152] <... ioctl resumed>) = 0 [pid 5150] close(4 [pid 5151] <... chdir resumed>) = 0 [pid 5155] <... setpgid resumed>) = 0 [pid 5154] munmap(0x7fa9f93fb000, 138412032 [pid 5153] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5152] close(3 [pid 5150] <... close resumed>) = 0 [pid 5151] ioctl(4, LOOP_CLR_FD [pid 5152] <... close resumed>) = 0 [pid 5152] mkdir("./file0", 0777 [pid 5153] <... openat resumed>) = 3 [pid 5152] <... mkdir resumed>) = 0 [pid 5150] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5151] <... ioctl resumed>) = 0 [pid 5154] <... munmap resumed>) = 0 [pid 5153] chdir("./file0" [pid 5152] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5150] <... openat resumed>) = 4 [pid 5151] close(4 [pid 5155] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5154] openat(AT_FDCWD, "/dev/loop5", O_RDWR) = 4 [pid 5153] <... chdir resumed>) = 0 [pid 5151] <... close resumed>) = 0 [pid 5150] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5155] <... openat resumed>) = 3 [pid 5153] ioctl(4, LOOP_CLR_FD [pid 5151] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5153] <... ioctl resumed>) = 0 [pid 5155] write(3, "1000", 4 [pid 5153] close(4 [pid 5155] <... write resumed>) = 4 [pid 5154] ioctl(4, LOOP_SET_FD, 3 [pid 5153] <... close resumed>) = 0 [pid 5151] <... openat resumed>) = 4 [pid 5152] <... mount resumed>) = 0 [pid 5152] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5152] chdir("./file0") = 0 [pid 5155] close(3 [pid 5154] <... ioctl resumed>) = 0 [pid 5153] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5151] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5152] ioctl(4, LOOP_CLR_FD [pid 5155] <... close resumed>) = 0 [pid 5154] close(3 [pid 5153] <... openat resumed>) = 4 [pid 5155] symlink("/dev/binderfs", "./binderfs" [pid 5154] <... close resumed>) = 0 [pid 5153] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5155] <... symlink resumed>) = 0 [pid 5154] mkdir("./file0", 0777 [pid 5155] memfd_create("syzkaller", 0) = 3 [pid 5154] <... mkdir resumed>) = 0 [pid 5152] <... ioctl resumed>) = 0 [pid 5155] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5154] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5152] close(4) = 0 [pid 5155] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5154] <... mount resumed>) = 0 [pid 5152] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5154] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5154] chdir("./file0") = 0 [pid 5152] <... openat resumed>) = 4 [pid 5154] ioctl(4, LOOP_CLR_FD [pid 5152] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5154] <... ioctl resumed>) = 0 [pid 5154] close(4) = 0 [pid 5154] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [ 61.795372][ T5153] loop4: detected capacity change from 0 to 1024 [ 61.813157][ T5152] loop3: detected capacity change from 0 to 1024 [ 61.835360][ T5154] loop5: detected capacity change from 0 to 1024 [pid 5154] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5155] <... write resumed>) = 524288 [pid 5155] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5155] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5155] ioctl(4, LOOP_SET_FD, 3 [pid 5150] <... ioctl resumed>) = 0 [pid 5150] exit_group(0 [pid 5153] <... ioctl resumed>) = 0 [pid 5152] <... ioctl resumed>) = 0 [pid 5150] <... exit_group resumed>) = ? [pid 5151] <... ioctl resumed>) = 0 [pid 5153] exit_group(0 [pid 5152] exit_group(0 [pid 5150] +++ exited with 0 +++ [pid 5151] exit_group(0 [pid 5153] <... exit_group resumed>) = ? [pid 5152] <... exit_group resumed>) = ? [pid 5151] <... exit_group resumed>) = ? [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5150, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5153] +++ exited with 0 +++ [pid 5152] +++ exited with 0 +++ [pid 5151] +++ exited with 0 +++ [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5153, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5152, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5151, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5068] umount2("./10", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./10", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5068] newfstatat(3, "", [pid 5154] <... ioctl resumed>) = 0 [pid 5154] exit_group(0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5154] <... exit_group resumed>) = ? [pid 5072] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] getdents64(3, [pid 5072] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5070] <... openat resumed>) = 3 [pid 5154] +++ exited with 0 +++ [pid 5072] newfstatat(3, "", [pid 5071] newfstatat(3, "", [pid 5070] newfstatat(3, "", [pid 5068] umount2("./10/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5154, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(3, [pid 5071] getdents64(3, [pid 5070] getdents64(3, [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] newfstatat(AT_FDCWD, "./10/binderfs", [pid 5072] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] unlink("./10/binderfs" [pid 5072] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5071] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5070] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5068] <... unlink resumed>) = 0 [pid 5073] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] <... ioctl resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] unlink("./12/binderfs" [pid 5071] unlink("./12/binderfs" [pid 5070] unlink("./11/binderfs" [pid 5155] close(3 [pid 5073] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5155] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5072] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5155] mkdir("./file0", 0777 [pid 5073] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] getdents64(3, [pid 5155] <... mkdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... umount2 resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5073] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(AT_FDCWD, "./12/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... umount2 resumed>) = 0 [ 61.892948][ T5155] loop1: detected capacity change from 0 to 1024 [pid 5073] unlink("./12/binderfs" [pid 5155] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5073] <... unlink resumed>) = 0 [pid 5071] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./10/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./10/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(AT_FDCWD, "./12/file0", [pid 5068] openat(AT_FDCWD, "./10/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5071] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] newfstatat(4, "", [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] <... openat resumed>) = 4 [pid 5068] getdents64(4, [pid 5071] newfstatat(4, "", [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] close(4 [pid 5071] getdents64(4, [pid 5068] <... close resumed>) = 0 [pid 5073] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] rmdir("./10/file0" [pid 5071] getdents64(4, [pid 5068] <... rmdir resumed>) = 0 [pid 5068] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... close resumed>) = 0 [pid 5071] close(4 [pid 5068] rmdir("./10" [pid 5071] <... close resumed>) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5071] rmdir("./12/file0" [pid 5070] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] mkdir("./11", 0777 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... mkdir resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./11/file0", [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] getdents64(3, [pid 5070] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] newfstatat(AT_FDCWD, "./12/file0", [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] close(3 [pid 5070] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5155] <... mount resumed>) = 0 [pid 5072] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5070] <... openat resumed>) = 4 [pid 5155] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] rmdir("./12" [pid 5070] newfstatat(4, "", [pid 5155] <... openat resumed>) = 3 [pid 5072] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5155] chdir("./file0" [pid 5072] <... openat resumed>) = 4 [pid 5071] mkdir("./13", 0777 [pid 5070] getdents64(4, [pid 5155] <... chdir resumed>) = 0 [pid 5072] newfstatat(4, "", [pid 5071] <... mkdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5155] ioctl(4, LOOP_CLR_FD [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] getdents64(4, [pid 5155] <... ioctl resumed>) = 0 [pid 5072] getdents64(4, [pid 5071] <... openat resumed>) = 3 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5155] close(4 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5070] close(4 [pid 5155] <... close resumed>) = 0 [pid 5072] getdents64(4, [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] <... close resumed>) = 0 [pid 5155] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] close(3 [pid 5070] rmdir("./11/file0" [pid 5072] close(4 [pid 5071] <... close resumed>) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] getdents64(3, ./strace-static-x86_64: Process 5156 attached [pid 5072] rmdir("./12/file0" [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5156] set_robust_list(0x55555566a660, 24 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5156 [pid 5070] close(3 [pid 5156] <... set_robust_list resumed>) = 0 [pid 5072] getdents64(3, [pid 5070] <... close resumed>) = 0 [pid 5156] chdir("./13" [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] rmdir("./11" [pid 5156] <... chdir resumed>) = 0 [pid 5072] close(3 [pid 5070] <... rmdir resumed>) = 0 [pid 5072] <... close resumed>) = 0 [pid 5070] mkdir("./12", 0777 [pid 5156] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] rmdir("./12" [pid 5070] <... mkdir resumed>) = 0 [pid 5156] <... prctl resumed>) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5156] setpgid(0, 0 [pid 5072] mkdir("./13", 0777 [pid 5156] <... setpgid resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5156] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5156] <... openat resumed>) = 3 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] close(3 [pid 5070] close(3 [pid 5156] write(3, "1000", 4 [pid 5072] <... close resumed>) = 0 [pid 5156] <... write resumed>) = 4 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... close resumed>) = 0 [pid 5156] close(3 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5156] <... close resumed>) = 0 [pid 5156] symlink("/dev/binderfs", "./binderfs") = 0 ./strace-static-x86_64: Process 5157 attached [pid 5157] set_robust_list(0x55555566a660, 24) = 0 [pid 5157] chdir("./13") = 0 [pid 5157] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5156] memfd_create("syzkaller", 0 [pid 5157] <... prctl resumed>) = 0 [pid 5156] <... memfd_create resumed>) = 3 [pid 5157] setpgid(0, 0) = 0 [pid 5156] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5157] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5156] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5157 [pid 5156] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5157] <... openat resumed>) = 3 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5158 [pid 5157] write(3, "1000", 4) = 4 [pid 5157] close(3) = 0 [pid 5157] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5157] memfd_create("syzkaller", 0) = 3 [pid 5157] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 ./strace-static-x86_64: Process 5158 attached [pid 5157] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5158] set_robust_list(0x55555566a660, 24 [pid 5156] <... write resumed>) = 524288 [pid 5155] <... openat resumed>) = 4 [pid 5068] <... openat resumed>) = 3 [pid 5155] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5155] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5155] exit_group(0 [pid 5068] close(3) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5155] <... exit_group resumed>) = ? [pid 5155] +++ exited with 0 +++ [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5155, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- ./strace-static-x86_64: Process 5159 attached [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5159 [pid 5073] <... umount2 resumed>) = 0 [pid 5159] set_robust_list(0x55555566a660, 24 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5069] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] <... set_robust_list resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] chdir("./11" [pid 5069] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5159] <... chdir resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5159] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] <... prctl resumed>) = 0 [pid 5159] setpgid(0, 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] <... setpgid resumed>) = 0 [pid 5158] <... set_robust_list resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./13/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5159] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5069] unlink("./13/binderfs") = 0 [pid 5069] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] write(3, "1000", 4 [pid 5158] chdir("./12" [pid 5156] munmap(0x7fa9f93fb000, 138412032 [pid 5158] <... chdir resumed>) = 0 [pid 5156] <... munmap resumed>) = 0 [pid 5159] <... write resumed>) = 4 [pid 5159] close(3 [pid 5157] <... write resumed>) = 524288 [pid 5159] <... close resumed>) = 0 [pid 5159] symlink("/dev/binderfs", "./binderfs" [pid 5158] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5159] <... symlink resumed>) = 0 [pid 5156] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5159] memfd_create("syzkaller", 0 [pid 5158] <... prctl resumed>) = 0 [pid 5156] <... openat resumed>) = 4 [pid 5073] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] <... memfd_create resumed>) = 3 [pid 5156] ioctl(4, LOOP_SET_FD, 3 [pid 5158] setpgid(0, 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = 0 [pid 5073] newfstatat(AT_FDCWD, "./12/file0", [pid 5158] <... setpgid resumed>) = 0 [pid 5069] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5159] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5158] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5157] munmap(0x7fa9f93fb000, 138412032 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./13/file0", [pid 5159] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5158] <... openat resumed>) = 3 [pid 5157] <... munmap resumed>) = 0 [pid 5073] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5158] write(3, "1000", 4 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5159] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5158] <... write resumed>) = 4 [pid 5157] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5073] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5158] close(3) = 0 [pid 5157] <... openat resumed>) = 4 [pid 5073] <... openat resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5158] symlink("/dev/binderfs", "./binderfs" [pid 5069] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5157] ioctl(4, LOOP_SET_FD, 3 [pid 5158] <... symlink resumed>) = 0 [pid 5073] newfstatat(4, "", [pid 5069] <... openat resumed>) = 4 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] newfstatat(4, "", [pid 5158] memfd_create("syzkaller", 0 [pid 5073] getdents64(4, [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, [pid 5073] getdents64(4, [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5159] <... write resumed>) = 524288 [pid 5158] <... memfd_create resumed>) = 3 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(4, [pid 5158] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5073] close(4 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5158] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] <... close resumed>) = 0 [pid 5069] close(4 [pid 5156] <... ioctl resumed>) = 0 [pid 5156] close(3) = 0 [pid 5156] mkdir("./file0", 0777) = 0 [pid 5156] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5159] munmap(0x7fa9f93fb000, 138412032 [pid 5158] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] rmdir("./12/file0" [pid 5069] <... close resumed>) = 0 [pid 5159] <... munmap resumed>) = 0 [pid 5157] <... ioctl resumed>) = 0 [pid 5159] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5157] close(3 [pid 5159] <... openat resumed>) = 4 [pid 5157] <... close resumed>) = 0 [ 62.031025][ T5156] loop3: detected capacity change from 0 to 1024 [ 62.045911][ T5157] loop4: detected capacity change from 0 to 1024 [pid 5157] mkdir("./file0", 0777 [pid 5159] ioctl(4, LOOP_SET_FD, 3 [pid 5157] <... mkdir resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5069] rmdir("./13/file0" [pid 5073] getdents64(3, [pid 5069] <... rmdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] getdents64(3, [pid 5073] close(3 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5157] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5159] <... ioctl resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5069] close(3 [pid 5073] rmdir("./12" [pid 5159] close(3) = 0 [pid 5158] <... write resumed>) = 524288 [pid 5073] <... rmdir resumed>) = 0 [pid 5069] <... close resumed>) = 0 [pid 5158] munmap(0x7fa9f93fb000, 138412032 [pid 5073] mkdir("./13", 0777 [pid 5069] rmdir("./13" [pid 5073] <... mkdir resumed>) = 0 [pid 5159] mkdir("./file0", 0777 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5069] <... rmdir resumed>) = 0 [pid 5158] <... munmap resumed>) = 0 [pid 5069] mkdir("./14", 0777 [pid 5159] <... mkdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5157] <... mount resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5069] <... mkdir resumed>) = 0 [pid 5159] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5157] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5158] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5157] <... openat resumed>) = 3 [pid 5156] <... mount resumed>) = 0 [pid 5073] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5158] <... openat resumed>) = 4 [pid 5157] chdir("./file0" [pid 5073] <... close resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5157] <... chdir resumed>) = 0 [pid 5157] ioctl(4, LOOP_CLR_FD [pid 5159] <... mount resumed>) = 0 [pid 5157] <... ioctl resumed>) = 0 [pid 5159] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5157] close(4 [pid 5159] <... openat resumed>) = 3 [pid 5157] <... close resumed>) = 0 [pid 5159] chdir("./file0" [pid 5157] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5159] <... chdir resumed>) = 0 [pid 5157] <... openat resumed>) = 4 [pid 5159] ioctl(4, LOOP_CLR_FD [pid 5157] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5158] ioctl(4, LOOP_SET_FD, 3 [pid 5156] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5156] chdir("./file0"./strace-static-x86_64: Process 5160 attached ) = 0 [ 62.076142][ T5159] loop0: detected capacity change from 0 to 1024 [pid 5156] ioctl(4, LOOP_CLR_FD [pid 5160] set_robust_list(0x55555566a660, 24 [pid 5158] <... ioctl resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5160 [pid 5158] close(3 [pid 5159] <... ioctl resumed>) = 0 [pid 5158] <... close resumed>) = 0 [pid 5157] <... ioctl resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5156] <... ioctl resumed>) = 0 [pid 5159] close(4 [pid 5158] mkdir("./file0", 0777 [pid 5069] close(3 [pid 5156] close(4 [pid 5160] <... set_robust_list resumed>) = 0 [pid 5159] <... close resumed>) = 0 [pid 5157] exit_group(0 [pid 5160] chdir("./13" [pid 5159] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5156] <... close resumed>) = 0 [pid 5159] <... openat resumed>) = 4 [pid 5156] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5069] <... close resumed>) = 0 [pid 5160] <... chdir resumed>) = 0 [pid 5159] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5158] <... mkdir resumed>) = 0 [pid 5157] <... exit_group resumed>) = ? [pid 5160] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5159] <... ioctl resumed>) = 0 [pid 5158] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5157] +++ exited with 0 +++ [pid 5156] <... openat resumed>) = 4 [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5159] exit_group(0 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5157, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5159] <... exit_group resumed>) = ? [pid 5072] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 5161 attached [pid 5160] <... prctl resumed>) = 0 [pid 5159] +++ exited with 0 +++ [pid 5156] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5072] <... restart_syscall resumed>) = 0 [pid 5161] set_robust_list(0x55555566a660, 24 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5159, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5161] <... set_robust_list resumed>) = 0 [pid 5160] setpgid(0, 0 [pid 5156] <... ioctl resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5161 [pid 5161] chdir("./14" [pid 5160] <... setpgid resumed>) = 0 [pid 5156] exit_group(0 [pid 5072] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] <... chdir resumed>) = 0 [pid 5160] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5156] <... exit_group resumed>) = ? [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./11", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... prctl resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5068] openat(AT_FDCWD, "./11", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5161] setpgid(0, 0 [pid 5072] newfstatat(3, "", [pid 5068] <... openat resumed>) = 3 [pid 5161] <... setpgid resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] newfstatat(3, "", [pid 5161] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5160] <... openat resumed>) = 3 [pid 5156] +++ exited with 0 +++ [pid 5072] getdents64(3, [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5161] <... openat resumed>) = 3 [pid 5160] write(3, "1000", 4 [pid 5158] <... mount resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5156, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] getdents64(3, [pid 5161] write(3, "1000", 4 [pid 5160] <... write resumed>) = 4 [pid 5158] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5161] <... write resumed>) = 4 [pid 5160] close(3 [pid 5158] <... openat resumed>) = 3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./11/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] close(3 [pid 5160] <... close resumed>) = 0 [pid 5158] chdir("./file0" [pid 5072] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] <... close resumed>) = 0 [pid 5160] symlink("/dev/binderfs", "./binderfs" [pid 5158] <... chdir resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] newfstatat(AT_FDCWD, "./11/binderfs", [pid 5161] symlink("/dev/binderfs", "./binderfs" [pid 5160] <... symlink resumed>) = 0 [pid 5158] ioctl(4, LOOP_CLR_FD [pid 5072] unlink("./13/binderfs" [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5161] <... symlink resumed>) = 0 [pid 5158] <... ioctl resumed>) = 0 [pid 5072] <... unlink resumed>) = 0 [pid 5068] unlink("./11/binderfs" [pid 5161] memfd_create("syzkaller", 0 [pid 5160] memfd_create("syzkaller", 0 [pid 5158] close(4 [pid 5072] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... unlink resumed>) = 0 [pid 5158] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5158] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5158] <... openat resumed>) = 4 [pid 5071] <... openat resumed>) = 3 [pid 5161] <... memfd_create resumed>) = 3 [pid 5160] <... memfd_create resumed>) = 3 [pid 5158] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] newfstatat(3, "", [pid 5161] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5160] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5158] <... ioctl resumed>) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5161] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5158] exit_group(0 [pid 5071] getdents64(3, [pid 5161] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5160] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] <... umount2 resumed>) = 0 [pid 5158] <... exit_group resumed>) = ? [pid 5071] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5068] newfstatat(AT_FDCWD, "./11/file0", [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] unlink("./13/binderfs" [pid 5068] umount2("./11/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5158] +++ exited with 0 +++ [pid 5071] <... unlink resumed>) = 0 [pid 5071] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5158, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./11/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5068] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5072] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./11/file0" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [ 62.139693][ T5158] loop2: detected capacity change from 0 to 1024 [pid 5068] <... rmdir resumed>) = 0 [pid 5072] newfstatat(AT_FDCWD, "./13/file0", [pid 5070] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] getdents64(3, [pid 5161] <... write resumed>) = 524288 [pid 5160] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] close(3 [pid 5070] getdents64(3, [pid 5068] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] rmdir("./11" [pid 5072] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... rmdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] mkdir("./12", 0777 [pid 5072] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5068] <... mkdir resumed>) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5072] newfstatat(4, "", [pid 5070] unlink("./12/binderfs" [pid 5068] <... openat resumed>) = 3 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5072] getdents64(4, [pid 5070] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... ioctl resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, [pid 5068] close(3 [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... close resumed>) = 0 [pid 5072] close(4 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] <... close resumed>) = 0 [pid 5072] rmdir("./13/file0"./strace-static-x86_64: Process 5162 attached [pid 5161] munmap(0x7fa9f93fb000, 138412032 [pid 5072] <... rmdir resumed>) = 0 [pid 5162] set_robust_list(0x55555566a660, 24 [pid 5161] <... munmap resumed>) = 0 [pid 5162] <... set_robust_list resumed>) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5162 [pid 5072] getdents64(3, [pid 5161] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5162] chdir("./12" [pid 5161] <... openat resumed>) = 4 [pid 5072] close(3) = 0 [pid 5072] rmdir("./13" [pid 5161] ioctl(4, LOOP_SET_FD, 3 [pid 5162] <... chdir resumed>) = 0 [pid 5162] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5072] <... rmdir resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5162] <... prctl resumed>) = 0 [pid 5072] mkdir("./14", 0777) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR) = 3 [pid 5072] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5072] close(3) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5162] setpgid(0, 0) = 0 [pid 5162] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5163 ./strace-static-x86_64: Process 5163 attached [pid 5162] <... openat resumed>) = 3 [pid 5163] set_robust_list(0x55555566a660, 24 [pid 5162] write(3, "1000", 4) = 4 [pid 5163] <... set_robust_list resumed>) = 0 [pid 5162] close(3 [pid 5163] chdir("./14" [pid 5162] <... close resumed>) = 0 [pid 5163] <... chdir resumed>) = 0 [pid 5162] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5163] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5162] memfd_create("syzkaller", 0 [pid 5163] setpgid(0, 0 [pid 5162] <... memfd_create resumed>) = 3 [pid 5163] <... setpgid resumed>) = 0 [pid 5162] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5163] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5162] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5163] <... openat resumed>) = 3 [pid 5162] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5160] <... write resumed>) = 524288 [pid 5071] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] write(3, "1000", 4) = 4 [pid 5163] close(3) = 0 [pid 5163] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... umount2 resumed>) = 0 [pid 5163] memfd_create("syzkaller", 0) = 3 [pid 5163] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5161] <... ioctl resumed>) = 0 [pid 5160] munmap(0x7fa9f93fb000, 138412032 [pid 5071] newfstatat(AT_FDCWD, "./13/file0", [pid 5070] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5161] close(3) = 0 [pid 5161] mkdir("./file0", 0777 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5162] <... write resumed>) = 524288 [pid 5161] <... mkdir resumed>) = 0 [pid 5160] <... munmap resumed>) = 0 [pid 5071] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] newfstatat(AT_FDCWD, "./12/file0", [pid 5160] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5161] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5160] <... openat resumed>) = 4 [pid 5071] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5160] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... openat resumed>) = 4 [pid 5161] <... mount resumed>) = 0 [pid 5161] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5161] chdir("./file0") = 0 [pid 5161] ioctl(4, LOOP_CLR_FD) = 0 [pid 5163] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5161] close(4) = 0 [pid 5161] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5163] <... write resumed>) = 524288 [pid 5161] <... openat resumed>) = 4 [pid 5071] newfstatat(4, "", [pid 5070] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5160] <... ioctl resumed>) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5162] munmap(0x7fa9f93fb000, 138412032 [pid 5071] getdents64(4, [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5160] close(3) = 0 [pid 5162] <... munmap resumed>) = 0 [pid 5160] mkdir("./file0", 0777 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 [ 62.215854][ T5161] loop1: detected capacity change from 0 to 1024 [ 62.249228][ T5160] loop5: detected capacity change from 0 to 1024 [pid 5162] ioctl(4, LOOP_SET_FD, 3 [pid 5161] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5160] <... mkdir resumed>) = 0 [pid 5161] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5160] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] getdents64(4, [pid 5070] <... openat resumed>) = 4 [pid 5163] munmap(0x7fa9f93fb000, 138412032 [pid 5161] exit_group(0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] newfstatat(4, "", [pid 5163] <... munmap resumed>) = 0 [pid 5161] <... exit_group resumed>) = ? [pid 5071] close(4 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5163] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5161] +++ exited with 0 +++ [pid 5160] <... mount resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5070] getdents64(4, [pid 5163] <... openat resumed>) = 4 [pid 5160] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5071] rmdir("./13/file0" [pid 5163] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5161, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5160] <... openat resumed>) = 3 [pid 5071] <... rmdir resumed>) = 0 [pid 5070] getdents64(4, [pid 5160] chdir("./file0" [pid 5071] getdents64(3, [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5160] <... chdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] close(4 [pid 5160] ioctl(4, LOOP_CLR_FD [pid 5071] close(3 [pid 5069] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... close resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5160] <... ioctl resumed>) = 0 [pid 5071] rmdir("./13" [pid 5070] rmdir("./12/file0" [pid 5069] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5160] close(4 [pid 5162] <... ioctl resumed>) = 0 [pid 5162] close(3 [pid 5070] <... rmdir resumed>) = 0 [pid 5162] <... close resumed>) = 0 [pid 5160] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5162] mkdir("./file0", 0777 [pid 5160] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] <... rmdir resumed>) = 0 [pid 5070] getdents64(3, [pid 5162] <... mkdir resumed>) = 0 [pid 5160] <... openat resumed>) = 4 [pid 5071] mkdir("./14", 0777 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5069] newfstatat(3, "", [pid 5163] <... ioctl resumed>) = 0 [pid 5162] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5070] close(3 [pid 5163] close(3 [pid 5160] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] <... mkdir resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] <... close resumed>) = 0 [pid 5163] <... close resumed>) = 0 [pid 5069] getdents64(3, [pid 5163] mkdir("./file0", 0777) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5070] rmdir("./12" [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5069] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] <... rmdir resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5071] close(3 [pid 5070] mkdir("./13", 0777 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./14/binderfs" [pid 5071] <... close resumed>) = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5069] <... unlink resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5069] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = 0 ./strace-static-x86_64: Process 5164 attached [pid 5163] <... mount resumed>) = 0 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5164 [pid 5070] <... openat resumed>) = 3 [pid 5069] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5163] chdir("./file0") = 0 [pid 5163] ioctl(4, LOOP_CLR_FD) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5163] close(4 [pid 5069] newfstatat(AT_FDCWD, "./14/file0", [pid 5163] <... close resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5163] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5069] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5163] <... openat resumed>) = 4 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5163] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5069] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, [pid 5164] set_robust_list(0x55555566a660, 24 [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [ 62.266966][ T5162] loop0: detected capacity change from 0 to 1024 [ 62.278834][ T5163] loop4: detected capacity change from 0 to 1024 [pid 5164] <... set_robust_list resumed>) = 0 [pid 5069] getdents64(4, [pid 5164] chdir("./14" [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5164] <... chdir resumed>) = 0 [pid 5069] close(4 [pid 5164] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5163] <... ioctl resumed>) = 0 [pid 5160] <... ioctl resumed>) = 0 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... close resumed>) = 0 [pid 5164] <... prctl resumed>) = 0 [pid 5163] exit_group(0 [pid 5160] exit_group(0 [pid 5070] close(3 [pid 5160] <... exit_group resumed>) = ? [pid 5070] <... close resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] rmdir("./14/file0") = 0 [pid 5069] getdents64(3, ./strace-static-x86_64: Process 5165 attached [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5165 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5165] set_robust_list(0x55555566a660, 24 [pid 5163] <... exit_group resumed>) = ? [pid 5069] close(3 [pid 5165] <... set_robust_list resumed>) = 0 [pid 5165] chdir("./13" [pid 5164] setpgid(0, 0 [pid 5163] +++ exited with 0 +++ [pid 5069] <... close resumed>) = 0 [pid 5165] <... chdir resumed>) = 0 [pid 5164] <... setpgid resumed>) = 0 [pid 5069] rmdir("./14" [pid 5165] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5164] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5163, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5069] <... rmdir resumed>) = 0 [pid 5164] <... openat resumed>) = 3 [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5069] mkdir("./15", 0777 [pid 5164] write(3, "1000", 4 [pid 5072] <... restart_syscall resumed>) = 0 [pid 5069] <... mkdir resumed>) = 0 [pid 5164] <... write resumed>) = 4 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5165] <... prctl resumed>) = 0 [pid 5164] close(3 [pid 5069] <... openat resumed>) = 3 [pid 5165] setpgid(0, 0 [pid 5164] <... close resumed>) = 0 [pid 5072] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5164] symlink("/dev/binderfs", "./binderfs" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5164] <... symlink resumed>) = 0 [pid 5072] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5165] <... setpgid resumed>) = 0 [pid 5069] close(3 [pid 5165] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5164] memfd_create("syzkaller", 0 [pid 5072] <... openat resumed>) = 3 [pid 5069] <... close resumed>) = 0 [pid 5164] <... memfd_create resumed>) = 3 [pid 5072] newfstatat(3, "", [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5166 attached [pid 5164] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5160] +++ exited with 0 +++ [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5164] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5160, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5072] getdents64(3, [pid 5164] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] set_robust_list(0x55555566a660, 24 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5166 [pid 5073] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5166] <... set_robust_list resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5166] chdir("./15" [pid 5073] <... openat resumed>) = 3 [pid 5072] unlink("./14/binderfs" [pid 5166] <... chdir resumed>) = 0 [pid 5073] newfstatat(3, "", [pid 5072] <... unlink resumed>) = 0 [pid 5166] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5165] <... openat resumed>) = 3 [pid 5164] <... write resumed>) = 524288 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5165] write(3, "1000", 4 [pid 5166] <... prctl resumed>) = 0 [pid 5165] <... write resumed>) = 4 [pid 5073] getdents64(3, [pid 5166] setpgid(0, 0 [pid 5165] close(3 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5166] <... setpgid resumed>) = 0 [pid 5165] <... close resumed>) = 0 [pid 5073] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5165] symlink("/dev/binderfs", "./binderfs" [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5166] <... openat resumed>) = 3 [pid 5166] write(3, "1000", 4 [pid 5165] <... symlink resumed>) = 0 [pid 5073] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5166] <... write resumed>) = 4 [pid 5166] close(3 [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5166] <... close resumed>) = 0 [pid 5166] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5165] memfd_create("syzkaller", 0 [pid 5073] unlink("./13/binderfs" [pid 5072] <... umount2 resumed>) = 0 [pid 5166] memfd_create("syzkaller", 0 [pid 5164] munmap(0x7fa9f93fb000, 138412032 [pid 5072] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] <... memfd_create resumed>) = 3 [pid 5165] <... memfd_create resumed>) = 3 [pid 5073] <... unlink resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5166] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5164] <... munmap resumed>) = 0 [pid 5162] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5073] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] newfstatat(AT_FDCWD, "./14/file0", [pid 5166] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5164] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5162] ioctl(4, LOOP_CLR_FD [pid 5072] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5164] <... openat resumed>) = 4 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5165] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5072] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5165] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5072] <... openat resumed>) = 4 [pid 5072] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [ 62.333353][ T5162] hfsplus: unable to set blocksize to 1024! [ 62.339359][ T5162] hfsplus: unable to find HFS+ superblock [pid 5072] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] close(4) = 0 [pid 5072] rmdir("./14/file0" [pid 5164] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... rmdir resumed>) = 0 [pid 5165] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5166] <... write resumed>) = 524288 [pid 5072] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] close(3) = 0 [pid 5072] rmdir("./14") = 0 [pid 5072] mkdir("./15", 0777 [pid 5166] munmap(0x7fa9f93fb000, 138412032 [pid 5072] <... mkdir resumed>) = 0 [pid 5166] <... munmap resumed>) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5166] <... openat resumed>) = 4 [pid 5072] <... openat resumed>) = 3 [pid 5166] ioctl(4, LOOP_SET_FD, 3 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5165] <... write resumed>) = 524288 [pid 5073] <... umount2 resumed>) = 0 [pid 5072] <... ioctl resumed>) = 0 [pid 5072] close(3 [pid 5073] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] <... close resumed>) = 0 [pid 5073] newfstatat(AT_FDCWD, "./13/file0", [pid 5164] <... ioctl resumed>) = 0 [pid 5164] close(3) = 0 [pid 5164] mkdir("./file0", 0777) = 0 [pid 5164] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5165] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5162] <... ioctl resumed>) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5164] <... mount resumed>) = 0 [pid 5164] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5165] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5164] <... openat resumed>) = 3 [pid 5073] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) ./strace-static-x86_64: Process 5167 attached [ 62.395099][ T5164] loop3: detected capacity change from 0 to 1024 [ 62.415098][ T5166] loop1: detected capacity change from 0 to 1024 [pid 5164] chdir("./file0" [pid 5167] set_robust_list(0x55555566a660, 24 [pid 5165] <... openat resumed>) = 4 [pid 5164] <... chdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5167] <... set_robust_list resumed>) = 0 [pid 5164] ioctl(4, LOOP_CLR_FD [pid 5167] chdir("./15" [pid 5164] <... ioctl resumed>) = 0 [pid 5167] <... chdir resumed>) = 0 [pid 5165] ioctl(4, LOOP_SET_FD, 3 [pid 5164] close(4 [pid 5167] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5164] <... close resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5167] <... prctl resumed>) = 0 [pid 5164] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5167] setpgid(0, 0 [pid 5164] <... openat resumed>) = 4 [pid 5167] <... setpgid resumed>) = 0 [pid 5164] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5167] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5164] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5164] exit_group(0) = ? [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5167 [pid 5167] <... openat resumed>) = 3 [pid 5164] +++ exited with 0 +++ [pid 5167] write(3, "1000", 4 [pid 5162] close(4 [pid 5167] <... write resumed>) = 4 [pid 5162] <... close resumed>) = 0 [pid 5167] close(3 [pid 5162] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5167] <... close resumed>) = 0 [pid 5162] <... openat resumed>) = 3 [pid 5167] symlink("/dev/binderfs", "./binderfs" [pid 5162] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5167] <... symlink resumed>) = 0 [pid 5166] <... ioctl resumed>) = 0 [pid 5162] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5167] memfd_create("syzkaller", 0 [pid 5166] close(3 [pid 5162] exit_group(0 [pid 5073] newfstatat(4, "", [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5164, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5167] <... memfd_create resumed>) = 3 [pid 5166] <... close resumed>) = 0 [pid 5162] <... exit_group resumed>) = ? [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5167] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5166] mkdir("./file0", 0777 [pid 5167] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5166] <... mkdir resumed>) = 0 [pid 5162] +++ exited with 0 +++ [pid 5073] getdents64(4, [pid 5071] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5165] <... ioctl resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5162, si_uid=0, si_status=0, si_utime=0, si_stime=3 /* 0.03 s */} --- [pid 5166] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5165] close(3 [pid 5073] getdents64(4, [pid 5071] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5167] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5165] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5073] close(4 [pid 5071] newfstatat(3, "", [pid 5165] mkdir("./file0", 0777 [pid 5073] <... close resumed>) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] rmdir("./13/file0" [pid 5071] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./12", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./12", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... rmdir resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5068] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5166] <... mount resumed>) = 0 [pid 5165] <... mkdir resumed>) = 0 [pid 5071] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5166] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5165] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5073] getdents64(3, [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5167] <... write resumed>) = 524288 [pid 5166] <... openat resumed>) = 3 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5068] umount2("./12/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] chdir("./file0" [pid 5073] close(3 [pid 5166] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5166] ioctl(4, LOOP_CLR_FD [pid 5068] newfstatat(AT_FDCWD, "./12/binderfs", [pid 5166] <... ioctl resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5166] close(4 [pid 5068] unlink("./12/binderfs" [pid 5166] <... close resumed>) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5166] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5073] rmdir("./13" [pid 5068] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5166] <... openat resumed>) = 4 [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5166] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = -1 ENXIO (No such device or address) [pid 5166] exit_group(0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5166] <... exit_group resumed>) = ? [pid 5166] +++ exited with 0 +++ [pid 5068] newfstatat(AT_FDCWD, "./12/file0", [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5166, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./12/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./12/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 4 [pid 5069] <... openat resumed>) = 3 [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, [pid 5068] newfstatat(4, "", [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(4, [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5167] munmap(0x7fa9f93fb000, 138412032 [pid 5069] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5068] getdents64(4, [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5167] <... munmap resumed>) = 0 [pid 5069] unlink("./15/binderfs" [pid 5068] close(4 [pid 5069] <... unlink resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5069] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./12/file0" [pid 5165] <... mount resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5071] unlink("./14/binderfs" [pid 5068] <... rmdir resumed>) = 0 [pid 5165] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] mkdir("./14", 0777 [pid 5167] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] <... unlink resumed>) = 0 [pid 5068] getdents64(3, [pid 5167] <... openat resumed>) = 4 [pid 5165] <... openat resumed>) = 3 [pid 5073] <... mkdir resumed>) = 0 [pid 5071] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5165] chdir("./file0" [ 62.445233][ T5165] loop2: detected capacity change from 0 to 1024 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5167] ioctl(4, LOOP_SET_FD, 3 [pid 5165] <... chdir resumed>) = 0 [pid 5073] <... openat resumed>) = 3 [pid 5068] close(3 [pid 5165] ioctl(4, LOOP_CLR_FD [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5165] <... ioctl resumed>) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] <... close resumed>) = 0 [pid 5073] close(3 [pid 5165] close(4 [pid 5073] <... close resumed>) = 0 [pid 5068] rmdir("./12" [pid 5165] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5068] <... rmdir resumed>) = 0 [pid 5068] mkdir("./13", 0777 [pid 5069] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... mkdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./15/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5069] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] close(3 [pid 5069] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... close resumed>) = 0 [pid 5069] <... openat resumed>) = 4 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5168 [pid 5069] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 ./strace-static-x86_64: Process 5168 attached [pid 5069] close(4 [pid 5168] set_robust_list(0x55555566a660, 24 [pid 5069] <... close resumed>) = 0 [pid 5168] <... set_robust_list resumed>) = 0 [pid 5069] rmdir("./15/file0" [pid 5168] chdir("./13" [pid 5069] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5169 attached [pid 5168] <... chdir resumed>) = 0 [pid 5165] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] <... umount2 resumed>) = 0 [pid 5069] getdents64(3, [pid 5169] set_robust_list(0x55555566a660, 24 [pid 5168] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5165] <... openat resumed>) = 4 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5169 [pid 5071] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5169] <... set_robust_list resumed>) = 0 [pid 5169] chdir("./14" [pid 5168] <... prctl resumed>) = 0 [pid 5165] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] close(3 [pid 5169] <... chdir resumed>) = 0 [pid 5168] setpgid(0, 0 [pid 5165] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] newfstatat(AT_FDCWD, "./14/file0", [pid 5069] <... close resumed>) = 0 [pid 5169] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5168] <... setpgid resumed>) = 0 [pid 5165] exit_group(0 [pid 5069] rmdir("./15" [pid 5169] <... prctl resumed>) = 0 [pid 5168] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5165] <... exit_group resumed>) = ? [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... rmdir resumed>) = 0 [pid 5169] setpgid(0, 0 [pid 5168] <... openat resumed>) = 3 [pid 5069] mkdir("./16", 0777 [pid 5168] write(3, "1000", 4 [pid 5069] <... mkdir resumed>) = 0 [pid 5168] <... write resumed>) = 4 [pid 5168] close(3) = 0 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5168] symlink("/dev/binderfs", "./binderfs" [pid 5069] <... openat resumed>) = 3 [pid 5168] <... symlink resumed>) = 0 [pid 5168] memfd_create("syzkaller", 0) = 3 [pid 5165] +++ exited with 0 +++ [pid 5169] <... setpgid resumed>) = 0 [pid 5168] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5165, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5169] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5168] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5167] <... ioctl resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5169] <... openat resumed>) = 3 [pid 5168] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] close(3 [pid 5169] write(3, "1000", 4 [pid 5070] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] <... write resumed>) = 4 [pid 5167] close(3 [pid 5071] <... openat resumed>) = 4 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... close resumed>) = 0 [pid 5169] close(3 [pid 5071] newfstatat(4, "", [pid 5070] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5169] <... close resumed>) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... openat resumed>) = 3 [pid 5169] symlink("/dev/binderfs", "./binderfs" [pid 5070] newfstatat(3, "", [pid 5167] <... close resumed>) = 0 [pid 5071] getdents64(4, [pid 5167] mkdir("./file0", 0777./strace-static-x86_64: Process 5170 attached [pid 5169] <... symlink resumed>) = 0 [pid 5167] <... mkdir resumed>) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5170] set_robust_list(0x55555566a660, 24) = 0 [pid 5071] getdents64(4, [pid 5070] getdents64(3, [pid 5170] chdir("./16" [pid 5167] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5170] <... chdir resumed>) = 0 [pid 5169] memfd_create("syzkaller", 0 [pid 5071] close(4 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5170 [pid 5170] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] <... close resumed>) = 0 [pid 5070] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] <... prctl resumed>) = 0 [pid 5168] <... write resumed>) = 524288 [pid 5071] rmdir("./14/file0" [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5170] setpgid(0, 0 [pid 5070] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5170] <... setpgid resumed>) = 0 [pid 5170] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5170] <... openat resumed>) = 3 [pid 5070] unlink("./13/binderfs") = 0 [pid 5070] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] write(3, "1000", 4) = 4 [pid 5170] close(3) = 0 [pid 5170] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5170] memfd_create("syzkaller", 0) = 3 [pid 5170] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5168] munmap(0x7fa9f93fb000, 138412032 [pid 5071] getdents64(3, [pid 5169] <... memfd_create resumed>) = 3 [pid 5168] <... munmap resumed>) = 0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [ 62.503813][ T5167] loop4: detected capacity change from 0 to 1024 [pid 5170] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5169] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] close(3 [pid 5169] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5167] <... mount resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5070] <... umount2 resumed>) = 0 [pid 5167] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5167] <... openat resumed>) = 3 [pid 5168] <... openat resumed>) = 4 [pid 5167] chdir("./file0" [pid 5071] rmdir("./14" [pid 5168] ioctl(4, LOOP_SET_FD, 3 [pid 5167] <... chdir resumed>) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5070] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5170] <... write resumed>) = 524288 [pid 5169] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] mkdir("./15", 0777 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5167] ioctl(4, LOOP_CLR_FD) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./13/file0", [pid 5167] close(4) = 0 [pid 5167] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5167] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5170] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5170] openat(AT_FDCWD, "/dev/loop1", O_RDWR) = 4 [pid 5170] ioctl(4, LOOP_SET_FD, 3 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5168] <... ioctl resumed>) = 0 [pid 5168] close(3) = 0 [pid 5168] mkdir("./file0", 0777) = 0 [pid 5070] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5168] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5071] <... openat resumed>) = 3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5070] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] <... openat resumed>) = 4 [pid 5071] close(3 [pid 5070] newfstatat(4, "", [pid 5071] <... close resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5170] <... ioctl resumed>) = 0 ./strace-static-x86_64: Process 5171 attached [pid 5169] <... write resumed>) = 524288 [pid 5070] getdents64(4, [pid 5171] set_robust_list(0x55555566a660, 24 [pid 5170] close(3 [pid 5171] <... set_robust_list resumed>) = 0 [pid 5170] <... close resumed>) = 0 [pid 5169] munmap(0x7fa9f93fb000, 138412032 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5171 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] close(4) = 0 [pid 5171] chdir("./15" [pid 5070] rmdir("./13/file0" [pid 5170] mkdir("./file0", 0777 [pid 5070] <... rmdir resumed>) = 0 [pid 5070] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5169] <... munmap resumed>) = 0 [pid 5070] close(3 [pid 5169] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5070] <... close resumed>) = 0 [pid 5170] <... mkdir resumed>) = 0 [pid 5070] rmdir("./13" [pid 5171] <... chdir resumed>) = 0 [pid 5171] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5171] setpgid(0, 0) = 0 [pid 5070] <... rmdir resumed>) = 0 [pid 5171] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5170] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5070] mkdir("./14", 0777 [pid 5171] <... openat resumed>) = 3 [pid 5170] <... mount resumed>) = 0 [pid 5170] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5170] chdir("./file0") = 0 [pid 5171] write(3, "1000", 4 [pid 5170] ioctl(4, LOOP_CLR_FD [pid 5171] <... write resumed>) = 4 [pid 5170] <... ioctl resumed>) = 0 [pid 5171] close(3 [pid 5170] close(4 [pid 5171] <... close resumed>) = 0 [pid 5170] <... close resumed>) = 0 [pid 5171] symlink("/dev/binderfs", "./binderfs" [pid 5170] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5171] <... symlink resumed>) = 0 [pid 5170] <... openat resumed>) = 4 [pid 5171] memfd_create("syzkaller", 0 [pid 5170] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5171] <... memfd_create resumed>) = 3 [pid 5171] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5070] <... mkdir resumed>) = 0 [ 62.566543][ T5168] loop0: detected capacity change from 0 to 1024 [ 62.581978][ T5170] loop1: detected capacity change from 0 to 1024 [pid 5169] <... openat resumed>) = 4 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5169] ioctl(4, LOOP_SET_FD, 3 [pid 5070] <... openat resumed>) = 3 [pid 5170] <... ioctl resumed>) = 0 [pid 5167] <... ioctl resumed>) = 0 [pid 5170] exit_group(0 [pid 5167] exit_group(0 [pid 5170] <... exit_group resumed>) = ? [pid 5167] <... exit_group resumed>) = ? [ 62.625663][ T5169] loop5: detected capacity change from 0 to 1024 [ 62.635500][ T5168] ================================================================== [ 62.643581][ T5168] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0xf82/0x1070 [ 62.651832][ T5168] Read of size 2 at addr ffff8880284b1000 by task syz-executor421/5168 [ 62.660061][ T5168] [ 62.662389][ T5168] CPU: 1 PID: 5168 Comm: syz-executor421 Tainted: G B 6.7.0-rc5-syzkaller-00042-g88035e5694a8 #0 [ 62.674297][ T5168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 62.684372][ T5168] Call Trace: [ 62.687664][ T5168] [ 62.690583][ T5168] dump_stack_lvl+0xd9/0x1b0 [ 62.695185][ T5168] print_report+0xc4/0x620 [ 62.699605][ T5168] ? __virt_addr_valid+0x5e/0x2d0 [ 62.704639][ T5168] ? __phys_addr+0xc6/0x140 [ 62.709139][ T5168] kasan_report+0xda/0x110 [ 62.713554][ T5168] ? hfsplus_read_wrapper+0xf82/0x1070 [ 62.719013][ T5168] ? hfsplus_read_wrapper+0xf82/0x1070 [ 62.724469][ T5168] hfsplus_read_wrapper+0xf82/0x1070 [ 62.729834][ T5168] ? lock_release+0x4bf/0x690 [ 62.734508][ T5168] ? hfsplus_submit_bio+0x2b0/0x2b0 [ 62.739704][ T5168] ? do_raw_spin_lock+0x12e/0x2b0 [ 62.744718][ T5168] ? spin_bug+0x1d0/0x1d0 [ 62.749065][ T5168] ? do_raw_spin_unlock+0x173/0x230 [ 62.754261][ T5168] ? _raw_spin_unlock+0x28/0x40 [ 62.759192][ T5168] ? find_nls+0x125/0x160 [ 62.763538][ T5168] hfsplus_fill_super+0x352/0x1bc0 [ 62.768735][ T5168] ? rcu_is_watching+0x12/0xb0 [ 62.773490][ T5168] ? hfsplus_iget+0x7a0/0x7a0 [ 62.778164][ T5168] ? bdev_name.constprop.0+0xa1/0x320 [ 62.783536][ T5168] ? lock_acquire+0x464/0x520 [ 62.788221][ T5168] ? lock_sync+0x190/0x190 [ 62.792633][ T5168] ? spin_bug+0x1d0/0x1d0 [ 62.796950][ T5168] ? set_blocksize+0x2b1/0x350 [ 62.801711][ T5168] ? preempt_count_sub+0x160/0x160 [ 62.807248][ T5168] ? sb_set_blocksize+0xf6/0x120 [ 62.812199][ T5168] ? hfsplus_iget+0x7a0/0x7a0 [ 62.816871][ T5168] mount_bdev+0x1f3/0x2e0 [ 62.821201][ T5168] ? sget+0x640/0x640 [ 62.825182][ T5168] ? apparmor_capable+0x126/0x1e0 [ 62.830293][ T5168] ? zisofs_cleanup+0x20/0x20 [ 62.834968][ T5168] legacy_get_tree+0x109/0x220 [ 62.839739][ T5168] vfs_get_tree+0x8c/0x370 [ 62.844152][ T5168] path_mount+0x1492/0x1ed0 [ 62.848649][ T5168] ? kmem_cache_free+0xf8/0x350 [ 62.853492][ T5168] ? finish_automount+0xa40/0xa40 [ 62.858517][ T5168] ? putname+0x12e/0x170 [ 62.862773][ T5168] __x64_sys_mount+0x293/0x310 [ 62.867531][ T5168] ? copy_mnt_ns+0xb60/0xb60 [ 62.872114][ T5168] ? syscall_trace_enter.constprop.0+0xaf/0x1e0 [ 62.878350][ T5168] do_syscall_64+0x40/0x110 [ 62.882855][ T5168] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 62.888771][ T5168] RIP: 0033:0x7faa0183b61a [ 62.893183][ T5168] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 5e 04 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 [ 62.912801][ T5168] RSP: 002b:00007ffc7fdb6958 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 62.921206][ T5168] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007faa0183b61a [ 62.929169][ T5168] RDX: 0000000020000100 RSI: 00000000200002c0 RDI: 00007ffc7fdb69a0 [ 62.937157][ T5168] RBP: 0000000000000004 R08: 00007ffc7fdb69e0 R09: 0000000000000672 [ 62.945123][ T5168] R10: 0000000000814054 R11: 0000000000000286 R12: 00007ffc7fdb69a0 [ 62.953346][ T5168] R13: 00007ffc7fdb69e0 R14: 0000000000080000 R15: 0000000000000003 [ 62.961403][ T5168] [ 62.964414][ T5168] [ 62.966722][ T5168] The buggy address belongs to the object at ffff8880284b1000 [ 62.966722][ T5168] which belongs to the cache kmalloc-512 of size 512 [ 62.980770][ T5168] The buggy address is located 0 bytes inside of [ 62.980770][ T5168] freed 512-byte region [ffff8880284b1000, ffff8880284b1200) [ 62.994403][ T5168] [ 62.996804][ T5168] The buggy address belongs to the physical page: [ 63.003294][ T5168] page:ffffea0000a12c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x284b0 [ 63.013450][ T5168] head:ffffea0000a12c00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 63.022392][ T5168] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 63.030834][ T5168] page_type: 0xffffffff() [ 63.035154][ T5168] raw: 00fff00000000840 ffff888013041c80 0000000000000000 dead000000000001 [ 63.043735][ T5168] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 [ 63.052305][ T5168] page dumped because: kasan: bad access detected [ 63.058881][ T5168] page_owner tracks the page as allocated [ 63.064584][ T5168] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4566, tgid 4566 (udevd), ts 20392867517, free_ts 20331556855 [ 63.084546][ T5168] post_alloc_hook+0x2d0/0x350 [ 63.089307][ T5168] get_page_from_freelist+0xa25/0x36d0 [ 63.094762][ T5168] __alloc_pages+0x22e/0x2420 [ 63.099433][ T5168] alloc_pages_mpol+0x258/0x5f0 [ 63.104277][ T5168] new_slab+0x283/0x3c0 [ 63.108424][ T5168] ___slab_alloc+0x979/0x1500 [ 63.113094][ T5168] __slab_alloc.constprop.0+0x56/0xa0 [ 63.118458][ T5168] __kmem_cache_alloc_node+0x131/0x310 [ 63.123908][ T5168] kmalloc_trace+0x25/0x60 [ 63.128402][ T5168] tomoyo_find_next_domain+0x102/0x2020 [ 63.133935][ T5168] tomoyo_bprm_check_security+0x12b/0x1d0 [ 63.139648][ T5168] security_bprm_check+0x6a/0xe0 [ 63.144572][ T5168] bprm_execve+0x73a/0x1a90 [ 63.149062][ T5168] do_execveat_common.isra.0+0x5d3/0x740 [ 63.154861][ T5168] __x64_sys_execve+0x8c/0xb0 [ 63.159612][ T5168] do_syscall_64+0x40/0x110 [ 63.164109][ T5168] page last free stack trace: [ 63.168768][ T5168] free_unref_page_prepare+0x4fa/0xaa0 [ 63.174221][ T5168] free_unref_page+0x33/0x3b0 [ 63.178892][ T5168] __unfreeze_partials+0x226/0x240 [ 63.184006][ T5168] qlist_free_all+0x6a/0x170 [ 63.188583][ T5168] kasan_quarantine_reduce+0x18e/0x1d0 [ 63.194027][ T5168] __kasan_slab_alloc+0x65/0x90 [ 63.198870][ T5168] kmem_cache_alloc+0x15d/0x2f0 [ 63.203717][ T5168] vm_area_alloc+0x1f/0x220 [ 63.208210][ T5168] alloc_bprm+0x30c/0xb00 [ 63.212526][ T5168] do_execveat_common.isra.0+0x1cb/0x740 [ 63.218151][ T5168] __x64_sys_execve+0x8c/0xb0 [ 63.222827][ T5168] do_syscall_64+0x40/0x110 [ 63.227319][ T5168] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 63.233208][ T5168] [ 63.235515][ T5168] Memory state around the buggy address: [ 63.241141][ T5168] ffff8880284b0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.249274][ T5168] ffff8880284b0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 63.257321][ T5168] >ffff8880284b1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.265453][ T5168] ^ [ 63.269502][ T5168] ffff8880284b1080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [pid 5171] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5170] +++ exited with 0 +++ [pid 5169] <... ioctl resumed>) = 0 [pid 5167] +++ exited with 0 +++ [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5167, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5170, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5169] close(3 [pid 5072] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5171] <... write resumed>) = 524288 [pid 5069] <... openat resumed>) = 3 [pid 5072] <... openat resumed>) = 3 [pid 5072] newfstatat(3, "", [pid 5069] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(3, [pid 5171] munmap(0x7fa9f93fb000, 138412032 [pid 5169] <... close resumed>) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] close(3 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5169] mkdir("./file0", 0777 [pid 5072] getdents64(3, [pid 5070] <... close resumed>) = 0 [pid 5069] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5171] <... munmap resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5169] <... mkdir resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] unlink("./16/binderfs") = 0 [pid 5069] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5072] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] unlink("./15/binderfs") = 0 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5172 [ 63.277637][ T5168] ffff8880284b1100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 63.285766][ T5168] ================================================================== [pid 5072] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW./strace-static-x86_64: Process 5172 attached [pid 5171] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5172] set_robust_list(0x55555566a660, 24 [pid 5171] <... openat resumed>) = 4 [pid 5172] <... set_robust_list resumed>) = 0 [pid 5171] ioctl(4, LOOP_SET_FD, 3 [pid 5172] chdir("./14") = 0 [pid 5172] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0 [pid 5172] setpgid(0, 0) = 0 [pid 5172] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5171] <... ioctl resumed>) = 0 [pid 5168] <... mount resumed>) = -1 EINVAL (Invalid argument) [pid 5172] write(3, "1000", 4) = 4 [pid 5169] <... mount resumed>) = 0 [pid 5172] close(3 [pid 5169] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5172] <... close resumed>) = 0 [pid 5171] close(3 [pid 5169] <... openat resumed>) = 3 [pid 5168] ioctl(4, LOOP_CLR_FD [pid 5072] <... umount2 resumed>) = 0 [pid 5172] symlink("/dev/binderfs", "./binderfs" [pid 5171] <... close resumed>) = 0 [pid 5169] chdir("./file0" [pid 5172] <... symlink resumed>) = 0 [pid 5171] mkdir("./file0", 0777 [pid 5169] <... chdir resumed>) = 0 [pid 5172] memfd_create("syzkaller", 0) = 3 [pid 5172] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5171] <... mkdir resumed>) = 0 [pid 5169] ioctl(4, LOOP_CLR_FD [pid 5172] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5169] <... ioctl resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [ 63.338848][ T5168] hfsplus: unable to set blocksize to 1024! [ 63.346822][ T5168] hfsplus: unable to find HFS+ superblock [ 63.346884][ T5171] loop3: detected capacity change from 0 to 1024 [pid 5169] close(4 [pid 5172] <... write resumed>) = 524288 [pid 5171] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5169] <... close resumed>) = 0 [pid 5072] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] munmap(0x7fa9f93fb000, 138412032 [pid 5169] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5169] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] <... munmap resumed>) = 0 [pid 5169] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5072] newfstatat(AT_FDCWD, "./15/file0", [pid 5172] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5169] exit_group(0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5172] <... openat resumed>) = 4 [pid 5169] <... exit_group resumed>) = ? [pid 5072] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5169] +++ exited with 0 +++ [pid 5172] ioctl(4, LOOP_SET_FD, 3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5169, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5072] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... restart_syscall resumed>) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5072] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(4, [pid 5073] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] close(4 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... close resumed>) = 0 [pid 5073] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] rmdir("./15/file0" [pid 5073] <... openat resumed>) = 3 [pid 5072] <... rmdir resumed>) = 0 [pid 5073] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] getdents64(3, [pid 5072] getdents64(3, [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] close(3) = 0 [pid 5072] rmdir("./15" [pid 5073] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] <... ioctl resumed>) = 0 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] <... mount resumed>) = 0 [pid 5172] close(3 [pid 5171] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5072] <... rmdir resumed>) = 0 [pid 5172] <... close resumed>) = 0 [pid 5171] <... openat resumed>) = 3 [pid 5172] mkdir("./file0", 0777 [pid 5171] chdir("./file0" [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] mkdir("./16", 0777 [pid 5172] <... mkdir resumed>) = 0 [pid 5171] <... chdir resumed>) = 0 [pid 5073] unlink("./14/binderfs" [pid 5069] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5171] ioctl(4, LOOP_CLR_FD [pid 5073] <... unlink resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5172] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5171] <... ioctl resumed>) = 0 [pid 5073] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5171] close(4) = 0 [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5171] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5072] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5171] <... openat resumed>) = 4 [pid 5069] newfstatat(AT_FDCWD, "./16/file0", [pid 5171] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5171] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5171] exit_group(0 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5171] <... exit_group resumed>) = ? [pid 5171] +++ exited with 0 +++ [pid 5072] close(3) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5168] <... ioctl resumed>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5171, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5172] <... mount resumed>) = 0 [pid 5168] close(4) = 0 [pid 5172] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5168] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5172] <... openat resumed>) = 3 [pid 5168] <... openat resumed>) = 3 [pid 5073] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] chdir("./file0" [pid 5168] ioctl(3, LOOP_SET_BLOCK_SIZE, 2048 [pid 5172] <... chdir resumed>) = 0 [pid 5168] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] ioctl(4, LOOP_CLR_FD [pid 5168] exit_group(0 [pid 5073] newfstatat(AT_FDCWD, "./14/file0", [pid 5071] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5172] <... ioctl resumed>) = 0 [pid 5168] <... exit_group resumed>) = ? [pid 5172] close(4 [pid 5168] +++ exited with 0 +++ [pid 5071] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 4 [pid 5172] <... close resumed>) = 0 [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5173 [pid 5071] newfstatat(3, "", [pid 5069] newfstatat(4, "", [pid 5172] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5168, si_uid=0, si_status=0, si_utime=0, si_stime=4 /* 0.04 s */} --- [pid 5172] <... openat resumed>) = 4 [pid 5071] getdents64(3, [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] umount2("./13", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5172] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] openat(AT_FDCWD, "./13", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5172] exit_group(0 [pid 5073] <... openat resumed>) = 4 [pid 5071] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5069] getdents64(4, [pid 5068] <... openat resumed>) = 3 [pid 5172] <... exit_group resumed>) = ? [pid 5073] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] newfstatat(3, "", [pid 5073] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [ 63.388488][ T5172] loop2: detected capacity change from 0 to 1024 [pid 5073] close(4./strace-static-x86_64: Process 5173 attached [pid 5172] +++ exited with 0 +++ [pid 5071] unlink("./15/binderfs" [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5172, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5068] getdents64(3, [pid 5071] <... unlink resumed>) = 0 [pid 5070] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] getdents64(4, [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] umount2("./13/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] close(4 [pid 5070] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5069] <... close resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] rmdir("./16/file0" [pid 5068] newfstatat(AT_FDCWD, "./13/binderfs", [pid 5070] newfstatat(3, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] getdents64(3, 0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5070] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5068] unlink("./13/binderfs" [pid 5070] newfstatat(AT_FDCWD, "./14/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... unlink resumed>) = 0 [pid 5070] unlink("./14/binderfs" [pid 5068] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... unlink resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] newfstatat(AT_FDCWD, "./13/file0", [pid 5073] <... close resumed>) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] umount2("./13/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] rmdir("./14/file0" [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./13/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] <... rmdir resumed>) = 0 [pid 5068] <... openat resumed>) = 4 [pid 5068] newfstatat(4, "", [pid 5073] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5173] set_robust_list(0x55555566a660, 24 [pid 5068] getdents64(4, [pid 5173] <... set_robust_list resumed>) = 0 [pid 5073] close(3) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] rmdir("./14" [pid 5173] chdir("./16" [pid 5068] getdents64(4, [pid 5173] <... chdir resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] close(4) = 0 [pid 5068] rmdir("./13/file0" [pid 5073] mkdir("./15", 0777) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] getdents64(3, 0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] close(3 [pid 5073] <... openat resumed>) = 3 [pid 5068] <... close resumed>) = 0 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5068] rmdir("./13" [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] close(3) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5173] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5069] close(3 [pid 5068] mkdir("./14", 0777 [pid 5173] <... prctl resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5174 [pid 5068] <... mkdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5173] setpgid(0, 0) = 0 [pid 5069] <... close resumed>) = 0 [pid 5068] <... openat resumed>) = 3 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5070] <... umount2 resumed>) = 0 [pid 5070] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5173] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5068] close(3 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] rmdir("./16" [pid 5070] newfstatat(AT_FDCWD, "./14/file0", [pid 5068] <... close resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... rmdir resumed>) = 0 ./strace-static-x86_64: Process 5175 attached ./strace-static-x86_64: Process 5174 attached [pid 5173] <... openat resumed>) = 3 [pid 5070] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] mkdir("./17", 0777 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5175 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5175] set_robust_list(0x55555566a660, 24 [pid 5174] set_robust_list(0x55555566a660, 24 [pid 5173] write(3, "1000", 4 [pid 5070] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... mkdir resumed>) = 0 [pid 5175] <... set_robust_list resumed>) = 0 [pid 5175] chdir("./14" [pid 5174] <... set_robust_list resumed>) = 0 [pid 5173] <... write resumed>) = 4 [pid 5070] <... openat resumed>) = 4 [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5175] <... chdir resumed>) = 0 [pid 5174] chdir("./15" [pid 5173] close(3 [pid 5070] newfstatat(4, "", [pid 5175] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5174] <... chdir resumed>) = 0 [pid 5173] <... close resumed>) = 0 [pid 5174] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5173] symlink("/dev/binderfs", "./binderfs" [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5175] <... prctl resumed>) = 0 [pid 5175] setpgid(0, 0) = 0 [pid 5173] <... symlink resumed>) = 0 [pid 5070] getdents64(4, [pid 5174] <... prctl resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5174] setpgid(0, 0 [pid 5070] getdents64(4, [pid 5174] <... setpgid resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5175] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5174] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5175] <... openat resumed>) = 3 [pid 5070] close(4 [pid 5174] <... openat resumed>) = 3 [pid 5173] memfd_create("syzkaller", 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5174] write(3, "1000", 4 [pid 5070] <... close resumed>) = 0 [pid 5174] <... write resumed>) = 4 [pid 5070] rmdir("./14/file0" [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5174] close(3 [pid 5175] write(3, "1000", 4) = 4 [pid 5175] close(3) = 0 [pid 5175] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5174] <... close resumed>) = 0 [pid 5173] <... memfd_create resumed>) = 3 [pid 5070] <... rmdir resumed>) = 0 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5175] memfd_create("syzkaller", 0 [pid 5174] symlink("/dev/binderfs", "./binderfs" [pid 5069] close(3 [pid 5175] <... memfd_create resumed>) = 3 [pid 5175] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fa9f93fb000 [pid 5174] <... symlink resumed>) = 0 [pid 5173] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] getdents64(3, [pid 5069] <... close resumed>) = 0 [pid 5174] memfd_create("syzkaller", 0 [pid 5173] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5174] <... memfd_create resumed>) = 3 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5174] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5071] newfstatat(AT_FDCWD, "./15/file0", ./strace-static-x86_64: Process 5176 attached [pid 5175] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5174] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5173] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5176 [pid 5176] set_robust_list(0x55555566a660, 24) = 0 [pid 5176] chdir("./17" [pid 5071] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] close(3 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] <... close resumed>) = 0 [pid 5071] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] rmdir("./14" [pid 5176] <... chdir resumed>) = 0 [pid 5071] <... openat resumed>) = 4 [pid 5070] <... rmdir resumed>) = 0 [pid 5174] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5071] newfstatat(4, "", [pid 5070] mkdir("./15", 0777 [pid 5175] <... write resumed>) = 524288 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] <... mkdir resumed>) = 0 [pid 5176] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5071] getdents64(4, [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5176] <... prctl resumed>) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] <... openat resumed>) = 3 [pid 5176] setpgid(0, 0 [pid 5071] getdents64(4, [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5176] <... setpgid resumed>) = 0 [pid 5175] munmap(0x7fa9f93fb000, 138412032 [pid 5173] <... write resumed>) = 524288 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5176] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5175] <... munmap resumed>) = 0 [pid 5071] close(4 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... close resumed>) = 0 [pid 5070] close(3 [pid 5176] <... openat resumed>) = 3 [pid 5175] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5071] rmdir("./15/file0" [pid 5070] <... close resumed>) = 0 [pid 5175] <... openat resumed>) = 4 [pid 5071] <... rmdir resumed>) = 0 [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5176] write(3, "1000", 4 [pid 5175] ioctl(4, LOOP_SET_FD, 3 [pid 5176] <... write resumed>) = 4 [pid 5174] <... write resumed>) = 524288 [pid 5071] getdents64(3, [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5177 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] close(3) = 0 [pid 5071] rmdir("./15") = 0 [pid 5071] mkdir("./16", 0777) = 0 [pid 5174] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5173] munmap(0x7fa9f93fb000, 138412032 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR./strace-static-x86_64: Process 5177 attached [pid 5176] close(3 [pid 5175] <... ioctl resumed>) = 0 [pid 5174] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5173] <... munmap resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5177] set_robust_list(0x55555566a660, 24 [pid 5176] <... close resumed>) = 0 [pid 5174] <... openat resumed>) = 4 [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5177] <... set_robust_list resumed>) = 0 [pid 5176] symlink("/dev/binderfs", "./binderfs" [pid 5175] close(3 [pid 5173] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5177] chdir("./15" [pid 5176] <... symlink resumed>) = 0 [pid 5174] ioctl(4, LOOP_SET_FD, 3 [pid 5173] <... openat resumed>) = 4 [pid 5071] close(3 [pid 5175] <... close resumed>) = 0 [pid 5177] <... chdir resumed>) = 0 [pid 5176] memfd_create("syzkaller", 0 [pid 5175] mkdir("./file0", 0777 [pid 5174] <... ioctl resumed>) = 0 [pid 5173] ioctl(4, LOOP_SET_FD, 3 [pid 5071] <... close resumed>) = 0 [pid 5177] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5176] <... memfd_create resumed>) = 3 [pid 5175] <... mkdir resumed>) = 0 [pid 5177] <... prctl resumed>) = 0 [pid 5176] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5175] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5177] setpgid(0, 0 [pid 5176] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5173] <... ioctl resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5177] <... setpgid resumed>) = 0 [pid 5177] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5177] write(3, "1000", 4./strace-static-x86_64: Process 5178 attached ) = 4 [pid 5174] close(3 [pid 5173] close(3 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5178 [pid 5178] set_robust_list(0x55555566a660, 24 [pid 5177] close(3 [pid 5174] <... close resumed>) = 0 [pid 5177] <... close resumed>) = 0 [pid 5174] mkdir("./file0", 0777 [pid 5177] symlink("/dev/binderfs", "./binderfs" [pid 5178] <... set_robust_list resumed>) = 0 [pid 5177] <... symlink resumed>) = 0 [pid 5174] <... mkdir resumed>) = 0 [pid 5173] <... close resumed>) = 0 [pid 5178] chdir("./16" [pid 5177] memfd_create("syzkaller", 0 [pid 5174] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5173] mkdir("./file0", 0777 [pid 5178] <... chdir resumed>) = 0 [pid 5177] <... memfd_create resumed>) = 3 [pid 5177] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5178] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5177] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5173] <... mkdir resumed>) = 0 [pid 5178] <... prctl resumed>) = 0 [pid 5177] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5176] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5173] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5178] setpgid(0, 0) = 0 [pid 5178] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3 [pid 5178] write(3, "1000", 4) = 4 [pid 5178] close(3 [pid 5175] <... mount resumed>) = 0 [pid 5175] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5178] <... close resumed>) = 0 [pid 5175] <... openat resumed>) = 3 [pid 5175] chdir("./file0") = 0 [pid 5175] ioctl(4, LOOP_CLR_FD) = 0 [pid 5175] close(4) = 0 [pid 5175] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5175] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5176] <... write resumed>) = 524288 [pid 5178] symlink("/dev/binderfs", "./binderfs" [pid 5174] <... mount resumed>) = 0 [pid 5178] <... symlink resumed>) = 0 [pid 5177] <... write resumed>) = 524288 [pid 5176] munmap(0x7fa9f93fb000, 138412032 [pid 5174] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5173] <... mount resumed>) = 0 [pid 5178] memfd_create("syzkaller", 0 [pid 5174] <... openat resumed>) = 3 [pid 5173] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5177] munmap(0x7fa9f93fb000, 138412032 [pid 5174] chdir("./file0" [pid 5178] <... memfd_create resumed>) = 3 [pid 5177] <... munmap resumed>) = 0 [pid 5176] <... munmap resumed>) = 0 [pid 5174] <... chdir resumed>) = 0 [pid 5173] <... openat resumed>) = 3 [pid 5174] ioctl(4, LOOP_CLR_FD [pid 5178] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5173] chdir("./file0" [pid 5178] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5174] close(4 [pid 5173] <... chdir resumed>) = 0 [pid 5174] <... close resumed>) = 0 [pid 5177] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5174] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5177] <... openat resumed>) = 4 [pid 5176] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5174] <... openat resumed>) = 4 [pid 5173] ioctl(4, LOOP_CLR_FD [ 63.528468][ T5175] loop0: detected capacity change from 0 to 1024 [ 63.554916][ T5174] loop5: detected capacity change from 0 to 1024 [ 63.562254][ T5173] loop4: detected capacity change from 0 to 1024 [pid 5177] ioctl(4, LOOP_SET_FD, 3 [pid 5176] <... openat resumed>) = 4 [pid 5174] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5178] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5173] <... ioctl resumed>) = 0 [pid 5173] close(4) = 0 [pid 5173] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5176] ioctl(4, LOOP_SET_FD, 3 [pid 5173] <... openat resumed>) = 4 [pid 5173] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5177] <... ioctl resumed>) = 0 [pid 5178] <... write resumed>) = 524288 [pid 5176] <... ioctl resumed>) = 0 [pid 5178] munmap(0x7fa9f93fb000, 138412032 [pid 5177] close(3 [pid 5176] close(3 [pid 5175] <... ioctl resumed>) = 0 [pid 5174] <... ioctl resumed>) = 0 [pid 5173] <... ioctl resumed>) = 0 [pid 5178] <... munmap resumed>) = 0 [pid 5177] <... close resumed>) = 0 [pid 5176] <... close resumed>) = 0 [pid 5175] exit_group(0 [pid 5174] exit_group(0 [pid 5173] exit_group(0 [pid 5177] mkdir("./file0", 0777 [pid 5176] mkdir("./file0", 0777 [pid 5175] <... exit_group resumed>) = ? [pid 5174] <... exit_group resumed>) = ? [pid 5173] <... exit_group resumed>) = ? [pid 5178] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5177] <... mkdir resumed>) = 0 [pid 5176] <... mkdir resumed>) = 0 [pid 5175] +++ exited with 0 +++ [pid 5174] +++ exited with 0 +++ [pid 5173] +++ exited with 0 +++ [pid 5178] <... openat resumed>) = 4 [ 63.601203][ T5177] loop2: detected capacity change from 0 to 1024 [ 63.609832][ T5176] loop1: detected capacity change from 0 to 1024 [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5174, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5175, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5073] restart_syscall(<... resuming interrupted clone ...> [pid 5068] restart_syscall(<... resuming interrupted clone ...> [pid 5178] ioctl(4, LOOP_SET_FD, 3 [pid 5177] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5176] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5073] <... restart_syscall resumed>) = 0 [pid 5068] <... restart_syscall resumed>) = 0 [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5173, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5178] <... ioctl resumed>) = 0 [pid 5178] close(3) = 0 [pid 5073] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] mkdir("./file0", 0777 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] umount2("./14", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [pid 5072] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] <... mkdir resumed>) = 0 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] newfstatat(3, "", [pid 5068] openat(AT_FDCWD, "./14", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5178] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5072] <... openat resumed>) = 3 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] getdents64(3, [pid 5072] newfstatat(3, "", [pid 5068] <... openat resumed>) = 3 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] newfstatat(3, "", [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] getdents64(3, [pid 5073] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5176] <... mount resumed>) = 0 [pid 5073] unlink("./15/binderfs" [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] getdents64(3, [pid 5176] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5073] <... unlink resumed>) = 0 [pid 5072] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5176] <... openat resumed>) = 3 [pid 5073] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5068] umount2("./14/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5176] chdir("./file0" [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5176] <... chdir resumed>) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] unlink("./16/binderfs" [pid 5176] ioctl(4, LOOP_CLR_FD [pid 5072] <... unlink resumed>) = 0 [pid 5068] newfstatat(AT_FDCWD, "./14/binderfs", [pid 5176] <... ioctl resumed>) = 0 [pid 5176] close(4 [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5177] <... mount resumed>) = 0 [pid 5176] <... close resumed>) = 0 [pid 5072] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] unlink("./14/binderfs" [pid 5177] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5176] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5068] <... unlink resumed>) = 0 [pid 5177] <... openat resumed>) = 3 [pid 5176] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5177] chdir("./file0" [pid 5068] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] <... mount resumed>) = 0 [pid 5177] <... chdir resumed>) = 0 [pid 5176] <... ioctl resumed>) = 0 [pid 5068] <... umount2 resumed>) = 0 [pid 5178] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5177] ioctl(4, LOOP_CLR_FD [pid 5176] exit_group(0 [pid 5068] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5178] <... openat resumed>) = 3 [pid 5177] <... ioctl resumed>) = 0 [pid 5176] <... exit_group resumed>) = ? [pid 5178] chdir("./file0" [pid 5177] close(4 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5178] <... chdir resumed>) = 0 [pid 5178] ioctl(4, LOOP_CLR_FD) = 0 [pid 5178] close(4) = 0 [pid 5178] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5178] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5178] exit_group(0) = ? [pid 5177] <... close resumed>) = 0 [pid 5176] +++ exited with 0 +++ [pid 5068] newfstatat(AT_FDCWD, "./14/file0", [pid 5178] +++ exited with 0 +++ [pid 5177] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5176, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5178, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5177] <... openat resumed>) = 4 [pid 5071] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./14/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5177] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5177] <... ioctl resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5071] newfstatat(3, "", [pid 5068] openat(AT_FDCWD, "./14/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] getdents64(3, [pid 5068] <... openat resumed>) = 4 [pid 5177] exit_group(0 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] newfstatat(4, "", [pid 5177] <... exit_group resumed>) = ? [pid 5071] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5069] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5071] unlink("./16/binderfs" [pid 5069] newfstatat(3, "", [pid 5071] <... unlink resumed>) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(3, [pid 5177] +++ exited with 0 +++ [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5068] getdents64(4, [pid 5069] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5177, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] getdents64(4, [pid 5070] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] unlink("./17/binderfs" [pid 5070] <... openat resumed>) = 3 [pid 5069] <... unlink resumed>) = 0 [pid 5068] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] newfstatat(3, "", [pid 5069] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] close(4 [pid 5073] <... umount2 resumed>) = 0 [ 63.645968][ T5178] loop3: detected capacity change from 0 to 1024 [pid 5070] getdents64(3, [pid 5072] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] <... umount2 resumed>) = 0 [pid 5068] rmdir("./14/file0" [pid 5070] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5070] newfstatat(AT_FDCWD, "./15/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] unlink("./15/binderfs" [pid 5069] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] <... unlink resumed>) = 0 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./17/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... rmdir resumed>) = 0 [pid 5073] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] getdents64(3, [pid 5069] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] getdents64(4, [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(AT_FDCWD, "./16/file0", [pid 5069] getdents64(4, [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5073] newfstatat(AT_FDCWD, "./15/file0", [pid 5072] newfstatat(AT_FDCWD, "./16/file0", [pid 5068] close(3 [pid 5069] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] close(4 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... close resumed>) = 0 [pid 5068] <... close resumed>) = 0 [pid 5072] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] rmdir("./14" [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] rmdir("./17/file0") = 0 [pid 5068] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5073] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] <... openat resumed>) = 4 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] mkdir("./15", 0777 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] close(3 [pid 5071] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] <... close resumed>) = 0 [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] rmdir("./17" [pid 5072] newfstatat(4, "", [pid 5068] <... mkdir resumed>) = 0 [pid 5073] <... openat resumed>) = 4 [pid 5073] newfstatat(4, "", [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] <... rmdir resumed>) = 0 [pid 5068] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] getdents64(4, [pid 5071] <... openat resumed>) = 4 [pid 5073] getdents64(4, [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] newfstatat(4, "", [pid 5070] <... umount2 resumed>) = 0 [pid 5069] mkdir("./18", 0777 [pid 5068] <... openat resumed>) = 3 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] getdents64(4, [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] getdents64(4, [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... mkdir resumed>) = 0 [pid 5068] ioctl(3, LOOP_CLR_FD [pid 5071] getdents64(4, [pid 5070] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] close(4 [pid 5070] newfstatat(AT_FDCWD, "./15/file0", [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5068] close(3 [pid 5072] close(4 [pid 5071] <... close resumed>) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5073] getdents64(4, [pid 5072] <... close resumed>) = 0 [pid 5071] rmdir("./16/file0" [pid 5070] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... close resumed>) = 0 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] rmdir("./16/file0" [pid 5071] <... rmdir resumed>) = 0 [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5073] close(4 [pid 5072] <... rmdir resumed>) = 0 [pid 5070] <... openat resumed>) = 4 [pid 5068] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] getdents64(3, [pid 5073] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] getdents64(3, [pid 5070] newfstatat(4, "", [pid 5069] close(3 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... close resumed>) = 0 [pid 5071] close(3 [pid 5070] getdents64(4, [pid 5069] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5073] rmdir("./15/file0" [pid 5072] close(3 [pid 5071] <... close resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 ./strace-static-x86_64: Process 5179 attached [pid 5072] <... close resumed>) = 0 [pid 5071] rmdir("./16" [pid 5070] getdents64(4, [pid 5073] <... rmdir resumed>) = 0 [pid 5072] rmdir("./16" [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5068] <... clone resumed>, child_tidptr=0x55555566a650) = 5179 [pid 5070] close(4 [pid 5179] set_robust_list(0x55555566a660, 24 [pid 5070] <... close resumed>) = 0 [pid 5179] <... set_robust_list resumed>) = 0 [pid 5070] rmdir("./15/file0"./strace-static-x86_64: Process 5180 attached [pid 5179] chdir("./15" [pid 5073] getdents64(3, [pid 5072] <... rmdir resumed>) = 0 [pid 5071] mkdir("./17", 0777 [pid 5070] <... rmdir resumed>) = 0 [pid 5180] set_robust_list(0x55555566a660, 24 [pid 5179] <... chdir resumed>) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] mkdir("./17", 0777 [pid 5071] <... mkdir resumed>) = 0 [pid 5069] <... clone resumed>, child_tidptr=0x55555566a650) = 5180 [pid 5180] <... set_robust_list resumed>) = 0 [pid 5073] close(3 [pid 5179] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5070] getdents64(3, [pid 5179] <... prctl resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5180] chdir("./18" [pid 5179] setpgid(0, 0 [pid 5073] <... close resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5071] <... openat resumed>) = 3 [pid 5070] close(3 [pid 5180] <... chdir resumed>) = 0 [pid 5179] <... setpgid resumed>) = 0 [pid 5073] rmdir("./15" [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5180] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5179] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5071] ioctl(3, LOOP_CLR_FD [pid 5070] <... close resumed>) = 0 [pid 5072] <... openat resumed>) = 3 [pid 5180] <... prctl resumed>) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5180] setpgid(0, 0 [pid 5179] <... openat resumed>) = 3 [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5071] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] rmdir("./15" [pid 5180] <... setpgid resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] close(3 [pid 5070] <... rmdir resumed>) = 0 [pid 5179] write(3, "1000", 4 [pid 5071] close(3 [pid 5180] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5179] <... write resumed>) = 4 [pid 5073] mkdir("./16", 0777 [pid 5072] <... close resumed>) = 0 [pid 5071] <... close resumed>) = 0 [pid 5179] close(3 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] mkdir("./16", 0777 [pid 5179] <... close resumed>) = 0 [pid 5073] <... mkdir resumed>) = 0 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5179] symlink("/dev/binderfs", "./binderfs" [pid 5070] <... mkdir resumed>) = 0 ./strace-static-x86_64: Process 5181 attached [pid 5179] <... symlink resumed>) = 0 ./strace-static-x86_64: Process 5182 attached [pid 5179] memfd_create("syzkaller", 0 [pid 5181] set_robust_list(0x55555566a660, 24) = 0 [pid 5070] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5182] set_robust_list(0x55555566a660, 24 [pid 5181] chdir("./17" [pid 5180] <... openat resumed>) = 3 [pid 5179] <... memfd_create resumed>) = 3 [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5182 [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5181 [pid 5070] <... openat resumed>) = 3 [pid 5182] <... set_robust_list resumed>) = 0 [pid 5181] <... chdir resumed>) = 0 [pid 5179] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5070] ioctl(3, LOOP_CLR_FD [pid 5182] chdir("./17" [pid 5181] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5179] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5073] <... openat resumed>) = 3 [pid 5070] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5182] <... chdir resumed>) = 0 [pid 5181] <... prctl resumed>) = 0 [pid 5180] write(3, "1000", 4 [pid 5179] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5070] close(3 [pid 5181] setpgid(0, 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5073] close(3 [pid 5181] <... setpgid resumed>) = 0 [pid 5070] <... close resumed>) = 0 [pid 5182] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5181] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5180] <... write resumed>) = 4 [pid 5073] <... close resumed>) = 0 [pid 5180] close(3 [pid 5182] <... prctl resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 5184 attached ./strace-static-x86_64: Process 5183 attached [pid 5182] setpgid(0, 0 [pid 5181] <... openat resumed>) = 3 [pid 5180] <... close resumed>) = 0 [pid 5179] <... write resumed>) = 524288 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5183 [pid 5070] <... clone resumed>, child_tidptr=0x55555566a650) = 5184 [pid 5184] set_robust_list(0x55555566a660, 24 [pid 5183] set_robust_list(0x55555566a660, 24 [pid 5181] write(3, "1000", 4 [pid 5180] symlink("/dev/binderfs", "./binderfs" [pid 5179] munmap(0x7fa9f93fb000, 138412032 [pid 5184] <... set_robust_list resumed>) = 0 [pid 5183] <... set_robust_list resumed>) = 0 [pid 5181] <... write resumed>) = 4 [pid 5179] <... munmap resumed>) = 0 [pid 5184] chdir("./16" [pid 5183] chdir("./16" [pid 5182] <... setpgid resumed>) = 0 [pid 5181] close(3 [pid 5180] <... symlink resumed>) = 0 [pid 5184] <... chdir resumed>) = 0 [pid 5183] <... chdir resumed>) = 0 [pid 5181] <... close resumed>) = 0 [pid 5184] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5183] prctl(PR_SET_PDEATHSIG, SIGKILL [pid 5181] symlink("/dev/binderfs", "./binderfs" [pid 5179] openat(AT_FDCWD, "/dev/loop0", O_RDWR [pid 5184] <... prctl resumed>) = 0 [pid 5183] <... prctl resumed>) = 0 [pid 5182] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5181] <... symlink resumed>) = 0 [pid 5180] memfd_create("syzkaller", 0 [pid 5184] setpgid(0, 0 [pid 5183] setpgid(0, 0 [pid 5181] memfd_create("syzkaller", 0 [pid 5179] <... openat resumed>) = 4 [pid 5184] <... setpgid resumed>) = 0 [pid 5183] <... setpgid resumed>) = 0 [pid 5182] <... openat resumed>) = 3 [pid 5181] <... memfd_create resumed>) = 3 [pid 5180] <... memfd_create resumed>) = 3 [pid 5179] ioctl(4, LOOP_SET_FD, 3 [pid 5184] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5183] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC [pid 5182] write(3, "1000", 4 [pid 5181] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5180] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5182] <... write resumed>) = 4 [pid 5182] close(3) = 0 [pid 5180] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5182] symlink("/dev/binderfs", "./binderfs") = 0 [pid 5181] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5183] <... openat resumed>) = 3 [pid 5182] memfd_create("syzkaller", 0) = 3 [pid 5181] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5184] <... openat resumed>) = 3 [pid 5184] write(3, "1000", 4 [pid 5183] write(3, "1000", 4 [pid 5184] <... write resumed>) = 4 [pid 5183] <... write resumed>) = 4 [pid 5184] close(3 [pid 5183] close(3 [pid 5184] <... close resumed>) = 0 [pid 5183] <... close resumed>) = 0 [pid 5184] symlink("/dev/binderfs", "./binderfs" [pid 5183] symlink("/dev/binderfs", "./binderfs" [pid 5184] <... symlink resumed>) = 0 [pid 5183] <... symlink resumed>) = 0 [pid 5180] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5184] memfd_create("syzkaller", 0 [pid 5183] memfd_create("syzkaller", 0) = 3 [pid 5184] <... memfd_create resumed>) = 3 [pid 5183] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5182] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5184] mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 [pid 5183] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5182] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5181] <... write resumed>) = 524288 [pid 5184] <... mmap resumed>) = 0x7fa9f93fb000 [pid 5183] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5182] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5184] write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 524288 [pid 5181] munmap(0x7fa9f93fb000, 138412032 [pid 5179] <... ioctl resumed>) = 0 [pid 5181] <... munmap resumed>) = 0 [pid 5183] <... write resumed>) = 524288 [pid 5179] close(3 [pid 5181] openat(AT_FDCWD, "/dev/loop3", O_RDWR [pid 5180] <... write resumed>) = 524288 [pid 5179] <... close resumed>) = 0 [pid 5182] <... write resumed>) = 524288 [pid 5181] <... openat resumed>) = 4 [pid 5179] mkdir("./file0", 0777 [pid 5182] munmap(0x7fa9f93fb000, 138412032 [pid 5181] ioctl(4, LOOP_SET_FD, 3 [pid 5180] munmap(0x7fa9f93fb000, 138412032 [pid 5179] <... mkdir resumed>) = 0 [pid 5179] mount("/dev/loop0", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5183] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5184] <... write resumed>) = 524288 [pid 5184] munmap(0x7fa9f93fb000, 138412032) = 0 [pid 5183] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5182] <... munmap resumed>) = 0 [pid 5179] <... mount resumed>) = 0 [pid 5180] <... munmap resumed>) = 0 [pid 5179] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5179] chdir("./file0" [pid 5183] <... openat resumed>) = 4 [pid 5180] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5179] <... chdir resumed>) = 0 [pid 5179] ioctl(4, LOOP_CLR_FD [pid 5184] openat(AT_FDCWD, "/dev/loop2", O_RDWR [pid 5179] <... ioctl resumed>) = 0 [pid 5180] <... openat resumed>) = 4 [pid 5184] <... openat resumed>) = 4 [pid 5183] ioctl(4, LOOP_SET_FD, 3 [pid 5180] ioctl(4, LOOP_SET_FD, 3 [pid 5179] close(4 [pid 5184] ioctl(4, LOOP_SET_FD, 3 [pid 5182] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5179] <... close resumed>) = 0 [pid 5179] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5182] <... openat resumed>) = 4 [pid 5179] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [ 63.760110][ T5179] loop0: detected capacity change from 0 to 1024 [ 63.795118][ T5181] loop3: detected capacity change from 0 to 1024 [pid 5182] ioctl(4, LOOP_SET_FD, 3 [pid 5181] <... ioctl resumed>) = 0 [pid 5182] <... ioctl resumed>) = 0 [pid 5182] close(3) = 0 [pid 5182] mkdir("./file0", 0777) = 0 [pid 5182] mount("/dev/loop4", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5181] close(3) = 0 [pid 5181] mkdir("./file0", 0777) = 0 [pid 5181] mount("/dev/loop3", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5183] <... ioctl resumed>) = 0 [pid 5180] <... ioctl resumed>) = 0 [pid 5180] close(3 [pid 5182] <... mount resumed>) = 0 [pid 5180] <... close resumed>) = 0 [pid 5180] mkdir("./file0", 0777 [pid 5182] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5182] chdir("./file0") = 0 [pid 5182] ioctl(4, LOOP_CLR_FD) = 0 [pid 5182] close(4) = 0 [pid 5182] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [pid 5182] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5181] <... mount resumed>) = 0 [pid 5181] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5181] chdir("./file0") = 0 [pid 5181] ioctl(4, LOOP_CLR_FD) = 0 [pid 5181] close(4 [pid 5184] <... ioctl resumed>) = 0 [pid 5183] close(3 [pid 5181] <... close resumed>) = 0 [pid 5180] <... mkdir resumed>) = 0 [pid 5181] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [ 63.807268][ T5180] loop1: detected capacity change from 0 to 1024 [ 63.807858][ T5182] loop4: detected capacity change from 0 to 1024 [ 63.825553][ T5184] loop2: detected capacity change from 0 to 1024 [ 63.833206][ T5183] loop5: detected capacity change from 0 to 1024 [ 63.843311][ T4522] ------------[ cut here ]------------ [ 63.848876][ T4522] kernel BUG at arch/x86/mm/physaddr.c:28! [pid 5181] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5184] close(3 [pid 5183] <... close resumed>) = 0 [pid 5180] mount("/dev/loop1", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5184] <... close resumed>) = 0 [pid 5183] mkdir("./file0", 0777 [pid 5184] mkdir("./file0", 0777) = 0 [pid 5183] <... mkdir resumed>) = 0 [pid 5184] mount("/dev/loop2", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5183] mount("/dev/loop5", "./file0", "hfsplus", MS_NODEV|MS_SYNCHRONOUS|MS_MANDLOCK|MS_REC|MS_POSIXACL|MS_I_VERSION, "" [pid 5180] <... mount resumed>) = 0 [pid 5183] <... mount resumed>) = 0 [pid 5183] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 [pid 5180] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5183] chdir("./file0" [pid 5180] <... openat resumed>) = 3 [pid 5184] <... mount resumed>) = 0 [pid 5183] <... chdir resumed>) = 0 [pid 5180] chdir("./file0") = 0 [pid 5183] ioctl(4, LOOP_CLR_FD [pid 5180] ioctl(4, LOOP_CLR_FD [pid 5184] openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY [pid 5183] <... ioctl resumed>) = 0 [pid 5180] <... ioctl resumed>) = 0 [pid 5184] <... openat resumed>) = 3 [pid 5183] close(4 [pid 5180] close(4 [pid 5184] chdir("./file0" [pid 5183] <... close resumed>) = 0 [pid 5180] <... close resumed>) = 0 [pid 5184] <... chdir resumed>) = 0 [pid 5183] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5180] openat(AT_FDCWD, "/dev/loop0", O_RDONLY [pid 5184] ioctl(4, LOOP_CLR_FD [pid 5183] <... openat resumed>) = 4 [pid 5180] <... openat resumed>) = 4 [pid 5184] <... ioctl resumed>) = 0 [pid 5184] close(4 [pid 5183] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5180] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048 [pid 5184] <... close resumed>) = 0 [pid 5184] openat(AT_FDCWD, "/dev/loop0", O_RDONLY) = 4 [ 63.855496][ T4522] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 63.861572][ T4522] CPU: 1 PID: 4522 Comm: udevd Tainted: G B 6.7.0-rc5-syzkaller-00042-g88035e5694a8 #0 [ 63.872579][ T4522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023 [ 63.882768][ T4522] RIP: 0010:__phys_addr+0xd4/0x140 [ 63.887932][ T4522] Code: 89 d8 31 ff 48 d3 e8 48 89 c5 48 89 c6 e8 74 50 4c 00 48 85 ed 75 0d e8 da 54 4c 00 48 89 d8 5b 5d 41 5c c3 e8 cd 54 4c 00 90 <0f> 0b e8 c5 54 4c 00 48 c7 c0 10 00 da 8c 48 ba 00 00 00 00 00 fc [ 63.907656][ T4522] RSP: 0018:ffffc9000311fc28 EFLAGS: 00010293 [ 63.913708][ T4522] RAX: 0000000000000000 RBX: 0001784004002b48 RCX: ffffffff813b38b0 [ 63.921669][ T4522] RDX: ffff88807a895940 RSI: ffffffff813b3933 RDI: 0000000000000006 [ 63.929644][ T4522] RBP: 000100c084002b48 R08: 0000000000000006 R09: 000100c084002b48 [ 63.937597][ T4522] R10: 0001784004002b48 R11: 1ffffffff19f6e10 R12: 0000000000000000 [ 63.945556][ T4522] R13: ffffc9000311fc88 R14: 000100c004002b48 R15: 0000000000000000 [ 63.953515][ T4522] FS: 00007fa1573cbc80(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 63.962865][ T4522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.969446][ T4522] CR2: 00007faa018b20f8 CR3: 00000000278f1000 CR4: 0000000000350ef0 [ 63.977415][ T4522] Call Trace: [ 63.980681][ T4522] [ 63.983598][ T4522] ? show_regs+0x8f/0xa0 [ 63.987836][ T4522] ? die+0x36/0xa0 [ 63.991551][ T4522] ? do_trap+0x22b/0x420 [ 63.995807][ T4522] ? __phys_addr+0xd4/0x140 [ 64.000303][ T4522] ? __phys_addr+0xd4/0x140 [ 64.004804][ T4522] ? do_error_trap+0xf4/0x230 [ 64.009471][ T4522] ? __phys_addr+0xd4/0x140 [ 64.014056][ T4522] ? handle_invalid_op+0x34/0x40 [ 64.019026][ T4522] ? __phys_addr+0xd4/0x140 [ 64.023520][ T4522] ? exc_invalid_op+0x2e/0x40 [ 64.028193][ T4522] ? asm_exc_invalid_op+0x1a/0x20 [ 64.033227][ T4522] ? __phys_addr+0x50/0x140 [ 64.037741][ T4522] ? __phys_addr+0xd3/0x140 [ 64.042243][ T4522] ? __phys_addr+0xd4/0x140 [ 64.046741][ T4522] ? __phys_addr+0xd3/0x140 [ 64.051234][ T4522] qlist_free_all+0x86/0x170 [ 64.055832][ T4522] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 64.061817][ T4522] kasan_quarantine_reduce+0x18e/0x1d0 [ 64.067271][ T4522] __kasan_slab_alloc+0x65/0x90 [ 64.072117][ T4522] kmem_cache_alloc+0x15d/0x2f0 [ 64.076963][ T4522] ? rcu_is_watching+0x12/0xb0 [ 64.081719][ T4522] getname_flags.part.0+0x50/0x4e0 [ 64.086822][ T4522] getname_flags+0x9c/0xf0 [ 64.091317][ T4522] vfs_fstatat+0x9a/0x140 [ 64.095641][ T4522] __do_sys_newfstatat+0x98/0x110 [ 64.100660][ T4522] ? __do_compat_sys_newlstat+0x110/0x110 [ 64.106380][ T4522] ? rcu_is_watching+0x12/0xb0 [ 64.111134][ T4522] ? trace_irq_enable.constprop.0+0xd0/0x100 [ 64.117113][ T4522] do_syscall_64+0x40/0x110 [ 64.121612][ T4522] entry_SYSCALL_64_after_hwframe+0x63/0x6b [ 64.127503][ T4522] RIP: 0033:0x7fa156f165f4 [ 64.131918][ T4522] Code: 64 c7 00 09 00 00 00 83 c8 ff c3 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 00 00 00 00 41 89 ca b8 06 01 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 10 48 8b 15 03 a8 0d 00 f7 d8 41 83 c8 [ 64.151513][ T4522] RSP: 002b:00007fffa9815ca8 EFLAGS: 00000246 ORIG_RAX: 0000000000000106 [ 64.159922][ T4522] RAX: ffffffffffffffda RBX: 0000560fc001ff80 RCX: 00007fa156f165f4 [ 64.167884][ T4522] RDX: 00007fffa9815cb8 RSI: 00007fffa9816148 RDI: 00000000ffffff9c [ 64.176282][ T4522] RBP: 00007fffa9815d48 R08: 0000000000000000 R09: 0000000000000000 [ 64.184244][ T4522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffa9816148 [ 64.192207][ T4522] R13: 00007fffa9815cb8 R14: 0000560fc000e910 R15: 0000000000000000 [ 64.200171][ T4522] [ 64.203174][ T4522] Modules linked in: [pid 5184] ioctl(4, LOOP_SET_BLOCK_SIZE, 2048) = 0 [pid 5183] <... ioctl resumed>) = 0 [pid 5182] <... ioctl resumed>) = 0 [pid 5181] <... ioctl resumed>) = 0 [pid 5180] <... ioctl resumed>) = 0 [pid 5179] <... ioctl resumed>) = 0 [pid 5179] exit_group(0 [pid 5182] exit_group(0 [pid 5181] exit_group(0 [pid 5179] <... exit_group resumed>) = ? [pid 5182] <... exit_group resumed>) = ? [pid 5181] <... exit_group resumed>) = ? [pid 5180] exit_group(0 [pid 5184] exit_group(0 [pid 5183] exit_group(0 [pid 5182] +++ exited with 0 +++ [pid 5181] +++ exited with 0 +++ [pid 5180] <... exit_group resumed>) = ? [pid 5179] +++ exited with 0 +++ [pid 5184] <... exit_group resumed>) = ? [pid 5183] <... exit_group resumed>) = ? [pid 5180] +++ exited with 0 +++ [pid 5072] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5182, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5071] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5181, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5072] restart_syscall(<... resuming interrupted clone ...> [pid 5071] restart_syscall(<... resuming interrupted clone ...> [pid 5072] <... restart_syscall resumed>) = 0 [pid 5071] <... restart_syscall resumed>) = 0 [pid 5072] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./17", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./17", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5183] +++ exited with 0 +++ [pid 5072] <... openat resumed>) = 3 [pid 5071] <... openat resumed>) = 3 [pid 5184] +++ exited with 0 +++ [pid 5072] newfstatat(3, "", [pid 5071] newfstatat(3, "", [pid 5073] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5183, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] getdents64(3, [pid 5071] getdents64(3, [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5072] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./17/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... openat resumed>) = 3 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(3, "", [pid 5072] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5071] newfstatat(AT_FDCWD, "./17/binderfs", [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] getdents64(3, [pid 5072] unlink("./17/binderfs" [pid 5071] unlink("./17/binderfs" [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5072] <... unlink resumed>) = 0 [pid 5071] <... unlink resumed>) = 0 [pid 5073] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] newfstatat(AT_FDCWD, "./16/binderfs", {st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] unlink("./16/binderfs") = 0 [pid 5073] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5179, si_uid=0, si_status=0, si_utime=0, si_stime=0} --- [pid 5068] restart_syscall(<... resuming interrupted clone ...>) = 0 [pid 5073] <... umount2 resumed>) = 0 [pid 5071] <... umount2 resumed>) = 0 [pid 5068] umount2("./15", MNT_DETACH|UMOUNT_NOFOLLOW) = -1 EINVAL (Invalid argument) [pid 5068] openat(AT_FDCWD, "./15", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 [ 64.207583][ T4522] ---[ end trace 0000000000000000 ]--- [ 64.213581][ T4522] RIP: 0010:__phys_addr+0xd4/0x140 [ 64.220498][ T4522] Code: 89 d8 31 ff 48 d3 e8 48 89 c5 48 89 c6 e8 74 50 4c 00 48 85 ed 75 0d e8 da 54 4c 00 48 89 d8 5b 5d 41 5c c3 e8 cd 54 4c 00 90 <0f> 0b e8 c5 54 4c 00 48 c7 c0 10 00 da 8c 48 ba 00 00 00 00 00 fc [ 64.240443][ T4522] RSP: 0018:ffffc9000311fc28 EFLAGS: 00010293 [ 64.246915][ T4522] RAX: 0000000000000000 RBX: 0001784004002b48 RCX: ffffffff813b38b0 [pid 5072] <... umount2 resumed>) = 0 [pid 5073] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5184, si_uid=0, si_status=0, si_utime=0, si_stime=1 /* 0.01 s */} --- [pid 5069] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=5180, si_uid=0, si_status=0, si_utime=0, si_stime=2 /* 0.02 s */} --- [pid 5068] newfstatat(3, "", [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] restart_syscall(<... resuming interrupted clone ...> [pid 5069] restart_syscall(<... resuming interrupted clone ...> [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5073] newfstatat(AT_FDCWD, "./16/file0", [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] newfstatat(AT_FDCWD, "./17/file0", [pid 5070] <... restart_syscall resumed>) = 0 [pid 5069] <... restart_syscall resumed>) = 0 [pid 5068] getdents64(3, [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] newfstatat(AT_FDCWD, "./17/file0", [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5071] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] umount2("./15/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] umount2("./17/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] umount2("./16", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./18", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5068] newfstatat(AT_FDCWD, "./15/binderfs", [pid 5073] <... openat resumed>) = 4 [pid 5072] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5071] <... openat resumed>) = 4 [pid 5070] openat(AT_FDCWD, "./16", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5069] openat(AT_FDCWD, "./18", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5073] newfstatat(4, "", [pid 5072] openat(AT_FDCWD, "./17/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5071] newfstatat(4, "", [pid 5070] <... openat resumed>) = 3 [pid 5069] <... openat resumed>) = 3 [pid 5068] unlink("./15/binderfs" [pid 5073] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5072] <... openat resumed>) = 4 [pid 5071] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5070] newfstatat(3, "", [pid 5069] newfstatat(3, "", [pid 5068] <... unlink resumed>) = 0 [pid 5073] getdents64(4, [pid 5072] newfstatat(4, "", [pid 5071] getdents64(4, [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5068] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5072] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5071] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5070] getdents64(3, [pid 5069] getdents64(3, [pid 5073] getdents64(4, [pid 5072] getdents64(4, [pid 5071] getdents64(4, [pid 5070] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 4 entries */, 32768) = 112 [pid 5073] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5071] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5070] umount2("./16/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5069] umount2("./18/binderfs", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] close(4 [pid 5072] getdents64(4, [pid 5071] close(4 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] <... close resumed>) = 0 [pid 5072] <... getdents64 resumed>0x555555673730 /* 0 entries */, 32768) = 0 [pid 5071] <... close resumed>) = 0 [pid 5070] newfstatat(AT_FDCWD, "./16/binderfs", [pid 5069] newfstatat(AT_FDCWD, "./18/binderfs", [pid 5068] <... umount2 resumed>) = 0 [pid 5073] rmdir("./16/file0" [pid 5072] close(4 [pid 5071] rmdir("./17/file0" [pid 5070] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] <... newfstatat resumed>{st_mode=S_IFLNK|0777, st_size=13, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5069] unlink("./18/binderfs") = 0 [pid 5069] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] unlink("./16/binderfs" [pid 5071] <... rmdir resumed>) = 0 [pid 5070] <... unlink resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5070] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... close resumed>) = 0 [pid 5071] getdents64(3, [pid 5073] getdents64(3, [pid 5072] rmdir("./17/file0" [pid 5071] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5073] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] close(3 [pid 5073] close(3 [pid 5071] <... close resumed>) = 0 [pid 5073] <... close resumed>) = 0 [pid 5072] getdents64(3, [pid 5071] rmdir("./17" [pid 5073] rmdir("./16" [pid 5072] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5071] <... rmdir resumed>) = 0 [pid 5073] <... rmdir resumed>) = 0 [pid 5072] close(3 [pid 5071] mkdir("./18", 0777 [pid 5072] <... close resumed>) = 0 [pid 5071] <... mkdir resumed>) = 0 [pid 5072] rmdir("./17" [pid 5073] mkdir("./17", 0777 [pid 5072] <... rmdir resumed>) = 0 [pid 5071] openat(AT_FDCWD, "/dev/loop3", O_RDWR) = 3 [pid 5073] <... mkdir resumed>) = 0 [pid 5069] <... umount2 resumed>) = 0 [pid 5071] ioctl(3, LOOP_CLR_FD) = -1 ENXIO (No such device or address) [pid 5071] close(3 [pid 5072] mkdir("./18", 0777 [pid 5071] <... close resumed>) = 0 [pid 5072] <... mkdir resumed>) = 0 [pid 5071] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5072] openat(AT_FDCWD, "/dev/loop4", O_RDWR [pid 5069] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... openat resumed>) = 3 [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] newfstatat(AT_FDCWD, "./18/file0", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5072] ioctl(3, LOOP_CLR_FD [pid 5069] umount2("./18/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5072] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5069] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5072] close(3) = 0 [pid 5069] openat(AT_FDCWD, "./18/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [ 64.255227][ T4522] RDX: ffff88807a895940 RSI: ffffffff813b3933 RDI: 0000000000000006 [ 64.263234][ T4522] RBP: 000100c084002b48 R08: 0000000000000006 R09: 000100c084002b48 [ 64.272073][ T4522] R10: 0001784004002b48 R11: 1ffffffff19f6e10 R12: 0000000000000000 [ 64.280484][ T4522] R13: ffffc9000311fc88 R14: 000100c004002b48 R15: 0000000000000000 [ 64.288715][ T4522] FS: 00007fa1573cbc80(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 64.299672][ T4522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [pid 5072] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5069] <... openat resumed>) = 4 ./strace-static-x86_64: Process 5185 attached [pid 5073] openat(AT_FDCWD, "/dev/loop5", O_RDWR [pid 5068] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5071] <... clone resumed>, child_tidptr=0x55555566a650) = 5185 [pid 5069] newfstatat(4, "", {st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] getdents64(4, 0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] getdents64(4, 0x555555673730 /* 0 entries */, 32768) = 0 [pid 5069] close(4) = 0 [pid 5069] rmdir("./18/file0" [pid 5072] <... clone resumed>, child_tidptr=0x55555566a650) = 5186 [pid 5069] <... rmdir resumed>) = 0 [pid 5069] getdents64(3, [pid 5070] <... umount2 resumed>) = 0 [pid 5069] <... getdents64 resumed>0x55555566b6f0 /* 0 entries */, 32768) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5185] set_robust_list(0x55555566a660, 24 [pid 5073] <... openat resumed>) = 3 [pid 5069] close(3 [pid 5068] newfstatat(AT_FDCWD, "./15/file0", [pid 5069] <... close resumed>) = 0 [pid 5069] rmdir("./18" [pid 5070] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5073] ioctl(3, LOOP_CLR_FD [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5069] <... rmdir resumed>) = 0 [pid 5068] umount2("./15/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5070] newfstatat(AT_FDCWD, "./16/file0", [pid 5069] mkdir("./19", 0777 [pid 5185] <... set_robust_list resumed>) = 0 [pid 5073] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_SYMLINK_NOFOLLOW) = 0 [pid 5068] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5073] close(3 [pid 5069] <... mkdir resumed>) = 0 [pid 5070] umount2("./16/file0", MNT_DETACH|UMOUNT_NOFOLLOW [pid 5185] chdir("./18" [pid 5068] openat(AT_FDCWD, "./15/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY./strace-static-x86_64: Process 5186 attached [pid 5073] <... close resumed>) = 0 [pid 5073] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD [pid 5070] <... umount2 resumed>) = -1 EINVAL (Invalid argument) [pid 5070] openat(AT_FDCWD, "./16/file0", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY [pid 5068] <... openat resumed>) = 4 [pid 5070] <... openat resumed>) = 4 [pid 5070] newfstatat(4, "", [pid 5069] openat(AT_FDCWD, "/dev/loop1", O_RDWR [pid 5070] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5069] <... openat resumed>) = 3 [pid 5070] getdents64(4, [pid 5069] ioctl(3, LOOP_CLR_FD [pid 5070] <... getdents64 resumed>0x555555673730 /* 2 entries */, 32768) = 48 [pid 5069] <... ioctl resumed>) = -1 ENXIO (No such device or address) [pid 5068] newfstatat(4, "", [pid 5186] set_robust_list(0x55555566a660, 24./strace-static-x86_64: Process 5187 attached [pid 5187] set_robust_list(0x55555566a660, 24 [pid 5186] <... set_robust_list resumed>) = 0 [pid 5073] <... clone resumed>, child_tidptr=0x55555566a650) = 5187 [pid 5070] getdents64(4, [pid 5069] close(3 [pid 5068] <... newfstatat resumed>{st_mode=S_IFDIR|0700, st_size=4096, ...}, AT_EMPTY_PATH) = 0 [pid 5187] <... set_robust_list resumed>) = 0 [ 64.307048][ T4522] CR2: 00007faa018b20f8 CR3: 00000000278f1000 CR4: 0000000000350ef0 [ 64.321870][ T4522] Kernel panic - not syncing: Fatal exception [ 64.328211][ T4522] Kernel Offset: disabled [ 64.332542][ T4522] Rebooting in 86400 seconds..